Mes liens
796 shaares
27 results
tagged
Security
Here are some tools and topics that marked 2013y sorted by the number of your votes and views. Tell us about your favorite tool in the comment section.
The Web's Largest Community Tracking Online Fraud & Abuse
Project Honey Pot is the first and only distributed system for identifying spammers and the spambots they use to scrape addresses from your website. Using the Project Honey Pot system you can install addresses that are custom-tagged to the time and IP address of a visitor to your site. If one of these addresses begins receiving email we not only can tell that the messages are spam, but also the exact moment when the address was harvested and the IP address that gathered it.
To participate in Project Honey Pot, webmasters need only install the Project Honey Pot software somewhere on their website. We handle the rest — automatically distributing addresses and receiving the mail they generate. As a result, we anticipate installing Project Honey Pot should not increase the traffic or load to your website.
Project Honey Pot is the first and only distributed system for identifying spammers and the spambots they use to scrape addresses from your website. Using the Project Honey Pot system you can install addresses that are custom-tagged to the time and IP address of a visitor to your site. If one of these addresses begins receiving email we not only can tell that the messages are spam, but also the exact moment when the address was harvested and the IP address that gathered it.
To participate in Project Honey Pot, webmasters need only install the Project Honey Pot software somewhere on their website. We handle the rest — automatically distributing addresses and receiving the mail they generate. As a result, we anticipate installing Project Honey Pot should not increase the traffic or load to your website.
MintEmail.com is a no-click disposable email system. By simply visiting this site, you will be assigned a temporary email address. Use it on a website that requires email verification and when the email is received it will pop up instantly in this box. Once your email is received, the title bar will be updated.
All windows users who connect to their Linux servers need not have an introduction about this great tool called PuTTY. But for those who are new, here is what PuTTY is : It is a SSH and telnet client, developed originally by Simon Tatham for the Windows platform. Click here to know more about putty. Here we shall see those 10 tips & tricks you were never known about PuTTY.
A text encryption tool, based on AES cryptography
How it works:
Mark needs to send personal text to Sarah, and wants that only Sarah can read it.
Mark writes here in Input field the text.
A password is automatically created. Or Mark and Sarah can estabilish a password for every communications over a secure channel (by voice, for example).
Mark can send the encrypted field OR the sharing url field over an insecure channel (for example a chat, mail, Skype, Facebook etc) where Sarah can read it.
Sarah opens the sharing url (or opens this page and pastes the encrypted text), enters the password and can read the original message in the decrypted field.
Note:MyWhisper.net and NOBODY in the network can technically see neither the original text nor the password, and not even the encrypted text if sharing url version isn't used, because all stuffs are only in Mark and Sarah browsers and all encryption/decryption is performed by their browsers with javascript. Therefore HTTPS/SSL access is useless.
How it works:
Mark needs to send personal text to Sarah, and wants that only Sarah can read it.
Mark writes here in Input field the text.
A password is automatically created. Or Mark and Sarah can estabilish a password for every communications over a secure channel (by voice, for example).
Mark can send the encrypted field OR the sharing url field over an insecure channel (for example a chat, mail, Skype, Facebook etc) where Sarah can read it.
Sarah opens the sharing url (or opens this page and pastes the encrypted text), enters the password and can read the original message in the decrypted field.
Note:MyWhisper.net and NOBODY in the network can technically see neither the original text nor the password, and not even the encrypted text if sharing url version isn't used, because all stuffs are only in Mark and Sarah browsers and all encryption/decryption is performed by their browsers with javascript. Therefore HTTPS/SSL access is useless.
Your data, your rules.
Securely self-hosting your websites, email, files and more has never been easier (or cheaper!). Decentralize your web and reclaim your privacy rights while keeping the conveniences you need.
Securely self-hosting your websites, email, files and more has never been easier (or cheaper!). Decentralize your web and reclaim your privacy rights while keeping the conveniences you need.
A modern, fast web-mail client with user-friendly encryption and privacy features. 100% Free and Open Source software
Cozy is a software built by the Cozy Cloud company. We love the web and cloud computing, but the current situation doesn't satisfy us. By providing a platform for interconnected and privacy-friendly web apps we want to make the web a better place.
