SPMS Security Issues. JACoW Team Meeting 2011 SINAP. Ivan Andrian JACoW
|
|
- Gwendoline McCormick
- 5 years ago
- Views:
Transcription
1 SPMS Security Issues Team Meeting 2011 SINAP Ivan Andrian
2 Current security flaws SPMS is Oracle-based, installed in the Regional Support Centres The Upload/Download scripts are Perl-based, and run on a different server (the conference FileServer) The scripts do NOT have access to the DB for security reasons Different institutes/teams/policies Shared Oracle servers / conference server 2 Team Meeting 2011 SINAP SPMS Security Issues
3 URL spoofing By knowing the syntax of a Download URL it is possible to download whatever other Paper you want By building a well done HTML form, it is also possible to inject files onto the conference fileserver Limited to the papers directory (O.S. is safe!) All versions are kept and logs taken 3 Team Meeting 2011 SINAP SPMS Security Issues
4 Possible methods of security enhancement Connection to the DB (impossible for security reasons) Shared password (needs to be passed via HTTP insecure) Web Server source (SPMS) control (Apache, IIS, ) custom and non standard HTTP_REFERER medium quality measure (browser based) Hashed passwords 4 Team Meeting 2011 SINAP SPMS Security Issues
5 HTTP_REFERER check When clicking on a URL on a web page (or posting a FORM) usually brings the source URL to the target The web browser controls this behaviour Depends on the client s browser Custom-hacked browsers can modify this value Spoofable, even if difficult for the average user Proxies and firewalls can modify this value 5 Team Meeting 2011 SINAP SPMS Security Issues
6 HTTP_REFERER tests Upload/Download Scripts modified during IPAC2011 Now it is possible to configure a number of URLs as valid referrers in the configuration file A global password can override this behaviour (for direct downloads in batch Volker s JPSP) Unfortunately... doesn t work! 6 Team Meeting 2011 SINAP SPMS Security Issues
7 IPAC2011 production tests CERN RSP Oracle infrastructure (web/application server) File ESS Bilbao Ubuntu Linux LTS 7 Team Meeting 2011 SINAP SPMS Security Issues
8 Debugging: CERN ESS file upload (Perl) - DEBUG OPTIONS: { } REFERER == 'timeout' => 600, 'debug' => 1, 'referer_pwd_override' => 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'referer' => 0, Server filesystem type: Unix. Client platform detected: Linux FILENAME PARTS (NAME,DIR,EXT): FRYCA01.txt./ uploaded_file_info { 'Content-Type' => 'text/plain', 'Content-Disposition' => 'form-data; name="file_name"; filename="fryca01.txt"' } 8 Team Meeting 2011 SINAP SPMS Security Issues
9 Debugging: Elettra ESS file upload (Perl) - DEBUG OPTIONS: { 'timeout' => 600, 'debug' => 1, 'referer_pwd_override' => 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'referer' => 0, } REFERER == Server filesystem type: Unix. Client platform detected: Linux FILENAME PARTS (NAME,DIR,EXT): FRYCA01.txt./ uploaded_file_info { 'Content-Type' => 'text/plain', 'Content-Disposition' => 'form-data; name="file_name"; filename="fryca01.txt"' } 9 Team Meeting 2011 SINAP SPMS Security Issues
10 Debugging: CERN Elettra file upload (Perl) - DEBUG OPTIONS: { } REFERER == 'timeout' => 600, 'debug' => 1, 'referer_pwd_override' => 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'referer' => 0, Server filesystem type: Unix. Client platform detected: Linux FILENAME PARTS (NAME,DIR,EXT): FRYCA01.txt./ uploaded_file_info { 'Content-Type' => 'text/plain', 'Content-Disposition' => 'form-data; name="file_name"; filename="fryca01.txt"' } 10 Team Meeting 2011 SINAP SPMS Security Issues
11 Another solution Preshared key in SPMS & Scripts The SPMS could send (in clear) a HASH of the password and the paper code The Scripts could check the HASH against the known preshared key A different HASH for each paper ID not usable for crosspaper ID spoofing 11 Team Meeting 2011 SINAP SPMS Security Issues
12 What s needed for this method Agree on a hash algorithm (MD5? SHA1? ) Modify the SPMS code to pass this hash easy (Matt) Modify the Scripts to use/check this hash easy (Ivan) Use it! easy (*) 12 Team Meeting 2011 SINAP SPMS Security Issues
13 Conclusions We can improve security Modifying the upload/download scripts isn t enough With small changes to SPMS and UDS we can strengthen the SPMS 13 Team Meeting 2011 SINAP SPMS Security Issues
14 SPMS / Conference Website Data Exchange Team Meeting 2011 SINAP Ivan Andrian <ivan.andrian@elettra.trieste.it>
15 Tools to build a better Conference Website Examples: List of Participants Scientific Programme Abstract Submission Report Industrial Exhibition Layout and Reservations Industrial Exhibitors Report Delegate Registration Report 15 Team Meeting 2011 SINAP SPMS Security Issues
