Security Against ARP Spoofing

Hi,
I  am planning to create two DHCP servers for DHCP load balancing. Since  ARP Spoofing is one of major threats while configuring DHCP, I want to  know what are the ways to prevent ARP spoofing.
Regards,
Prasad Bait

The best is to go with DHCP snooping + Dynamic ARP inspection. This would help against ARP spoofing:
http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/snoodhcp.html
Regards,
Deepak

Similar Messages

  • How to apply row level security against the database administrator

    I would like an advice in applying row level security against the database administrator. We need to prevent DBA from editing data in some table rows or have any indication that data was corrupted.
    There is no problem in viewing the data so we considered one way hash function or digital signature which will be stored in the same table, but we see following disadvantages:
    HASH - DBA may use the same hash function to update the stored data after he changes the sensitive row.
    Digital signature - the is a need to manage and keep the private key in a safe place outside of DB
    Is there additional ways to achieve the aim?

    Does VPD helps to prevent from DBA to edit/view a data in specific rows?Yes.
    If I correctly understand, DBA has full access to security policy used by VPD to control the access and can grant himself privileges that I don't want.You can to define which users can be exempt of the politics, for the context or by Grant EXEMPT.
    This includes DBAs.
    The simple fact of being DBA doesn't guarantee the exemption.
    Everything goes to depend of the VPD config.

  • My mac and iPhone 6  has been hacked! foresure! Antivirus sentinel pro from apple store detected apr or arp spoofing, thereafter Antivirus protection also got hacked, I turn network monitoring on they turn off like 3 times then they close Antivirus

    my mac and iPhone 6  has been hacked! foresure! Antivirus sentinel pro from apple store detected apr or arp spoofing, thereafter Antivirus protection also got hacked, I turn network monitoring on they turn off everytime then they close Antivirus for good, also Google.com is being imitated and not showing a true certificate (apr spoofing)?.these guys r good! I erased and reinstall Yosemite changed all passwords even on the wifi...could be wifi sniffing? I got Kaspersky hoping to use virtual keyboard for passwords and Kaspersky is comprised too..the virtual keyboard doesn't work it freezes up not allowing me to enter password. So I Uninstall and reinstall Kaspersky, so now I have problem with reinstall that doesn't work, then way later that day it is reinstalled..not over yet..that virtual keyboard now pops up randomly wanting me to use password? seems like they can copy anything real fast for i have to enter info like 2 or 3 times, never had that problem before. I'm thinking about going old school with paper docs and checks..yes technology ***...too vulnerable. .on the news they said 97% of businesses are hacked! can someone help me to counter this attack? thx
    Message was edited by: technologysux

    You have not been hacked. Get rid of all that antivirus. It is just making your life harder.

  • Is Firefox x64 more secure against Malware attacks than Firefox x32?

    I have a Windows 7 Home Premium SP1 x64 computer. It is my understanding that Windows 7 HP SP1 x64 is more secure against Malware-Virus attacks then Window 7 HP SP1 x32.
    I am using Firefox 6.0B2 x32 and just started also using Firefox 8.0A1 x64. Both are working fine.
    Is the x64 version of Firefox more secure than the x32 version against Malware-Virus attacks on a Windows 7 SP1 x64 computer simply because it is x64.

    No, it isn't.

  • Preventing MITM via arp spoofing in ASA and IOS environment

    We use a pair of 5515-X in which we route all traffic. We have a couple of 3560G which we use as L2 switches.
    How can I secure my network to prevent clients from easily pose as the gateways in order to intercept traffic? I think PVLAN is out of the question with the ASA but I may be wrong.
    Thanks

    Lookup the switch feature called dynamic arp inspection, and dhcp snooping

  • ADF Security against external source

    HI. I want to manage my users and roles in the custom table in Oracle DB, but still use all security features of ADF. I mean I will not define user and roles in  ADF, but ADF will be able to authenticate against my table and populate all security attributes (e.g #{securityContext.userName}) . Can it be done?