If you want the benefits of Cozy without the constraints of self-hosting, visit cozycloud.cc and try our hosting solutions!
If you want the benefits of Cozy without the constraints of self-hosting, visit cozycloud.cc and try our hosting solutions!
Need some privacy?
Secure your communication with our mobile applications. It's that simple.
Secure your communication with our mobile applications. It's that simple.
Cryptocat is free software that aims to provide an open, accessible Instant Messaging environment that encrypts your conversations and works right in your browser.
Cryptocat is an open source experiment — the goal is to provide the easiest, most accessible way to chat while maintaining your privacy online, because we believe in Internet privacy.
Cryptocat is an open source experiment — the goal is to provide the easiest, most accessible way to chat while maintaining your privacy online, because we believe in Internet privacy.
Daiyuu Nobori va peut-être au travers de ces travaux à l'université de Tsukuba au Japon, révolutionner l'Internet sans censure. C'est même pour cela qu'il a créé son projet, SoftEther, qu'il a lancé le 8 mars 2013 et qui fait suite à sa première idée lancée en 2010 sous le nom de UT-VPN. C'est aujourd'hui, un service de VPN entièrement gratuit que l'on peut qualifier de décentralisé, comme l'est par exemple TOR.
Son projet SoftEther signifiant Software Ethernet, est donc un service de VPN basé sur le partage des ressources serveurs selon la volonté de chacun. Un logiciel client et un logiciel pour les serveurs est mis à la disposition de tout le monde, gratuitement. Les volontaires installeront le client sur leurs serveurs afin de permettre aux utilisateurs du client sur leurs ordinateurs d'en profiter. Ces derniers pourront alors se connecter partout dans le monde de façon plus sécurisée et surtout contourner les censures mais on reste quand même dépendants des scripts potentiellement malveillants installés sur des serveurs par des "méchants".
Il ne s'agît bien sûr pas d'avoir un tunnel ultra-rapide, puisque les ressources d'un serveur seront partagées à plusieurs centaines, mais ce système se veut aussi être une alternative à TOR qui souffre un peu de lenteurs.
Son projet SoftEther signifiant Software Ethernet, est donc un service de VPN basé sur le partage des ressources serveurs selon la volonté de chacun. Un logiciel client et un logiciel pour les serveurs est mis à la disposition de tout le monde, gratuitement. Les volontaires installeront le client sur leurs serveurs afin de permettre aux utilisateurs du client sur leurs ordinateurs d'en profiter. Ces derniers pourront alors se connecter partout dans le monde de façon plus sécurisée et surtout contourner les censures mais on reste quand même dépendants des scripts potentiellement malveillants installés sur des serveurs par des "méchants".
Il ne s'agît bien sûr pas d'avoir un tunnel ultra-rapide, puisque les ressources d'un serveur seront partagées à plusieurs centaines, mais ce système se veut aussi être une alternative à TOR qui souffre un peu de lenteurs.
It’s been 7 years since we released our first version of BackTrack Linux, and the ride so far has been exhilarating. When the dev team started talking about BackTrack 6 (almost a year ago), each of us put on paper a few “wish list goals” that we each wanted implemented in our “next version”.
It soon became evident to us that with our 4 year old development architecture, we would not be able to achieve all of these new goals without a massive restructure so that’s exactly what we did and “Kali” was born. We’ve also posted a Kali Linux teaser on the BackTrack Linux site – and that’s all we’ll say for now…
It soon became evident to us that with our 4 year old development architecture, we would not be able to achieve all of these new goals without a massive restructure so that’s exactly what we did and “Kali” was born. We’ve also posted a Kali Linux teaser on the BackTrack Linux site – and that’s all we’ll say for now…
Many activists have been tracked via their mobile phones, and some countries conduct surveillance more extensively than others. You need to assess the risk for your own activities given the practices used in your country, how high-profile your work is, and what others in your community have experienced.
Phone companies have the capability to track and collect information about your use of mobile phones, including your location, and may share that information with the government if so requested. There is also the possibility of installing surveillance software on a phone that runs in the background without the user noticing. There is a risk of this, if your handset has been physically out of your hands for a period of time.