16 Conference WebSites variety Up to Conference Organisers tastes & infrastructure PHP ASP.Net Wiki-based sites CMS-based sites (WordPress, Joomla, Drupal,...) Impossible to standardise Could be a plus for the Conference (characterisation) 16 Team Meeting 2011 SINAP SPMS Security Issues
17 Different data extract types Open HTML pages from the SPMS List of Participants e.g. Conference WebSite can just grab data & display Open text data to be processed Conference dates Restricted text data to be processed List of Participants Now there s a dedicated SPMS Package: Xtract 17 Team Meeting 2011 SINAP SPMS Security Issues
18 Conference Dates e.g.: Conference WebSites (CWS) need to be up-to-date Possible inconsistency when changing SPMS values Live key dates taken from the SPMS Get Put the values onto the CWS as needed Procedure dependent on the CWS framework 18 Team Meeting 2011 SINAP SPMS Security Issues
19 List of Participants CSV format data extract Get Put the data onto the CWS as wanted Consistent names & Affiliation List No problems with special characters (ç, š, ñ, etc.) Just found a small bug! Will fix after TM (Sorry!) 19 Team Meeting 2011 SINAP SPMS Security Issues
20 Registration Statistics Build graphs of Registration Statistics trends Get Use the data within the CWS framework Put into CWS database & process Use Google Graphs etc. 20 Team Meeting 2011 SINAP SPMS Security Issues
21 Example (EPAC08-based) cron.php (cron: 1h exec... time: 1sec) Get Save attendees Get Save stats Create rrd db (system call: rrdtools 20/03/2008, 21, D create) Insert stats into db (system call: rrdtools update) Create graph (system call: rrdtools graph) Adjust image Remove db... "Boland","Mark","New Affiliation Request Pending","Australia","D" "Spencer","Martin","The Australian Synchrotron Project","Australia","D" "Conard","Milo","Particle Accelerator Consultants","Belgium","D"... 19/03/2008, 10, D 19/03/2008, 1, S 21/03/2008, 3, D Team Meeting 2011 SINAP SPMS Security Issues
22 22 Team Meeting 2011 SINAP SPMS Security Issues
23 Abstract submission report Similar to Registration Statistics data extract Day-by-day abstracts submitted counts CSV data to be processed Password-protected data extract (SPMS parameter) 23 Team Meeting 2011 SINAP SPMS Security Issues
24 Industrial Exhibition Layout The idea is to show a live map with booths status Booths Layout Available booths Reserved booths Reserved booths status taken from the SPMS External tools to create the map (PHP, libgd, etc.) Create a live image to display on registration page/cws 24 Team Meeting 2011 SINAP SPMS Security Issues
25 Procedure (EPAC08-based) png.php?f=0 SPMS Booth No. 63 Booth No. 64 Booth No. 65 Booth No. 66 Booth No. 67 Booth No. 68 Booth No. 69 Booth No. 70 Booth No. 71 Booth No. 72 Booth No Load boothsmap.dat Load boothsmapbase.png (libgd php functions) Draw booths (available / taken) Save & return boothsmap.png 63=[180,35,215,46] 64=[55,35,90,46] Team Meeting 2011 SINAP SPMS Security Issues
26 26 Team Meeting 2011 SINAP SPMS Security Issues
27 Scientific Programme Reports already exist in SPMS Pretty, but do not integrate well with CWSs Want ability customise the programme on CWS? OK, let s go! 27 Team Meeting 2011 SINAP SPMS Security Issues
28 Let s get the data first Based on the big post-conference XML Yes, it s big Did I tell you it s big? OK, I tell you. It s BIG For EPAC 08, it took ~300 to get (yes, 5 ) 28 Team Meeting 2011 SINAP SPMS Security Issues
29 So, let s do it every now and then... (w)get (every hour, exec time: 5, 15MB for EPAC08) xml2obj.php (exec time: 3 ) 1. Load spms.xml 2. Extract data from XML (php function: simplexml_load_file), build programme and abstract objects with essential fields 3. Save spms.programme (500KB) 4. Save spms.abstracts (1.1MB) 29 Team Meeting 2011 SINAP SPMS Security Issues
30 Create the final data files programme.php (cron: 1h exec time: 0.5 ) 1. Load spms.programme 2. Load spms.abstracts 3. Compose HTML programme pages 4. Save programme.xx-yy (1 per day) 5. Compose HTML abstract pages 6. Save abstract.xxxxxxx (1 per abstract) 30 Team Meeting 2011 SINAP SPMS Security Issues
31 Integrate into CWS Using the CWS framework tools, display the programme Easy to do with just HTML, CSS and JavaScript Load programme.xx-yy HTML page Compose page with link to extra CSS & JavaScript code (using prototype.js) Customised for the CWS styles 31 Team Meeting 2011 SINAP SPMS Security Issues
32 32 Team Meeting 2011 SINAP SPMS Security Issues
33 Extended to the venue 33 Team Meeting 2011 SINAP SPMS Security Issues
34 Conclusions and open questions There are things where the SPMS is not enough Dependent on CWS infrastructure and tools Something could be standardised Image maps creation We ll think of a central facility: Elettra probably easier support Scientific Programme: hard but nice We ll test the SPMS programme with CSS 34 Team Meeting 2011 SINAP SPMS Security Issues
