Secure Your Web Site from Clickjacking Attack

Clickjacking is well known web application vulnerabilities. For example, it was used as an attack on Twitter. To defense Clickjacking attack on your Apache web server, you can use X-FRAME-OPTIONS to avoid your website being hacked from Clickjacking.

The X-Frame-Options in HTTP response header can be used to indicate whether or not a browser should be allowed to open a page in frame or iframe. This will prevent site content embedded into other sites. Did you every try embed Google.com in your website as frame? You can’t because it’s protected and you can protect it too. (more…)

Read More

Cisco VPN Client on Windows 10 [SOLVED]

Here’s how to get it working in 2 easy steps:

1. Download and install the Sonicwall 64-bit VPN client from HERE (as of this writing).

2. Install the Cisco VPN client.  Edit:  If you get an error that it cannot run on this operating system then just extract the .exe file and run the .msi file.  Problem solved.

(more…)

Read More

How To Connect Ubuntu Linux to Cisco VPN

I have a client who uses a Cisco VPN to protect their network, and I exclusively use Ubuntu in my consulting work. At the moment, they don’t easily work together out-of-the-box, even though they should. To get access to their network, I was provided with a PCF file, used to configure VPN client software to connect to the VPN server. However, after importing the configuration file, I simply couldn’t connect.

In theory, you can use the standard NetworkManager utility to connect to your Cisco VPN, but it doesn’t actually work. I’ve outlined the process that’s supposed to work, and the one that’s necessary to actually make it happen. (more…)

Read More

How to disable service listing in Axis2

Apache Axis2 is a Web Services / SOAP / WSDL engine, the successor to the widely used Apache Axis SOAP stack.
Number of users have requested to have a way to enable/disable service listing in Axis2. What that means is, by default Axis2 list out all the service in the system when you go the following URL;

http://localhost:8080/axis2/services/listServices (more…)

Read More

FireWall in Centos 7 masked

FireWall in Centos 7 masked
How to resolve the error message below
Failed to issue method call: Unit firewalld.service is masked.

The main reason a service is masked is to prevent accidental starting or enabling of a serive.
For example firewalld can be masked with the following commad
systemctl mask firewalld (more…)

Read More

Configure a User Account to Log On Automatically on Windows 7

Requiring the user to enter credentials when his computer starts is an important part of Windows security. If a user account automatically logs on, anyone who has physical access to the computer can restart it and access the user’s files. Nonetheless, there are scenarios where a computer is physically secure and automatic logon might be desired. To configure a workgroup computer (you cannot perform these steps on a domain member) to automatically log on, follow these steps: (more…)

Read More