    I think I found  the problem not the solution.
    First of all I do see in WL the user "test" and group "EnterpriseAdmin".
    And of course  "EnterpriseAdmin". assigned to  "test" user.
    But after I run the login page I go back to WL I  see that "EnterpriseAdmin" group was unassigned from "test" user!!!!!
    If I assign in again (after the application is loaded , but before I click the login button) I can use the application as I designed it (access the page which is protected by EnterpriseAdmin)
    But at some point the following error message appears in the Jdeveloper console
    [Another instance of application Sec3 is running on the server.  JDeveloper will redeploy the application.]
    [Running application Sec3 on Server Instance IntegratedWebLogicServer...]
    [07:09:59 AM] Web Module ViewControllerWebApp.war recognized in project ViewController.jpr
    [07:09:59 AM] ----  Deployment started.  ----
    [07:09:59 AM] Target platform is  (Weblogic 10.3).
    [07:09:59 AM] Retrieving existing application information
    [07:09:59 AM] Running dependency analysis...
    [07:09:59 AM] Deploying 2 profiles...
    [07:10:00 AM] Wrote Web Application Module to C:\Users\mshapira04\AppData\Roaming\JDeveloper\system11.1.2.3.39.62.76.1\o.j2ee\drs\Sec3\ViewControllerWebApp.war
    [07:10:00 AM] Wrote Enterprise Application Module to C:\Users\mshapira04\AppData\Roaming\JDeveloper\system11.1.2.3.39.62.76.1\o.j2ee\drs\Sec3
    [07:10:00 AM] Redeploying Application...
    <FeatureUtils> <_resolveFeatures> Ignoring feature-dependency on feature "AdfDvtCommon".  No such feature exists.
    <FeatureUtils> <_resolveFeatures> Ignoring feature-dependency on feature "AdfDvtCommon".  No such feature exists.
    <FeatureUtils> <_resolveFeatures> Ignoring feature-dependency on feature "DvtDiagram".  No such feature exists.
    [07:10:09 AM] Application Redeployed Successfully.
    [07:10:09 AM] The following URL context root(s) were defined and can be used as a starting point to test your application:
    [07:10:09 AM] http://10.15.8.180:7501/Sec3-ViewController-context-root
    [07:10:09 AM] Uploading jazn-data roles.
    [07:10:09 AM] Removing existing group "EnterpriseAdmin".
    [07:10:09 AM] Creating group for role "EnterpriseAdmin".
    [07:10:09 AM] Elapsed time for deployment:  10 seconds
    [07:10:09 AM] ----  Deployment finished.  ----
    Run startup time: 9784 ms.
    [Application Sec3 deployed to Server Instance IntegratedWebLogicServer]
    Target URL -- http://127.0.0.1:7501/Sec3-ViewController-context-root/login.html
    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,365 during the configured idle timeout of 5 secs>
    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,362 during the configured idle timeout of 5 secs>
    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,361 during the configured idle timeout of 5 secs>
    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,366 during the configured idle timeout of 5 secs>
    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,363 during the configured idle timeout of 5 secs>
    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,364 during the configured idle timeout of 5 secs>
    <Aug 28, 2013 7:11:09 AM EDT> <Error> <Console> <BEA-240003> <Console encountered the following error weblogic.security.providers.authentication.DBMSSQLAuthenticatorDelegateException: [Security:090279]Error listing users *
      at weblogic.security.providers.authentication.DBMSSQLReadOnlyAuthenticatorDelegateImpl.listUsers(DBMSSQLReadOnlyAuthenticatorDelegateImpl.java:368)
      at weblogic.security.providers.authentication.ReadOnlySQLAuthenticatorImpl.listUsers(ReadOnlySQLAuthenticatorImpl.java:117)
      at weblogic.security.providers.authentication.SQLAuthenticatorMBeanImpl.listUsers(SQLAuthenticatorMBeanImpl.java:281)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at weblogic.management.jmx.modelmbean.WLSModelMBean.invoke(WLSModelMBean.java:437)
      at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)
      at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)
      at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
      at java.security.AccessController.doPrivileged(Native Method)
      at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
      at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:263)
      at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
      at java.security.AccessController.doPrivileged(Native Method)
      at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
      at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:444)
      at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:323)
      at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)
      at java.security.AccessController.doPrivileged(Native Method)
      at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)
      at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
      at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)
      at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1427)
      at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
      at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367)
      at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)
      at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
      at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
      at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
      at javax.management.remote.rmi.RMIConnectionImpl_1035_WLStub.invoke(Unknown Source)
      at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.invoke(RMIConnector.java:993)