SPMS / Conference Website Data Exchange. JACoW Team Meeting 2011 SINAP. Ivan Andrian JACoW
SPMS / Conference Website Data Exchange Team Meeting 2011 SINAP Ivan Andrian Tools to build a better Conference Website Examples: List of Participants Scientific Programme
More informationLecture Overview. IN5290 Ethical Hacking. Lecture 4: Web hacking 1, Client side bypass, Tampering data, Brute-forcing
Lecture Overview IN5290 Ethical Hacking Lecture 4: Web hacking 1, Client side bypass, Tampering data, Brute-forcing Summary - how web sites work HTTP protocol Client side server side actions Accessing
More informationAll India Council For Research & Training
WEB DEVELOPMENT & DESIGNING Are you looking for a master program in web that covers everything related to web? Then yes! You have landed up on the right page. Web Master Course is an advanced web designing,
More information0. Introduction On-demand. Manual Backups Full Backup Custom Backup Store Your Data Only Exclude Folders.
Backup & Restore 0. Introduction..2 1. On-demand. Manual Backups..3 1.1 Full Backup...3 1.2 Custom Backup 5 1.2.1 Store Your Data Only...5 1.2.2 Exclude Folders.6 1.3 Restore Your Backup..7 2. On Schedule.
More informationWeb Development IB PRECISION EXAMS
PRECISION EXAMS Web Development IB EXAM INFORMATION Items 53 Points 73 Prerequisites COMPUTER TECHNOLOGY Grade Level 10-12 Course Length ONE YEAR Career Cluster INFORMATION TECHNOLOGY Performance Standards
More informationProgramming the World Wide Web by Robert W. Sebesta
Programming the World Wide Web by Robert W. Sebesta Tired Of Rpg/400, Jcl And The Like? Heres A Ticket Out Programming the World Wide Web by Robert Sebesta provides students with a comprehensive introduction
More informationWeb insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.
Web Security Web Programming Uta Priss ZELL, Ostfalia University 2013 Web Programming Web Security Slide 1/25 Outline Web insecurity Security strategies General security Listing of server-side risks Language
More informationWeb Hosting. Important features to consider
Web Hosting Important features to consider Amount of Storage When choosing your web hosting, one of your primary concerns will obviously be How much data can I store? For most small and medium web sites,
More informationGetting Started with Web Hosting, & FTP
Getting Started with Web Hosting, Email & FTP Issue 1.01 Table of Contents Table of Contents... 1 Remove Parking from a Domain & Add Web Hosting... 3 Step 1... 3 Step 2... 3 Step 3... 4 Step 4... 4 Step
More informationGet in Touch Module 1 - Core PHP XHTML
PHP/MYSQL (Basic + Advanced) Web Technologies Module 1 - Core PHP XHTML What is HTML? Use of HTML. Difference between HTML, XHTML and DHTML. Basic HTML tags. Creating Forms with HTML. Understanding Web
More informationPrincess Nourah bint Abdulrahman University. Computer Sciences Department
Princess Nourah bint Abdulrahman University Computer Sciences Department 1 And use http://www.w3schools.com/ PHP Part 1 Objectives Introduction to PHP Computer Sciences Department 4 Introduction HTML CSS
More informationWeb Programming Paper Solution (Chapter wise)
Introduction to web technology Three tier/ n-tier architecture of web multitier architecture (often referred to as n-tier architecture) is a client server architecture in which presentation, application
More informationInternet programming Lab. Lecturer Mariam A. Salih
Internet programming Lab. Lecturer Mariam A. Salih The Internet : The Internet is a worldwide network of computer systems through which information can be easily shared. Browsers : To view information
More informationOne of the fundamental kinds of websites that SharePoint 2010 allows
Chapter 1 Getting to Know Your Team Site In This Chapter Requesting a new team site and opening it in the browser Participating in a team site Changing your team site s home page One of the fundamental
More informationCIS 086 : Week 1. Web Development with PHP and MySQL
+ CIS 086 : Week 1 Web Development with PHP and MySQL + Introduction n Instructor: Mark Brautigam n You: Skills and Technology Survey n You: Expectations of this class n You: Introduce yourself on the
More informationCase Study. CMS for Management of Monetization Training Resources
Case Study CMS for Management of Monetization Training Resources Client Requirement The client is a digital marketing company providing efficient strategies for marketing and data monetization to their
More informationInstructor s Notes Web Data Management Web Client/Server Concepts. Web Data Management Web Client/Server Concepts
Instructor s Web Data Management Web Client/Server Concepts Web Data Management 152-155 Web Client/Server Concepts Quick Links & Text References Client / Server Concepts Pages 4 11 Web Data Mgt Software
More information(p t y) lt d. 1995/04149/07. Course List 2018
