Brain-Cluster.com Brain-Cluster.com is a free blogging website to share all sort of technical issue, article, How-to, latest news, etc.

11Apr/140

How to test Heartbleed Bug

What is SSL Heartbleed Bug in simple English? Basically it is a program bug/vulnerability in the SSL/TLS encryption that is widely use by most of the Internet applications such as website, VPN, email, etc. This allow the attacker to read/steal the your communication information. For more detail, you can check out http://heartbleed.com/ and http://www.kb.cert.org/vuls/id/720951 How to test […]

11Sep/090

Disable Lotus Domino/Notes HTTP TRACE / TRACK Methods

HTTP TRACE / TRACK Methods
Synopsis : Debugging functions are enabled on the remote web server.

Description :

The remote webserver supports the TRACE and/or TRACK methods. TRACE
and TRACK are HTTP methods which are used to debug web server
connections.

In addition, it has been shown that servers supporting the TRACE
method are subject to cross-site scripting attacks, dubbed XST for
"Cross-Site Tracing", when used in conjunction with various weaknesses
in browsers. An attacker may use this flaw to trick your legitimate
web users to give him their credentials. 

4Sep/090

Disable HTTP TRACE / TRACK Methods for Oracle-HTTP-Server (Apache)

HTTP TRACE / TRACK Methods
Synopsis :

Debugging functions are enabled on the remote web server.

Description :

The remote webserver supports the TRACE and/or TRACK methods. TRACE
and TRACK are HTTP methods which are used to debug web server
connections.