      at weblogic.management.jmx.MBeanServerInvocationHandler.doInvoke(MBeanServerInvocationHandler.java:544)
      at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:380)
      at $Proxy168.listUsers(Unknown Source)
      at com.bea.console.utils.security.UserUtils.getUsers(UserUtils.java:78)
      at com.bea.console.actions.security.users.UserTableAction.getCollection(UserTableAction.java:100)
      at com.bea.console.actions.security.ManagementBaseTableAction.execute(ManagementBaseTableAction.java:82)
      at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
      at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.access$201(PageFlowRequestProcessor.java:97)
      at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor$ActionRunner.execute(PageFlowRequestProcessor.java:2044)
      at org.apache.beehive.netui.pageflow.interceptor.action.internal.ActionInterceptors.wrapAction(ActionInterceptors.java:91)
      at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processActionPerform(PageFlowRequestProcessor.java:2116)
      at com.bea.console.internal.ConsolePageFlowRequestProcessor.processActionPerform(ConsolePageFlowRequestProcessor.java:261)
      at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
      at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processInternal(PageFlowRequestProcessor.java:556)
      at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestProcessor.java:853)
      at org.apache.beehive.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterActionServlet.java:631)
      at org.apache.beehive.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServlet.java:158)
      at com.bea.console.internal.ConsoleActionServlet.process(ConsoleActionServlet.java:262)
      at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
      at com.bea.console.internal.ConsoleActionServlet.doGet(ConsoleActionServlet.java:134)
      at org.apache.beehive.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:1199)
      at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.executeAction(ScopedContentCommonSupport.java:686)
      at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.renderInternal(ScopedContentCommonSupport.java:266)
      at com.bea.portlet.adapter.scopedcontent.StrutsStubImpl.render(StrutsStubImpl.java:107)
      at com.bea.netuix.servlets.controls.content.NetuiContent.preRender(NetuiContent.java:292)
      at com.bea.netuix.nf.ControlLifecycle$6.visit(ControlLifecycle.java:428)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:727)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
      at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:146)
      at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:395)
      at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:361)
      at com.bea.netuix.nf.Lifecycle.runOutbound(Lifecycle.java:208)
      at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:162)
      at com.bea.netuix.servlets.manager.UIServlet.runLifecycle(UIServlet.java:388)
      at com.bea.netuix.servlets.manager.UIServlet.doPost(UIServlet.java:258)
      at com.bea.netuix.servlets.manager.UIServlet.doGet(UIServlet.java:211)
      at com.bea.netuix.servlets.manager.UIServlet.service(UIServlet.java:196)
      at com.bea.netuix.servlets.manager.SingleFileServlet.service(SingleFileServlet.java:251)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
      at com.bea.console.utils.MBeanUtilsInitSingleFileServlet.service(MBeanUtilsInitSingleFileServlet.java:47)
      at weblogic.servlet.AsyncInitServlet.service(AsyncInitServlet.java:130)
      at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
      at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
      at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
      at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
      at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
      at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
      at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
      at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
      at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
      at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
      at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
      at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
      at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
      at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    Caused by: java.sql.SQLException: TBDI18N: Connection was not found for null
      at weblogic.security.providers.authentication.DBMSDatabaseConnectionPoolImpl.getRawConnection(DBMSDatabaseConnectionPoolImpl.java:136)
      at weblogic.security.providers.authentication.DBMSSQLDatabaseConnectionPoolImpl.checkoutConnection(DBMSSQLDatabaseConnectionPoolImpl.java:25)
      at weblogic.security.providers.authentication.DBMSSQLReadOnlyAuthenticatorDelegateImpl.getReadOnlyConnection(DBMSSQLReadOnlyAuthenticatorDelegateImpl.java:570)
      at weblogic.security.providers.authentication.DBMSSQLReadOnlyAuthenticatorDelegateImpl.listUsers(DBMSSQLReadOnlyAuthenticatorDelegateImpl.java:346)
      ... 119 more
    >
    It says something about listing the users, so I checked my "SQL List Users:" statement and it should be just fine:
    SELECT username FROM jhs_users WHERE username LIKE ?
    If fact I double checked all SQL statement that list something in the provider and they are all fine
    I have to remind that my application is empty and all pages (login , error , welcome) are autogenerated
    Thank you for you help. Can you see the problem?