JAVA Java Programming Java is one of the most popular programming languages in the world, and is used by thousands of companies. This course will teach you the fundamentals of the Java language, so that
More informationShankersinh Vaghela Bapu Institue of Technology
Branch: - 6th Sem IT Year/Sem : - 3rd /2014 Subject & Subject Code : Faculty Name : - Nitin Padariya Pre Upload Date: 31/12/2013 Submission Date: 9/1/2014 [1] Explain the need of web server and web browser
More informationMIRO DIETIKER Founder
DRUPAL SECURITY MIRO DIETIKER Founder I am I am consulting End User Agencies Site builder Hosters Developer Maintainer Open Source Initiative Leader Spring 2017 Security - Responsible disclosure...a vulnerability
More informationBasics of Web. First published on 3 July 2012 This is the 7 h Revised edition
First published on 3 July 2012 This is the 7 h Revised edition Updated on: 03 August 2015 DISCLAIMER The data in the tutorials is supposed to be one for reference. We have made sure that maximum errors
More informationDiskPulse DISK CHANGE MONITOR
DiskPulse DISK CHANGE MONITOR User Manual Version 10.5 Feb 2018 www.diskpulse.com info@flexense.com 1 1 DiskPulse Overview...3 2 DiskPulse Product Versions...5 3 Using Desktop Product Version...6 3.1 Product
More informationDrupal Hosting. April 19, Northeast Ohio Drupal User Group 1
Northeast Ohio Drupal User Group 1 Security: PSA came out Monday regarding a d8 release for Wednesday. The notice suggested that it was a serious flaw and exploits were expected within short order after
More informationCNIT 129S: Securing Web Applications. Ch 10: Attacking Back-End Components
CNIT 129S: Securing Web Applications Ch 10: Attacking Back-End Components Injecting OS Commands Web server platforms often have APIs To access the filesystem, interface with other processes, and for network
More informationUpload to your web space (e.g., UCSC) Due this Thursday 4/8 in class Deliverable: Send me an with the URL Grading:
CS 183 4/6/2010 Build a simple HTML page, topic of your choice Will use this as a basis and gradually and add more features as the class progresses Need to be done with your favorite text editor, no visual
More informationSome things to watch out for when using PHP and Javascript when building websites
Some things to watch out for when using PHP and Javascript when building websites Les Hatton 10 Sep 2003 1 PHP PHP is a C-like language which evolved from Perl scripts originally produced by Rasmus Lerdorf
More informationIntroduction to PHP. Handling Html Form With Php. Decisions and loop. Function. String. Array
Introduction to PHP Evaluation of Php Basic Syntax Defining variable and constant Php Data type Operator and Expression Handling Html Form With Php Capturing Form Data Dealing with Multi-value filed Generating
More information20. Web Hosting 웹프로그래밍 2016 년 1 학기 충남대학교컴퓨터공학과
20. Web Hosting 웹프로그래밍 2016 년 1 학기 충남대학교컴퓨터공학과 목차 Web Hosting Introduction Web Hosting Providers Web Hosting Domain Names Web Hosting Capacities Web Hosting E-mail Services Web Hosting Technologies Web
More informationPHP-security Software lifecycle General Security Webserver security PHP security. Security Summary. Server-Side Web Languages
Security Summary Server-Side Web Languages Uta Priss School of Computing Napier University, Edinburgh, UK Copyright Napier University Security Summary Slide 1/15 Outline PHP-security Software lifecycle
More informationSeema Sirpal Delhi University Computer Centre
Getting Started on HTML & Web page Design Seema Sirpal Delhi University Computer Centre How to plan a web development project draft a design document convert text to HTML use Frontpage to create web pages
More information1.1 A Brief Intro to the Internet
1.1 A Brief Intro to the Internet - Origins - ARPAnet - late 1960s and early 1970s - Network reliability - For ARPA-funded research organizations - BITnet, CSnet - late 1970s & early 1980s - email and
More informationWebsites. Version 1.7
Websites Version 1.7 Last edited 15 Contents MyNetball Information...3 Websites...4 Web packages...4 Setting up the layout...5 Uploading files and images...6 Using Dropbox to Increase your Website Data...7
More informationDreamFactory Security Guide
DreamFactory Security Guide This white paper is designed to provide security information about DreamFactory. The sections below discuss the inherently secure characteristics of the platform and the explicit
More informationFrequently Asked Questions Exhibitor Online Platform. Simply pick the subject (below) that covers your query and topic to access the FAQs:
Exhibitor Online Platform Simply pick the subject (below) that covers your query and topic to access the FAQs: 1. What is Exhibitor Online Platform (EOP)?...2 2. System requirements...3 2.1. What are the
More informationOh yes, wpcache comes with a dashboard wpcache is not Plugin!