Phone companies have the capability to track and collect information about your use of mobile phones, including your location, and may share that information with the government if so requested. There is also the possibility of installing surveillance software on a phone that runs in the background without the user noticing. There is a risk of this, if your handset has been physically out of your hands for a period of time.
Plus de 200 milliards d’emails sont envoyés dans le monde chaque jour. Si l’email est un moyen extrêmement pratique pour échanger des informations, c’est également un outil très vulnérable : interception, usurpation d’identité, surveillance de boîte mail etc., sont autant de problèmes auxquels peuvent être confrontés les utilisateurs de boîtes emails. Il existe pourtant des moyens simples d’assurer la confidentialité de vos échanges sur Internet.
Dans l’épisode précédent "La sécurisation des mots de passe, c’est salée", j’avais expliqué l’intérêt du sel pour protéger les mots de passe de ses utilisateurs. On va voir désormais que cela n’est toujours pas suffisant, et que seul les poissons volants (blowfish) pourront nous sauver la mise !
Saler et hacher ne suffit pas
A la lecture de deux très bons articles sur le sujet : How to safely store a password (en), Exemple de stockage de mot de passe en Java : hashage et salage, est-ce suffisant ? ; on se rend compte que saler et hacher ne suffit pas !
Saler et hacher ne suffit pas
A la lecture de deux très bons articles sur le sujet : How to safely store a password (en), Exemple de stockage de mot de passe en Java : hashage et salage, est-ce suffisant ? ; on se rend compte que saler et hacher ne suffit pas !
Privly makes it possible for you to control your data after posting it across the internet. You can post to Facebook without allowing Facebook access to your communications, you can even unsend emails. Privly works by extending browsers to look for specially formatted links, which are then "injected" into the pages you are viewing. Privly is a Foundation owned concept being made by and for all internet users. For more information about what Privly is, read our about page.
In a previous article, I talked about some common security vulnerabilities that can affect your PHP web application. But there are other things besides those ten (okay, seven) attacks to think about when you’re developing. And so, this article offers a compendium of miscellaneous things that are security related; things you should do, things you shouldn’t do, things that other people might try to do, whatever it takes to make an article long enough for my editor to be satisfied with it.
Security is not a list of things you do. Security is a way of thinking, a way of looking at things, a way of dealing with the world that says “I don’t know how they’ll do it, but I know they’re going to try to screw me” and then, rather than dissolving into an existential funk, being proactive to prevent the problem.
But, you can’t buck statistics. Nobody is going to read an article entitled “Coding for Security.” Everyone wants an article with a number in it: “The 8 Most Common PHP Security Attacks and How to Avoid Them”, “23 Things Not to Say to a Super Model”, and “15 Reasons to Avoid Radiation Poisoning.” So, here goes, the “Top 10 PHP Security Vulnerabilities.”
But, you can’t buck statistics. Nobody is going to read an article entitled “Coding for Security.” Everyone wants an article with a number in it: “The 8 Most Common PHP Security Attacks and How to Avoid Them”, “23 Things Not to Say to a Super Model”, and “15 Reasons to Avoid Radiation Poisoning.” So, here goes, the “Top 10 PHP Security Vulnerabilities.”
exploit-exercises.com provides a variety of virtual machines, documentation and challenges that can be used to learn about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering.
BoxCryptor est un utilitaire permettant de crypter des données de manière entièrement sécurisée (il utilise l'algorithme de cryptage AES 256 bits). Il crée un dossier où seront stockés vos fichiers cryptés sur votre ordinateur à l'emplacement de votre choix (par exemple votre Dropbox) et qui sera accessible par l'intermédiaire d'un lecteur de disque virtuel. Toutes les données déposées dans le lecteur virtuel sont automatiquement cryptées à la volée, il est donc très aisé de l'utiliser avec un service cloud en ligne de type Dropbox ou Google Drive pour synchroniser vos fichiers sensibles et les conserver dans le nuage sans se soucier pour la confidentialité de ceux-ci.