  • ADF Security against database?

    I am working with JDeveloper 10.1.3.4 on a project which uses adf/bc and adf faces/jsf 1.1; the application is deploying to iAS 10.1.3.4 and is hooked as a mid-tier instance via SSO to an infra iAS instance on another machine.
    How do you change ADF Security to reference a database table to find out settings for page/iterator/attribute security settings?
    Most of the existing code in this environment is Web Pl/sql toolkit and portal work. I am adding ADF apps. They would like to control what the different roles have access to via the database...hence this question.
    Normally with ADF Security you use an editor in JDeveloper which you can access from within the page def file in the structure pane within JDeveloper; I think this changes system-jazn.xml. If you, instead, want these settings to be located within a database table, what do you have to do?
    In my initial research I am thinking somehow I must create an override for ADFPermission.getContext() somehow...but I have not figured out if that is right or not yet.
    It may just be easier to re-invent the wheel: just do things programmatically using Java; but there is a lot of structure inherant in ADF Security that I would be reproducing if I go that route, I think.
    Anybody have any ideas?
    I am continuing to research this issue, but I think this is an unusual use-case; so I am not expecting to find this answer anywhere in particular. Maybe somebody knows this off the top of their head.

    Right, Frank; I mostly meant that it would help me learn more about the subject of J2EE permissions. Vik has pointed me in the direction of the Sun Java Forums for more information on this topic, which I will hopefully get a chance to pursue.
    Thank you for getting back to me. Thank you again, also, for all your work on custom login modules; I have used that work of yours several times professionally. It is just that this client I am working with now is satisfied with their SSO/LDAP setup...they just want to store permissions in the database also.

  • Preventing/securing against sql injection attacks

    What's the best way to go about trying to secure/prevent from mysql injection attacks.
    I guess this is not so good?
    $JobTitle = $_POST['JobTitle'];
    $sql = 'SELECT * FROM jobs WHERE JobTitle = "'.$JobTitle.'"';
    So I'm currently using the mysqli real_escape_string:
    $JobTitle = $_POST['JobTitle'];
    $JobTitle = $conn->real_escape_string($JobTitle);
    $sql = 'SELECT * FROM jobs WHERE JobTitle = "'.$JobTitle.'"';
    or I could use:
    $sql = 'SELECT * FROM jobs WHERE JobTitle = "$_POST['JobTitle'];"';
    but I don't know about the above having not used it at all.
    or I could use prepared statements which I dont particularly want to do because they are so long-winded especially when you have about 20 or so rows of data to insert/update into a database table
    ???????????????????? (ssssssssssssssss) I mean who the **** can keep track of that ****
    Is there anything bad about using the below (no user input i.e., $_POST or $_GET)
    $date = date('Y-m-d');
    $sql = 'SELECT * FROM jobs WHERE jobDate < "'.$date.'"';
    Just trying to get a handle on reasonable practices to use, when and where.
    Any thoughts
    Cheers
    Os

    Hi Ken,
    Thanks for that. It seems as though this area is a bit of a grey one. I've searched just about everywhere and can't find any kind of difinitive answer.
    I'm specifically exploring sqli as that is the way ahead now that sql is being dropped from future php releases.
    I'm using prepared statements to insert and update the database and boy are they a pita to work with. My eyes can't cope with it....simply ridiculous to have to keep track of the binding method:
    ??????????????????????? and sssssssssssssssssss
    Was looking for something simpler when selecting results to display on a page. Think for now I'll just go with the real_escape_string method and hope it provides some form of security.
    $foo = $_POST['foo'];
    $foo = $conn->real_escape_string($foo);
    I'll just assume there is no risk if a user can't input any data i.e,
    $variable = "foo";
    SELECT * from table Where id = "'.$variable.'"