1 What is Happening? Oh yes, wpcache comes with a dashboard wpcache is not Plugin! Performance. Speed. Scalability. wpcache delivers world-class content delivery solutions. You are empowered to increase
More informationJSN UniForm User Manual. Introduction. A simple contact form created by JSN UniForm. JSN UniForm is a Joomla form extension which helps you create
JSN UniForm User Manual Introduction A simple contact form created by JSN UniForm JSN UniForm is a Joomla form extension which helps you create forms quickly and easily - from normal forms to complex forms.
More informationMini Project - Phase 2 Connexus Website
Mini Project - Phase 2 Connexus Website The url to Connexus Website: http://connexus-beta.appspot.com/ Here is my github repository: https://github.com/azizclass/nimadini The second phase is in the MiniProject-Phase2/Connexus
More informationDreamweaver MX The Basics
Chapter 1 Dreamweaver MX 2004 - The Basics COPYRIGHTED MATERIAL Welcome to Dreamweaver MX 2004! Dreamweaver is a powerful Web page creation program created by Macromedia. It s included in the Macromedia
More informationFull version is >>> HERE <<<
how to create a database in netbeans 6.9; create a database in excel youtube; how to create a database with mysql command line; create a database backup job using sql server management studio Full version
More informationCreating an Online Catalogue Search for CD Collection with AJAX, XML, and PHP Using a Relational Database Server on WAMP/LAMP Server
CIS408 Project 5 SS Chung Creating an Online Catalogue Search for CD Collection with AJAX, XML, and PHP Using a Relational Database Server on WAMP/LAMP Server The catalogue of CD Collection has millions
More informationWorld Wide Web. World Wide Web - how it works. WWW usage requires a combination of standards and protocols DHCP TCP/IP DNS HTTP HTML MIME
World Wide Web WWW usage requires a combination of standards and protocols DHCP TCP/IP DNS HTTP HTML MIME World Wide Web - how it works User on a machine somewhere Server machine Being more specific...
More informationIBM Forms V8.0 Custom Themes IBM Corporation
IBM Forms V8.0 Custom Themes Agenda 2 Overview Class Names How to Use Best Practice Styling Form Items Test Custom CSS Sample Overview 3 To create custom theme you must be familiar with the basic concept
More informationBasic Functionality for Scientific Programme Management with SPMS During the Conference
Basic Functionality for Scientific Programme Management with SPMS During the Conference Christine Petit-Jean-Genaz Conferences Coordinator for IPACs in Europe JACoW Deputy Chair and Secretary SPMS Repository
More informationStatic Webpage Development
Dear Student, Based upon your enquiry we are pleased to send you the course curriculum for PHP Given below is the brief description for the course you are looking for: - Static Webpage Development Introduction
More informationThe Australia Pain Society 33 rd Annual Scientific Meeting National Convention Centre, Canberra March 2013
SMARTPHONE/TABLET APP USER GUIDE The Australia Pain Society 33 rd Annual Scientific Meeting National Convention Centre, Canberra 17 20 March 2013 ACCESSING THE APP Complimentary Wi- Fi Internet is provided
More informationSTRANDS AND STANDARDS
STRANDS AND STANDARDS Course Description Web Development is a course designed to guide students in a project-based environment in the development of up-to-date concepts and skills that are used in the
More informationLecture 3: Web Servers / PHP and Apache. CS 383 Web Development II Monday, January 29, 2018
Lecture 3: Web Servers / PHP and Apache CS 383 Web Development II Monday, January 29, 2018 Server Configuration One of the most common configurations of servers meant for web development is called a LAMP
More informationDeveloping Web Applications
Developing Web Applications Ralph Moseley Middlesex University IIICENTCNNIAL 1807 ewiley 2007 13ICCNTENNIAL John Wiley & Sons, Ltd Preface Introduction Features Additional Materials Trademarks Acknowledgments
More informationRolePoint Apply. Product Overview.
