An increase in the usage of web applications is directly related to an increase in the number of security incidents for them. Today, web application security is finally getting more well-known consideration. The daily discovery of new web vulnerabilities and attacks confirms that web applications are not secure. This attention comes with the benefit of it being addressed as a higher priority now. Web application security is a branch of information security that deals particularly with security of websites and web application. Stories about exploits that compromise sensitive data frequently mention culprits such as “cross-site scripting,” “SQL injection,” and “buffer overflow.” These programs create so many risks for web site application such as User accounts being stolen through session hijacking or through the theft of username and password combinations, the ability for attackers to track your visitors’ web browsing performance infringing on their privacy, Abuse of credentials and trust, Link injections, Keystroke logging of your site’s visitors. It may seem like impossible to keep your site away from attackers, but if you can think like an attacker you can block his entry before he gets there. This following guide introduces you to popular Web application attacks and provides tips and techniques to keeping the hackers out of your websites.

Keep an eye on your file permissions
Double check your file permissions: if you have given someone permission to read or write a file, and you both have Fling accounts, then their CGI programs have the same permissions, and a small programming error could give everyone in the world access to your files. It may be helpful to use the “File Security” option from within the seas accounts management site to reset all file settings to only legible by you. Be careful, if you include your website in the reset, it will make it inaccessible via a web browser.


Restrict access to trusted users
It’s usually a bad idea to allow people without accounts to post to your forum, or blog. Spammers and other nasty users often exploit open web applications for their own uses at the expense of you and your legitimate users. In addition, don’t allow people to create accounts on their own without your explicit permission. In addition to unsuitable content, people can upload programs or commands and then trick your program or other users into executing the commands. You need to only allow submissions from trusted users.

Separate dynamic content from static content
If you have a static portion of your website that doesn’t need dynamic scripting, keep it outside your dynamic directories (dynamic, and wiki). It’s also a good idea to save user uploaded files in non-dynamic directories to avoid a malicious user being able to execute code on the server. All data submitted by a user should always be vetted before you do anything with it. Scan files for viruses before accessing or allowing users to download them

Some popular application like WebDefend is an advanced web application firewall that offers customized, behavior-based security for each protected application. It has some great features like inbound and outbound traffic analysis through the patent-pending and bi-directional Exit Control traffic analysis engine that recognize a specific type of information, such as credit card or Social Security numbers. Even it identifies problems and trends in your site URL and session levels in your web application surroundings with out-of-the-box real time views covering performance metrics such as transaction time, error rate, availability and HTTP and Https throughput. It has also SSL attack detection capability which replicates and decrypts SSL traffic streams without terminating the original encrypted session.

Security has always been a holistic solution, requiring all players and systems to work in concert to form a good defense. The current use of most web application security testing tools is still focused on the access information security professional but still we are a fair distance from holding a developer. If you are a online business man and you have a website by which you are earning some money then you should follow these above tips and keep your website safe and get more customer.


View the original article here

Mirial announced today the availability of the first professional video conferencing client for Apple iOS devices, supporting both SIP and H.323 standards, featuring high-quality video conference and optimized in order to get the most out of the mobile networks.

The software is available today for iPhone(R) 4 and iPod(R) Touch 4th gen, and in few weeks for iPhone(R) 3GS and iPad(TM).

Built by Mirial on over 10 years of video communication excellence, it provides a standards-based solution for video conferencing over Wi-Fi, 3G and 4G networks, enabling iPhone users to connect to other iPhones, iPods, Android phones and tablets such as the Samsung Galaxy Tab, Windows PC and Mac or to any H323 standards-based video conferencing equipment such as room systems or existing MCUs.

With 28,6% of U.S. market share, iOS still represents the leading mobile operating system despite the rapid growth of Android. "We are proud to be the only company offering an H323/SIP interoperable solution available for all the most used platforms: Windows PC, Mac, Android and now iOS/iPhone" said Cristoforo Mione, VP Marketing. "Once again, Mirial standards based products are playing a key role in mass adoption of interoperable Visual Communication solutions."

The client for iPhone is available today as an option for ClearSea and MCS desktop video conferencing products, granting both enterprises and service providers the possibility to offer a solid and consistent user experience to their employees and customers.


View the original article here

Lenovo launch a new business laptop called Thinkpad X120E based on AMD Fusion chipset. It has 11.6-inch 1366×768 pixel resolution with anti-glare LED display, 4GB of DDR3 memory, a 5400RPM or 7200-rpm hard drive or a 128GB SSD.

Lenovo ThinkPad X120E using AMD Radeon HD 6310 graphic card which is faster, wifi, stereo 2W speakers, Bluetooth and standard 3-cell battery (6-cell option). The laptop measures 11.1×7.4×1.2-inch expected about $400 and will be available in market in February 2011. Hopefully there’s any discount code to buy X120e for the next event Valentine’s Day

View the original article here