  • After updating, Firefox informed me that Constant Guard, the security system which is provided by Comcast, is not compatible with this update and was disabled. WHY? Will Firefox now automatically provide security against online threats?

    Firefox upgraded automatically; in doing so, it stated that Constant Guard Security Suite, which is provided by Comcast, my internet service, is not compatible, and had to be disabled. Please explain why; is Firefox providing anti-virus when I surf the internet? If not, this is NOT an 'upgrade' and I will never use Firefox. Please respond as soon as possible.

    Hi, Thanks for that further bug description In Your Last Message That Describes The Problem I Am Having perfectly and is exactly the same for me.
    unfortunately that fix for my camera Powershot G6 does not work or apply as the view pictures switch is different on G6 is not usable during download as once you plug in DC/USB cable it turns off, and makes no diff and problem still exists exactly as you just described.
    thanks anyways "Selz Boy"
    it has been 17 days since apple promised to get back to me within 3-5 days hopefully with a solution, but I have still not heard from them.
    They blew me off, i guess, probably i will have to wait for new Yosemite OS update, which they pre-warned me could take as much as 6 months.
    I cannot believe apple released this new update with such major bug issues for camera downloads and that horrible "Photos" pgm which has all sorts of downgrades in features, usefulness and new bugs compared to iPhotos which I just finally got used to and was much better software.
    I am starting to lose faith in Apple and I am getting that Microsoft "FEEL" like I used to have when I was a PC user, which was why I originally switched to Apple  computers in first place.
    Oh well got my fingers crossed here.
    Thankfully the memory card reader solution  is working well, but cost me $45.

  • Database Security against 'connect internal'

    Hi Dba's
    Is there any way to set up a password authentication while connecting as
    oracle(unix)user during 'connect internal' connection?. The reason is though oracle owner password can be kept properly, still the system admin(unix)can still use su (unix)command to become oracle user and connect to oracle without validating password.
    What is the best way to set up a password by which the password will be validated during the connection time.
    Please note ....!!!! Creation of exclusive password file, changes in init parameters everything has been tried.
    Hence, looking for any better solution.
    Regards
    _RamV
    null

    There certainly is a need for securing your database from administrators. The idea that you MUST trust your dba or your sys admins is no longer a reasonable one. Just to give you an example, let's say a government stores its most confidential secrets in an Oracle database. Trusting the dba is not an option in this situation.
    This certainly is an exterme case, but there certainly are many, many other situations that have similar requirements. I'm not sure that everyone's medical records should be available to the dba just because he's in charge of doing backups. The truth of the matter is that many, many dbas are kids straight out of college or independent consultants. This is this way in every industry, including the medical and banking industry.
    There are solutions that alleviate the problem, but they are not as good as they should be. For Oracle there are encryption solutions (www.appsecinc.com) that help you prevent dbas from reading the data, but they do not help prevent the data from being destroyed. A good backup plan can help alleviate this problem.
    Other possible solutions include setting up good policies that include seperation of duties and the use of a change management department. For a more thorough discourse on security policies for Oracle, check out the Oracle Security Handbook (http://www.amazon.com/exec/obidos/ASIN/0072133252/qid%3D998406055/107-7202182-0758137).
    HTH,
    [email protected]

  • Vertical column pop-up button-"OPEN"-with left " " appears-bottom right corner Firefox screen-Independent of web-site visited-Am "secured" against virus-Have not touched button: "Danger, Will Robinson." Appreciate any help. Thnx. DanDeren