RolePoint Apply Product Overview www.rolepoint.com Contents Introduction High Level Architecture Building an Apply Process - Creating an Account - Building Process - Preview Jobs Managing Your RolePoint
More informationAlpha College of Engineering and Technology. Question Bank
Alpha College of Engineering and Technology Department of Information Technology and Computer Engineering Chapter 1 WEB Technology (2160708) Question Bank 1. Give the full name of the following acronyms.
More informationExcerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt
Excerpts of Web Application Security focusing on Data Validation adapted for F.I.S.T. 2004, Frankfurt by fs Purpose of this course: 1. Relate to WA s and get a basic understanding of them 2. Understand
More informationJoomla 3.X Global Settings Part III Server Settings
Joomla 3.X Global Settings Part III Server Settings Diagram 1 Path to Temp Folder: This is a text box adjacent to this prompt which holds the path to Joomla s temp folder on the web server. This is the
More informationHostPress.ca. User manual. July Version 1.0. Written by: Todd Munro. 1 P age
HostPress.ca User manual For your new WordPress website July 2010 Version 1.0 Written by: Todd Munro 1 P age Table of Contents Introduction page 3 Getting Ready page 3 Media, Pages & Posts page 3 7 Live
More informationAttacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14
Attacks Against Websites 3 The OWASP Top 10 Tom Chothia Computer Security, Lecture 14 OWASP top 10. The Open Web Application Security Project Open public effort to improve web security: Many useful documents.
More informationFAST TRACK YOUR AMAZON AWS CLOUD TECHNICAL SKILLS. Enterprise Website Hosting with AWS
FAST TRACK YOUR AMAZON AWS CLOUD TECHNICAL SKILLS Enterprise Website Hosting with AWS 2 Day Course Outline Table of Contents Introduction Course Structure Course Outline Day 1 - Introduction to Cloud Computing,
More informationCase study on PhoneGap / Apache Cordova
Chapter 1 Case study on PhoneGap / Apache Cordova 1.1 Introduction to PhoneGap / Apache Cordova PhoneGap is a free and open source framework that allows you to create mobile applications in a cross platform
More informationWeb Servers and Security
Web Servers and Security The Web is the most visible part of the net Two web servers Apache (open source) and Microsoft s IIS dominate the market (Apache has 70%; IIS has 20%) Both major servers have lots
More informationPrototype DIRAC portal for EISCAT data Short instruction
Prototype DIRAC portal for EISCAT data Short instruction Carl-Fredrik Enell January 19, 2017 1 Introduction 1.1 DIRAC EGI, first European Grid Initiative, later European Grid Infrastructure, and now simply
More informationDrupal Command Line Instructions Windows 7 Network Drive >>>CLICK HERE<<<
Drupal Command Line Instructions Windows 7 Network Drive Applying patches, modifying files according to instructions in the patch file, This page only deals with some basic principles using the command
More informationLesson 9 Transcript: Backup and Recovery
Lesson 9 Transcript: Backup and Recovery Slide 1: Cover Welcome to lesson 9 of the DB2 on Campus Lecture Series. We are going to talk in this presentation about database logging and backup and recovery.
More informationA Management System for Online Presentations at Meetings. Krzysztof Wrona (ZEUS) DESY Hamburg
A Management System for Online Presentations at Meetings Krzysztof Wrona (ZEUS) DESY Hamburg 22 April, 2002 1 Motivation Daily tasks at research institutes Preparing and improving an experiment Collecting
More informationWordPress SEO. Basic SEO Practices Using WordPress. Leo Wadsworth LeoWadsworth.com
Basic SEO Practices Using WordPress Leo Wadsworth LeoWadsworth.com Copyright 2012, by Leo Wadsworth, all rights reserved. Unless you have specifically purchased additional rights, this work is for personal
More informationTechnical Overview. Access control lists define the users, groups, and roles that can access content as well as the operations that can be performed.
Technical Overview Technical Overview Standards based Architecture Scalable Secure Entirely Web Based Browser Independent Document Format independent LDAP integration Distributed Architecture Multiple
More informationNews from the Wrapper
News from the Wrapper Gesellschaft für Schwerionenforschung mbh Darmstadt, Germany JACoW Team Meeting 2004 Knoxville, Tennessee November 7, 2004 What is still the same? What is still the same? What has
More informationDIGIT.B4 Big Data PoC
DIGIT.B4 Big Data PoC GROW Transpositions D04.01.Information System Table of contents 1 Introduction... 4 1.1 Context of the project... 4 1.2 Objective... 4 2 Technologies used... 5 2.1 Python... 5 2.2
More informationCreate-A-Page Design Documentation
Create-A-Page Design Documentation Group 9 C r e a t e - A - P a g e This document contains a description of all development tools utilized by Create-A-Page, as well as sequence diagrams, the entity-relationship
More informationEtanova Enterprise Solutions
Etanova Enterprise Solutions Server Side Development» 2018-06-28 http://www.etanova.com/technologies/server-side-development Contents.NET Framework... 6 C# and Visual Basic Programming... 6 ASP.NET 5.0...
