The e-commerce sites can be online via a number of solutions. The site can be developed:
- With a customized solution (Development processing);
- From a software solution : Magento, Prestashop, osCommerce, Zen Cart, IBM Websphere Commerce Server, Microsoft Commerce Server, etc …
- From a SAAS platform : PowerBoutique, Oxatis, Rentashop, 42Stores …;
- From a tool for as a CMS (WordPress, Joomla, Drupal, etc …)
When you’re on a e-cart, how to know the technology that runs behind?
Examples:
- Magento sites, when it comes to the purchasing process the link ends with “checkout / OnePage /”
- For sites IBM Websphere commerce server, there is usually the “wcs” in the URLs of pages basket or purchasing process.
- For Microsoft sites, shopping page often ends with “Cart.aspx” (with the extension aspx, sign of the Microsoft technology).
I could multiply examples … but anyway with a little practice, you can guess the platform behind the e-commerce website very quickly.
If you do not know the platform (possibly because the site is developed with a specific programming language), by searching a bit, you get in general idea to identify the technology behind the site:
- “. Php ‘for sites in PHP
- “. Asp” for sites using the old technology of Microsoft;
- “. Aspx” for sites using the new technology “. NET” of Microsoft;
- “. Cfm” for sites using ColdFusion (technology for developing Web sites carried today by Adobe);
- “Servlet” somewhere in the URL for sites based on Java;
- …
Interesting?
Well it is useful to really know which technology powers the various sites. This is a great way to get a good idea about what makes a particular platform more popular. However, this analysis is limited but can help you to choose your next e-commerce platform.
Note: Each shopping cart software demands different kinds of server resources so make sure you pick the right hosting platform for your e-cart. If you are at starting point then you can start with shared hosting, but for advanced features you should consider Cloud Hosting or Virtual Private Server or Dedicated Server Hosting.
Having already had to do with SQL injection, it is something very disturbing … GreenSQL is a free GPL licensed solution to protect your MySQL databases from attacks such as “SQL Injection”, “Cross-Site Scripting” and “Cross-Site Request Forgeries.”
GreenSQL works as a proxy for SQL queries on MySQL databases. Note: that it is expected to operate also on the PostgreSQL database using the roadmap. You can also find the post that talks with the title: GreenSQL for PostgreSQL
The operation is based on an evaluation of SQL commands using a risk scoring matrix (It reminds me that spamassassin) and the blocking of administrative commands (DROP, CREATE, etc.).
GreenSQL operates in reverse-proxy, ie, the SQL query will be forwarded to GreenSQL will analyze it and then pass it on to MySQL so it is accepted.
GreenSQL listening on port 3305 and redirect requests to port 3306, port standard of MySQL
GreenSQL can operate in different modes:
* Simulation (IDS database) – only detect but not blocking anything
* Protection (database IPS) – Detect and block queries
* Learning Mode
* Protection against non listed queries
In the simulation mode, GreenSQL log in to SQL queries and sends a notification via the administration console to analyze suspicious requests by checking the risk scoring matrix to inform administrators.
In Protection mode, if a request is considered illegal following questioning of its algorithmic engine, a white list is consulted. If it appears in the white list, then it is sent to the MySQL engine. But if the request is deemed unlawful, GreenSQL returns a null response set to the application on the Web server. Of course with this method, it is possible to have false-positive and false negative errors …
The learning mode is precisely to correct this problem by learning the types of possible queries, it will then switch back to protect against those queries who are not in SQL query list.
When the mode of protection against non listed queries is enabled, applications or queries that were not included in the white list are automatically rejected.
GreenSQL will then calculate the risk posed by this application and assemble the information to the management console. This is the fastest mode because it only calculate the risk for new requests.
That is basically the operation of GreenSQL, which I think really be a very interesting solution, although the best is still to predict risks in development, but regarding the performance of the web application, it does not appear as it impacted on a performance test performed with the use of GreenSQL.
Note: GreenSQL packages are provided for the most common Linux distributions (CentOS, Debian, Fedora, Mandriva, RHEL 5, 5 SLE, Opensuse, Ubuntu)
Horde Webmail is even more of a collaborative framework of services. And since June 14, a new version of Horde is out. This is the version 4, which is a major new release.
The following new features and changes improved overall Horde 4 performance.
