Nt1330 Unit 3 Assignment 1

Words: 1576
Pages: 7
Open Document
1. Sessions are used to keep track of a user when they are using a web application. Without sessions a user would have to identify themselves and probably authenticates, on every request. A session usually consist of hash values and a session id which are very hard to crack. If a hacker acquires a cookie from the session then they can use the web application as if they were that user. A hacker could obtain this cookie by sniffing the cookie in an insecure network. This means that a hacker can listen to all traffic on an unencrypted wireless LAN and grab your cookie. This could be stopped by forcing an SSL connection for your users. Another attack would be the replay attack. A replay attack is when a hacker receives credits, then buys something. Then taking the cookie from the first session and putting it in the browser. This restores their credit to its original value. To stop this you can use a nonce or a random value in the session. The nonce is valid only once and the server has to keep track of it in the session. It can get very complicated keeping track of all of them. The best solution is to not store this kind of data in the session but instead in a database. There is also …show more content…
Redirection is when the attacker forwards the user to a trap website. This happens by sending an unsuspicious link in an email to the users, injecting the link by XSS in the application, or putting the link into an external application. The link starts with the URL to the application, it is hidden in the redirect parameter. To stop this you can include only the expected parameters in the legacy action. Another way is to be redirected to the URL with the malicious code in it. To stop this you cannot allow the user to supply parts of the URL. File uploads allow the user to upload files named however they want. A hacker could use a malicious file name to overwrite any file on the server. Make sure file uploads do not overwrite important files and process media files
Show More

Related Documents: Nt1330 Unit 3 Assignment 1

NT1330 Unit 3 Assignment 1

"What does the analysis state as the reason?" The second robot waved his hand to pull out a keyboard. Its hand moved at a rapid pace entering key information about the subject. The subject's data showcased itself on the screen above them. [99.5%: UGC, .5%: ERROR: IB48] "Error:IB48? An unknown component detected? Impossible. Reboot the system and reenter the data." The first robot commanded. At the command, the screen shutdown and began to reboot itself. The second robot busied himself…

Words 643 - Pages 3

Nt1330 Unit 3 Assignment 1

//u3125893-Assignment 2-Rahul kadam using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; using System.Windows; using System.Windows.Controls; using System.Windows.Data; using System.Windows.Documents; using System.Windows.Input; using System.Windows.Media; using System.Windows.Media.Imaging; using System.Windows.Navigation; using System.Windows.Shapes; namespace EllipseDrawing { /// /// Interaction logic for MainWindow.xaml…

Words 171 - Pages 1

Nt1330 Unit 3 Assignment 1

In this module, students will gain an understanding of the following two areas: Install and configure WSUS server Monitoring servers using MMC In the first chapter, students will learn to deploy WSUS servers and, as part of this process, students will also learn how to create and manage WSUS groups. This chapter will also illustrate how to administer and manage WSUS with commands. Windows is a complicated system with many underlying components and thousands of files. To keep it reliable and secure…

Words 816 - Pages 4

Nt1330 Unit 3 Assignment 1

The product name and unit price are related to the Works Order through the Product ID FK, it depends on Product ID FK not Works Order Number PK. There needs to be a table called Product with all the product information. The tables below are in second normal form. To get…

Words 476 - Pages 2

Nt1330 Unit 3 Assignment 1

Sacred Heart College uses a variety of different drives to store and manage the data. Every student and teacher have a H Drive which is only accessible by that person using a username and password. The main use for this drive is for students and teachers to have access to their own files and to save their own work through the drive. The capacity of a student’s H Drive is 1.22 TB and is the responsibility of the student to manage their own disk space. The student H Drives are set up when a student…

Words 1673 - Pages 7

Nt1330 Unit 3 Assignment 1

To fulfil the requirements presented by Chipset the design for the proposed network is incorporating a EtherChannel connection between switches in order to duplicate the bandwidth and ensure the quality of services like VoIP and Video conferencing. As a safe measure, a spare EtherChannel is proposed in order to safeguard any malfunction or cable damage that may occur, in addition some extra EtherChannel connections will be present to create alternative paths between switches to ensure the uptime…

Words 1183 - Pages 5

Nt1330 Unit 3 Assignment 1

The first page of the My M community is the main page. The user needs to select between two options: either to sign in or to sign up. When the user clicks on one of the links it redirects him to the chosen page. 3.2.2 Account Creation When a user accesses the site for the first time, he must create an account before using any of the site features. The account creation requires 8 input: first name, last name, username, password, confirm password, email, gender and region. All these fields must not…

Words 618 - Pages 3

Nt1330 Unit 3 Assignment 1

The contents of this Site Book document the configuration of the systems which are currently within the network. The network consists of two subnets 192.168.2.0/24 and 192.168.3.0/24 connected by a pfSense router. Each subnet contains a Windows Domain managed by a Domain Controller. The Domain Controllers provide the DNS and DHCP services in addition to Active Directory authentication. An Identity Management server is hosted on a Red Hat Enterprise Linux 7 server which provides cross realm user…

Words 661 - Pages 3

Nt1330 Unit 3 Assignment 1

5. Setup and Installation: 1. Installation of Networked Printers: i. A print server will be set up on the HAFH domain, and consistent printer policies will be pushed out across the network printers such that the printing processes will be consistent. ii. All the network printers will be integrated with PaperCut (Print Management Software) and the print server. iii. Ink cartridges, toner cartridges and printer trays will be fitted and tested. iv. System Center Configuration Manager will be put…

Words 1147 - Pages 5

Nt1330 Unit 3 Assignment 1

li $s0, 0xf0000000 # Command Register UART li $s1, 0x1 # mask for bit 0 li $s2, 0x2 # mask for bit 1 li $s3, 0x0030 # number 0 # It can be helpful to include a comment about a register's purpose # next to an initialization at the start of the program for reference. main: # TODO: write your primary program within this loop new_input: li $t1, 0xA # new line call put_char_p3 li $a1, 1 li $v0, 0 # cross reference for invalid character li $v1, 0 # store string new_char: jal get-character…

Words 436 - Pages 2