More informationAttacks Against Websites. Tom Chothia Computer Security, Lecture 11
Attacks Against Websites Tom Chothia Computer Security, Lecture 11 A typical web set up TLS Server HTTP GET cookie Client HTML HTTP file HTML PHP process Display PHP SQL Typical Web Setup HTTP website:
More informationAttend Events. Version 0.9.x
Attend Events Version 0.9.x Contents 1 Introduction 3 1.1 Features................................ 3 1.2 JEvents Integration.......................... 4 2 Installation and Set-Up 5 2.1 Installation..............................
More informationUser Documentation. Studywiz Learning Environment. Student's Guide
User Documentation Studywiz Learning Environment Student's Guide Studywiz Learning Environment Student's Guide Contents 1 Introduction 4 1.1 Studywiz 4 1.2 The Studywiz Student s Guide 4 2 What s New
More informationDesign Document V2 ThingLink Startup
Design Document V2 ThingLink Startup Yon Corp Andy Chen Ashton Yon Eric Ouyang Giovanni Tenorio Table of Contents 1. Technology Background.. 2 2. Design Goal...3 3. Architectural Choices and Corresponding
More informationCSCI 1320 Creating Modern Web Applications. Content Management Systems
CSCI 1320 Creating Modern Web Applications Content Management Systems Brown CS Website 2 Static Brown CS Website Up since 1994 5.9 M files (inodes) 1.6 TB of filesystem space 3 Static HTML Generators Convert
More informationApplication Security through a Hacker s Eyes James Walden Northern Kentucky University
Application Security through a Hacker s Eyes James Walden Northern Kentucky University waldenj@nku.edu Why Do Hackers Target Web Apps? Attack Surface A system s attack surface consists of all of the ways
More informationWeb Servers and Security
Web Servers and Security The Web is the most visible part of the net Two web servers Apache (open source) and Microsoft s IIS dominate the market Apache has 49%; IIS has 36% (source: http://news.netcraft.com/archives/2008/09/30/
More informationPage 1 of 13. E-COMMERCE PROJECT HundW Consult MENA Instructor: Ahmad Hammad Phone:
E-COMMERCE PROJECT HundW Consult MENA Instructor: Ahmad Hammad Email: AhmadNassr@gmail.com Phone: 0599042502 1. Rationale This is the major project for both (Open Source and.net teams) as an E-Commerce
More informationNow go to bash and type the command ls to list files. The unix command unzip <filename> unzips a file.
wrangling data unix terminal and filesystem Grab data-examples.zip from top of lecture 4 notes and upload to main directory on c9.io. (No need to unzip yet.) Now go to bash and type the command ls to list
More informationUsing HTML Kit to Debug Server-Side Scripts
Using HTML Kit to Debug Server-Side Scripts by Peter Lavin April 21, 2004 Overview Browsers are notorious for rendering HTML pages perfectly even when a page contains errors. For instance, a button may
More informationDesign of Generic Web Based Automation Framework for Network Testing
Design of Generic Web Based Automation Framework for Network Testing S. Balamurugan Assistant Professor, Department of Information Technology, Perunthalaivar Kamarajar Institute of Engineering and Technology,
More informationUnit code: R/601/1288 QCF Level 4: BTEC Higher National Credit value: 15
Unit 15: Website Management Unit code: R/601/1288 QCF Level 4: BTEC Higher National Credit value: 15 Aim To enable learners to understand the concepts and knowledge required to effectively manage and maintain
More information1.1 A Brief Intro to the Internet
1.1 A Brief Intro to the Internet - Origins - ARPAnet - late 1960s and early 1970s - Network reliability - For ARPA-funded research organizations - BITnet, CSnet - late 1970s & early 1980s - email and
More informationHow To Install Pear Db In Xampp Windows 7 64 Bit >>>CLICK HERE<<<
How To Install Pear Db In Xampp Windows 7 64 Bit It contains: Apache, MySQL, PHP & PEAR, Perl, ProFTPD, phpmyadmin, with Xdebug and Xampp, 6 PhpMyAdmin 403 Access Forbidden, 7 Local test server security
More informationWeb Engineering (CC 552)
Web Engineering (CC 552) Introduction Dr. Mohamed Magdy mohamedmagdy@gmail.com Room 405 (CCIT) Course Goals n A general understanding of the fundamentals of the Internet programming n Knowledge and experience
More informationDocumentation. Visit the Documentation Online at:
Documentation Install Plugin Overview Settings How to add and edit entries From Administration Panel Front-end Form How to display them Shortcodes & PHP Function Layout Generator Front-end Form Generator
