Close

Tag IT Security

Introducing SSO (Single Sign-On) to an existing ASP.NET MVC application

A while ago I was working on a project that required us to integrate an existing ASP.NET MVC application with a number of new systems, both back- and front-office. The user would like them all to work together as if it were one integrated application, and a key requirement is that there should be a […]

Security testing in context of TCP/IP model

Part 1 What is TCP/IP model? In 1989, RFC1122 was published. It specified an architectural model for communication between Internet hosts. TCP/IP model has 4 layers, from top to bottom: Application Layer Transport Layer Internet Layer Network Access Layer The application layer is responsible for application specific functions like data formatting, encryption, connection management – […]

Back the heck up!

Some years ago I noticed personal ad inside a bus shelter about lost laptop, with a reward guaranteed if found (someone had left it accidentally in that particular one). Begging tone did not mention value of the hardware. It was crying out loss of two years of work – files with the owner’s Master’s Thesis. […]

Google Hacking – how to find vulnerable data using nothing but Google Search Engine.

1. Very, very, very very short introduction to Google web indexing. Google uses the proces called crawling (or fetching) to index new or updated pages. The program that does the crawling is called Googlebot (also known as a robot, bot, or spider). Googlebot uses an algorithmic process: computer programs determine which sites to crawl, how […]

Do you know what the … penetration is ?

Penetration test A penetration test is a controlled (and legal!) attack against system, web application or computer network which shows real state of the target system security. So … I have to pay someone to destroy my system or web application to check if it is secure? The answer is: no. The main goals of […]