What exactly is John trying to do?
John Beetlesman, the hacker has successfully compromised the Linux system of Angent Telecommunications, Inc’s?Webserver running Apache. He has downloaded sensitive documents and database files off the machine.
Upon performing various tasks, Beetlesman finally runs the following command on the Linux box before disconnecting.
for (( i = 0;i<11;i++ )); do
?dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done
What exactly is John trying to do?
What is the countermeasure against XSS scripting?
Consider the following code:
URL:http://www.xsecurity.com/search.pl?text=alert(document.cookie)
If an attacker can trick a victim user to click a link like this, and the Web application does not validate input, then the victim’s browser will pop up an alert showing the users current set of cookies. An attacker can do much more damage, including stealing passwords, resetting your home page, or redirecting the user to another Web site.
What is the countermeasure against XSS scripting?