More informationSmart Bulk SMS & Voice SMS Marketing Script with 2-Way Messaging. Quick-Start Manual
Mobiketa Smart Bulk SMS & Voice SMS Marketing Script with 2-Way Messaging Quick-Start Manual Overview Mobiketa Is a full-featured Bulk SMS and Voice SMS marketing script that gives you control over your
More informationIntroduction to web development and HTML MGMT 230 LAB
Introduction to web development and HTML MGMT 230 LAB After this lab you will be able to... Understand the VIU network and web server environment and how to access it Save files to your web folder for
More informationData Feeds Traffic Setup Instructions
Data Feeds Traffic Setup Instructions In this document we ll first cover data feeds and traffic, then we ll cover actual setup. Data feeds are simple to find and simple to setup. They are also often less
More information20486-Developing ASP.NET MVC 4 Web Applications
Course Outline 20486-Developing ASP.NET MVC 4 Web Applications Duration: 5 days (30 hours) Target Audience: This course is intended for professional web developers who use Microsoft Visual Studio in an
More informationUploading a Form. 1. Login Screen. 2. Filled Forms Page
Uploading a Form 1. Login Screen You will be provided a link to this login screen by an administrator at either Victoria Forms or your organisation. To begin the process of uploading a form you must first
More informationCompuScholar, Inc. Alignment to Utah's Web Development I Standards
Course Title: KidCoder: Web Design Course ISBN: 978-0-9887070-3-0 Course Year: 2015 CompuScholar, Inc. Alignment to Utah's Web Development I Standards Note: Citation(s) listed may represent a subset of
More informationArchitecture. Steven M. Bellovin October 31,
Architecture Steven M. Bellovin October 31, 2016 1 Web Servers and Security The Web is the most visible part of the net Two web servers Apache (open source) and Microsoft s IIS dominate the market Apache
More informationDupScout DUPLICATE FILES FINDER
DupScout DUPLICATE FILES FINDER User Manual Version 10.3 Dec 2017 www.dupscout.com info@flexense.com 1 1 Product Overview...3 2 DupScout Product Versions...7 3 Using Desktop Product Versions...8 3.1 Product
More informationGlobal Servers. The new masters
Global Servers The new masters Course so far General OS principles processes, threads, memory management OS support for networking Protocol stacks TCP/IP, Novell Netware Socket programming RPC - (NFS),
More informationBook IX. Developing Applications Rapidly
Book IX Developing Applications Rapidly Contents at a Glance Chapter 1: Building Master and Detail Pages Chapter 2: Creating Search and Results Pages Chapter 3: Building Record Insert Pages Chapter 4:
More informationChapter 11 Program Development and Programming Languages
Chapter 11 Program Development and Programming Languages permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Programming
More informationRequest for Proposal (RFP) Toolkit
RFPToolkit Request for Proposal (RFP) Toolkit Table of Contents RFP Checklist......................................................... 2 6 Tips for Writing an RFP..............................................
More informationIntegrity attacks (from data to code): Malicious File upload, code execution, SQL Injection
Pattern Recognition and Applications Lab Integrity attacks (from data to code): Malicious File upload, code execution, SQL Injection Igino Corona igino.corona _at_ diee.unica.it Computer Security May 2nd,
More information1.1 A Brief Intro to the Internet
1.1 A Brief Intro to the Internet - Origins - ARPAnet - late 1960s and early 1970s - Network reliability - For ARPA-funded research organizations - BITnet, CSnet - late 1970s & early 1980s - email and
More informationCreating your own Website
Park Street Camera Club Creating your own Website What is a web site A set of interconnected web pages, usually including a homepage, generally located on the same server, and prepared and maintained as
More informationWeb Design E M I R R A H A M A N WEB DESIGN SIDES 2017 EMIR RAHAMAN 1
Web Design S ESSION 1: WEB BASICS E M I R R A H A M A N WEB DESIGN SIDES 2017 EMIR RAHAMAN 1 The World Wide Web (WWW) An information system of interlinked hypertext documents accessible via the Internet
More informationFusion Registry 9 SDMX Data and Metadata Management System
Registry 9 Data and Management System Registry 9 is a complete and fully integrated statistical data and metadata management system using. Whether you require a metadata repository supporting a highperformance
More information