* Completely rewritten in php 5
* New installation procedure through a PEAR installer
* Simplifying the configuration process
* Support for ActiveSync
* Layout without frames
* Group preferences
* Improving the cache and reducing the size of the sessions.
* Shared libraries are faster
* Reducing dependencies on external libraries
* Many miscellaneous improvements.
Mail:
* Many interface improvements including a vertical side panel
* Complete rewrite of IMAP support for better support and a great performance improvement
* Increased and improved filter capabilities and research
* Rapid response capability
* Improved notifications of new posts
* Better display of HTML mail
* HTML Signature
* Automatic saving of drafts
* Support for custom IMAP flags
* Reduced memory usage
Address book:
* Search for duplicates and opportunities to merge contacts
Calendar:
* New AJAX interface with integrated task management
* New interface for mobile
* Resource planning
* Colorization of the calendar
* Tagging system
* Support for cross-timezone
* Support CalDAV
* Reinforced exceptions for recurring events
* Improved messages for notification and invitation.
Management tasks:
* New AJAX interface in the calendar
* System task list
* Colorization task lists
* Quickly add tasks
Simply open your web browser, and type any website address in it. The browser will take you to the exact page or information that you are looking for. But, how does this happen? How could be browser so sure that the information on this server is what is needed by the user? The browser knows it because of the DNS – Domain Name System.
The fact is, when you enter your domain name in the browser, it sends a request to the DNS server which holds the lists of “domain-ip-addresses”. By searching the IP address of that particular domain, it forwards the request to the specific web server where the website data is stored and once it is found, it is resent to the browser, resulting the expected page or information the user is seeking for.
If the server does not have the information you entered for a domain name, the query sequence is sent to DNS server to a higher level and so on to get the result. Now, just think about the damage that might occur as a result of an attack on a server. That’s right, you need to know, what attack can be performed on this type of server. Lets take a real example of attack that have taken place in the IT world. The attack was most popular and, carried the biggest expense and trouble to owners and users respectively.
It is a kind of attack, which is present in almost all lists of network attacks. Of course, this is DDoS Denial of Service – an attack that causes the victim’s condition. At first glance, the Internet , unlike other networks, is immune because of its global and, as a consequence, fragmentation components. But it is only at first glance, since the basis of this network are “platform components, which are the beginning and the foundation. Consequently, the elimination of the operational status of these components promise if you do not drop network, the serious troubles – exactly.
In the system of domain names there are total 13 root name servers.
These Root Name Servers are the status of Top Level Domain DNS. They have the largest database and are the beginning of the whole system. Ten of these servers are located in the United States of America. In order to avoid the physical impact on the servers, their location remains a secret, unfortunately.
In October 21, 2002 there was a DDoS attack for a very short period, aimed at ten our of thirteen Top Root Name Servers. The attack lasted about an hour. Maximum excess capacity of a single server identified by monitoring the attack, was found to be 40, that is 40 times more than he could handle the server. Naturally, after such an incident, the entire community was looking at the FBI. Those tried to get out of scrapes statement that “hackers used a sophisticated method of attack.” In fact, it was nothing more than an ordinary DdoS attack.
Of course, the one hour of attack does not caused much damage, but made it clear that not everything is as rosy as it seems, because it lasted.
If lasted for five hours and so, the losses would be considered to be billions. Why the one hour attack did not produce big losses? It is due to the fact that the DNS servers have the habit of recording information in the cache. It is this fact, and helped in this situation because the servers that are below the level than attacked, held out for that hour on the cache and have not performed queries. Therefore, the changes were not visible to the regular users of the network.
One of the methods of the DOS on the CSN can be AXFR (Asynchronous Full Transfer Zone) stream queries. Some of the root DNS Servers contain hundreds of thousands of records on servers in its zone of responsibility. Having formed AXFR query those DNS server, obtain this information, any user can. Fortunately, none of the servers in the domain .com, .org, .edu, .net, .mil and .gov allows AXFR queries.
However, much more vulnerable to a wide range of domains : .ar, .au, .bg, .cu, .cz, .ee, .eg, .es, .fi, .hu, .il, .in, .it, .my, .no, .pk, .se, .sg, .Tr, .Ua, .Za and .ru . If you are using BIND server as a solution to a problem with AXFR queries in versions 8 and 9, can use the mechanism limiting the transfer AXFR by allow-transfer.
Such is the history of DNS Servers having an ordinary DDoS attack. Thus, the DDoS attack is on the top of our list of possible attacks.