Skip navigation
Help

TCP/IP

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

A newly discovered form of malware that targets Linux servers acting as Web servers allows an attacker to directly inject code into any page on infected servers—including error pages. The rootkit, which was first publicly discussed on the Full Disclosure security e-mail list on November 13, appears to be crafted for servers running the 64-bit version of Debian Squeeze and NGINX.

An analysis of the rootkit by Kaspersky Labs found that the malware inserts HTML iframe elements into every page served up to Web browsers connecting to the server. It does this by replacing the code that builds TCP/IP packets (tcp_sendmsg) with its own code. The malware then retrieves the code to be inserted into the iframe by connecting, botnet-like, to a command and control network with an encrypted password.

The rootkit, designated as Rootkit.Linux.Snakso.a by Kaspersky, is a new approach to drive-by downloads. They usually are based on PHP script—not code injected into the kernel of the operating system. Because the new rootkit infects the entire server and not just a specific page, the malware could affect dozens or even hundreds of websites at a time if it infects the server of a Web hosting provider.

Read 1 remaining paragraphs | Comments

0
Your rating: None

I'm trying to figure out how long it would take to send 1000 bytes of data if you have a bandwidth of 1mbps, but I want to take headers and trailers into account. However, I don't know to do this without being explicitly told what the headers and trailers are. Or maybe my approach is just wrong?

Can anyone help out? I posted on r/learnprogramming but found this which seems to be more fitting. If there's somewhere better to go, please tell me. Thank you.

submitted by dogboatmanface
[link] [11 comments]

0
Your rating: None

rhartness writes "I am a long time Software Engineer, however, almost all of my work has been developing server-side, intranet applications or applications for the Windows desktop environment. With that said, I have recently come up with an idea for a new website which would require extremely high levels of security (i.e. I need to be sure that my servers are as 100% rock-solid, unhackable as possible.) I am an experienced developer, and I have a general understanding of web security; however, I am clueless of what is requires to create a web server that is as secure as, say, a banking account management system. Can the Slashdot community recommend good websites, books, or any other resources that thoroughly discuss the topic of setting up a small web server or network for hosting a site that is as absolutely secure as possible?"

Read more of this story at Slashdot.

0
Your rating: None


Smart Grid, Utilities, and Internet Protocols

Google Tech Talk April 14, 2010 ABSTRACT Presented by Erich W. Gunther. The smart grid is a big topic these days, but before there was a smart grid newspaper headline, the utilities have been experimenting with TCP/IP in the backend networks for a while now. Erich Gunther of enernex (www.enernex.com) will present a reference model and concept of network operations for the power industry including how Internet Protocols fit in that space. Along the way he will touch on what has worked, what hasn't and some of the security issues along the way. Erich W. Gunther is the co-founder, chairman and chief technology officer for EnerNex Corporation - an electric power research, engineering, and consulting firm - located in Knoxville Tennessee. With 30 years of experience in the electric power industry, Erich is no stranger to smart grid - he has been involved in defining what smart grid is before the term itself was coined.
From:
GoogleTechTalks
Views:
5642

28
ratings
Time:
01:18:28
More in
Science & Technology

0
Your rating: None