    Occasionally and sporadically - I cannot reproduce this issue - a small vertical column-ed pop-up button appears in the lower right corner of my (Firefox) browser screen. It is not clear what causes this - I thought perhaps that it had something to do with Google's new gmail format which I have, so far refused to adopt, although when it forces me to do so, I Accept and then re-configure back to the old look. I don't think the problem is with gmail, though since tonight I was accessing the New York Time subscription web-site. However, tonight - 31JAN2012 - this button popped up, stuck around for maybe 30 seconds and then went away. It is small - about a quarter inch wide; perhaps one-half to three quarters of an inch tall. It displays on the top of the button the "<" followed underneath by the word "OPEN" (displayed vertically). I know better than to push an OPEN button whose function is absolutely opaque to me - fool me once... My desktop has the latest version of Firefox - 9.0.1 and I just loaded the latest update. I am running Windows XP Version 5.1 (Build 2600.xpsp_sp3_gdr.111025-1629 : Service Pack 3). Further info re. operating system: Microsoft Windows XP Home Edition Service Pack 3 - that was probably pretty clear from the Version and Build info above. Hardware: ACER-42041E6643 - ACPI Multiprocessor PC - Chip/Processor: Intel Atom CPU 230 @ 1.60 GHz (2 of these). I can provide more system and configuration information, as necessary. As it is, I go to System Info and it will not let me copy all of the system info above - I had to copy it brute-force manually. I have managed tech support organizations in the past. The first question you ask the user is: "What changed?" or perhaps "What did you change?" Like every other user with an issue, my response is: Nothing of which I am aware. I certainly am not going to push this button - perhaps it toggles between something and something else - more than like so - or it opens "something" - I will not find out what since I refuse to push it. I am guessing this is some benign "feature" of which I am unaware. Any assistance with this will be greatly appreciated. Thanks and best, Dan Deren.

    Can you attach a screenshot?
    *http://en.wikipedia.org/wiki/Screenshot
    Use a compressed image type like PNG or JPG to save the screenshot and make sure that you do not exceed the maximum file size (1 MB).

  • Firefox has disabled Webroot which is my security against malware intrusion. I NEED Webroot to be acitve because of all the sites I go to. How do I get my Firefox back to the earlier version that it was so I can use my Webroot?

    Firefox keeps updating itself even though I don't want it to. Now that I have Firefox 5.0 it won't let my Webroot work. I may have to get rid of my Firefox altogether if this persists.

    Only when i go to a different browser (like IE) after i clear it , then all that shows up is the pages i visited in IE , that is what bugs me , why is IE browsing history sowing up in Firefox ??
    Basically , i can clear the history in Firefox , and then for a example , go to Craigslist , using IE7 (launching it from a complete different Icon , in other words at that time i never open Firefox) , then after closing out , or even leaving open as it does not seem to matter , i go into Firefox , and hit History , and there is every place i visited in IE7 , on my History in Firefox

  • Cisco 3750 protection against ip spoofing

    Hello,
    I was wondering if anything like ip verify unicast reverse-path was available for the C3750 series of switches.
    Or if there's any other way to implement ip source checking (other than implementing an ACL per each port or activating source guard which requires a DHCP server and further manual introduction of user data)

    think you can use the command "ip verify unicast reverse-path" itself on Catalyst 3750 Switches. check the following link for the command reference :
    http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_command_reference_chapter09186a008017cf1b.html#wp1094165

  • ARP Cache Poison behavior by Apple TV

    Norton Anti-Virus reports blocking an ARP Cache Poison attack against my home network.  The reported source of the attack is the MAC number of the Apple TV on the network.
    Whether Norton is "reliable" is apparently contentious in the support community.  Several authors suggest, with authority, disabling Norton or the particular attack profile.
    Whether that makes sense depends on what the Apple TV is innocently doing to be profiled as a network attack. 
    Even when supposedly "asleep" the Apple TV is doing something that meets the profile of an ARP Cache Poison attack.  It did it every 30 minutes today, nine times yesterday, about 30 times day before and etc. 
    And if it is a design feature of the device, why is the device still performing despite having the activity continously blocked?  What is the purpose of this attack-like activity, assuming it is not an attack?  If it is an attack, how does one erase the programming initiating the attacks and still have an Apple TV?

