Skip to main content

Posts

Showing posts with the label IT Security

Shortened URL - Security Risk or Rewards

URL Shortening Shortened URLs  offers several benefits by playing a vital role in digital marketing by  transforing lengthy URL into short and simple URL which can be shared on social media, blogs, emails and more. It is a technique that will redirect your short URL to specific website of your choice.  How ever short URLs produced by services like bit.ly and goo.gl, can be brute-forced.  And searching random shortened URLs could yield all sorts of secret documents. Plus, many of them can be edited, and can be infected with malware. Below image depicts the technique used by shortened URLs

Difference Between SFTP, FTPS, FTP Over SSH, SCP

Introduction. We are going to discuss various file transfer options in brief and the security concerns associated with them. By understanding how these solution operate we can have an informed decision over its usage across the organization . Let's see if we could find answers to below question.  Differences between FTP, SFTP, FTPS and FTP over SSH? Why not just use FTP? Why should I use SFTP instead of FTP? Is SFTP better than FTPS?

WPAD - Web Proxy Auto Discovery.

WPAD protocol is a mechanism used by web clients to locate a browser configuration file ( WPAD.dat ) to obtain nearby proxy server details.

Proxy Auto Configuration (PAC) File

What is PAC File? Proxy Auto Configuration file is text file having a single function containing various rules coded in JavaScript that instructs web browser to forward traffic to a proxy server or directly to the destination server. Along with proxy server details there are optional and additional parameter that specify when and under what circumstances a browser forwards traffic to proxy server. Example: function FindProxyForURL(url, host) { if (shExpMatch(url, "*.google.com/*"))        return 10.10.10.1:8080;        return DIRECT' } Advantage of PAC file: PAC file can be hosted on a centralized place such as workstation, internal web server, or server outside the corporate network. Perform Load distribution Handle proxy failover. Supported by all browsers. Exceptions rules can be configured for internal or external sites. Provides critical security, ensuring that traffic is always proxied when it should be. History Original...

How to Find Last Login/Logout on Linux System

In Linux/Unix like operating systems everything is logged. Many valuable log files are automatically created for you by Linux. You can find them in your /var/log directory.  This folder contains logs related to different services and applications. In this folder apart from other logs files we have some files such as utmp , wtmp and btmp . These files contains all the details about login’s and logout’s which are from local as well as from remote systems and system status such as uptime etc.

The Concise Guide to Proxies

In legal term doing proxy is a crime but in IT space it is a security measure, there are various usage and types of proxies.