    Short answer: it is a false positive.  I don't know exactly what causes it but I would guess Apple's Bonjour protocol, which is why you see something every 30 minutes.  That's just a blind guess, but seems to fit.
    Realize that a report of ARP poisoning wouldn't be likely on a private LAN, unless you got infected somehow.  No known malware like this for iOS devices (and much harder to insert one on AppleTV versus an iPhone or iPad.)  There are legitimate cases where ARP spoofing is used.  And even Cisco has instances where they say to ignore that warning:
    CSCsm25943—The meaning of the following error message on the controller is not clear. This message does not necessarily imply that any actual "ARP poisoning" is occurring. Rather, this message appears when a WLAN is configured for DHCP Required and a client (after associating to this WLAN) transmits an ARP message without first using DHCP. The client is unable to send or receive any data traffic until it performs DHCP through the controller.
    DTL-1-ARP_POISON_DETECTED: STA [00:01:02:0e:54:c4, 0.0.0.0] ARP (op 1) received with
    invalid SPA 192.168.1.152/TPA 192.168.0.206
    Workaround: Perform the following steps:
    • Verify that the client eventually does perform DHCP without undergoing an unacceptable outage. If the outage before performing DHCP is acceptable, then you can ignore this message.
    I'm not saying that Norton's message is the same as Cisco's.  Just that Cisco states that the meaning of why the message appears is not clear and sometimes is acceptable.  And Cisco is the world leader in networking technology so if they don't always know why you get an ARP poisoning warning....
    I won't go into the politics of "Norton bad" or whatever, but based on my experience (bias) with Norton in it's various forms for over 10 years, IMHO you can ignore this.  Hopefully you can configure Norton to selectively ignore this.  If not, you may have to use a different security program.  Me personally, I do not recommend any "security suites" because they cause exactly this kind of additional headache.  Just a "plain" antivirus program.  Windows has a built-in firewall and most people will be using a hardware firewall at the office or home so the firewall in the "security suite" is extraneous.

  • ARP Attack?

    We have been experiencing slow internet speeds at work. So I started investigating and was using the Colasoft Capsa program.
    I found that when doing a security analysis with this program that it said we were under ARP attack.
    I found a article on the Colasoft site on ARP spoofing.   http://www.colasoft.com/capsa/troubleshoot_arp_attacks.php
    When looking at the physical endpoint (Solution 4:) example I found the mac address of our Cisco Small Business RV042 10/100 4-Port VPN router with about a 100+ IP addresses linked to it.
    I jumped on the cisco site and the closest thing I could find to helping me is http://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/13495-clear-arp.html
    However to my knowledge this won't work on this router since we only have access to the GUI interface.
    Can anyone confirm that this is indeed a ARP attack on this router?
    If so how do I stop it and protect this router?
    Any help guidance is greatly appreciated!

    I assume all of the IP addresses are for sites that are not on your local network?   I would expect this since the end point is going to use the router as it's next hop go out to the internet.
    If you were seeing an ARP spoof you would more likely see a lot of local IP addresses that are associated with a MAC address that is NOT your router.    When someone ARP spoofs they send out gratuitous ARPs trying to insert the malicious systems MAC address into the ARP table of the router/switch/endpoints so they send all of their traffic through the malicious system.
    I know this doesn't answer your question but hopefully it pushes you closer to the answer.

Maybe you are looking for

  • Urgent please help, this program should work

    Urgent please help. I need to solve or I will be in big trouble. This program works at my home computer which is not networked. The hard disk was put onto another computer at another location whihc is networked. Here my program worked on Monday 14 oc

  • Photo editing and occasional video stuff - which Macbook Pro for me?

    Hi guys! I'm seriously considering buying a Macbook Pro to replace my current desktop PC. My intuition is telling me to get 16GB of RAM and to not settle for a two core processor. This, however, isn't too easy on the wallet. I do photo editing quite

  • Multi Language Stoplist

    Hello All, What is stopword?. Why it is used?. I could not get this functionality. Can anyone explain me?. I understood the following lines from the Oracle Text book. But i don't know how we will implement it in real time. "You can create multi-langu

  • Agent on SLES 10 stops responding

    We are running NSM Agent version 2.5.2.1 on a SLES 10 server. Moving student accounts (in the thousdands), the agent stops responding. After unloading and re-loading the agent, it will run for a few minutes, then stop again. Any ideas on how to corre

  • Yosemite slow boot .... most of the time

    I use EtreCheck to see what's running on my system. One such check showed this: A little research showed that Warmd 'controls caches used during startup and login.  It is a launch daemon started by launchd during boot and is not mean to be invoked di