Note: installing lamp-server^ may also install a few applications which you would not be able to use such as mysql client.
To make your web server browsable, there are two mains steps:
1) Modifying httpd.conf to map port 80 (default port for HTTP traffic) to the desired document directory
2) Configure security group permissions for your instance to allow traffic through port 80
3) Bind an elastic IP to your instance so that the instance can be browsed using a IPv4 IP (optional)
Motivated by the number of students I’ve met experiencing problem with establishing a connection to the SQL Server from Visual Studio, I’ve decided to type this summary up for anyone who has experienced similar problems. Comments are very much welcomed.
The specific versions of the softwares concerned are Microsoft SQL Server 2008 and Microsoft Visual Studio Web Developer Express 2010 but I suspect this problem could occur in other versions of Visual Studio.
Problem: Cannot find server name in drop down list (as shown below)
Over the last decade, the nature of cybercrime has gradually transformed from destructive to profit-seeking. A complex underground economy has emerged in which there is a clear division of labour, as shown in the figure below.
The different roles that exist in the underground economy are briefly described below:
I came across the above title on my facebook dashboard today and anyone who is slightly security-aware would be on their edge after seeing “CLICK HERE TO SEE” – a clear sign to lure the unknowing to click on a potentially malicious link.
A quick investigation into this found the following:
1) Once a person clicks on the link, he/she is forwarded to a domain named shockingmcdmeal.tk or mcdshocknmeals.tk
2) The homepage of shockingmcdmeal.tk is a FAKE Facebook fan page
3) It also LEGALLY obtains the users’ consent in using their “like” function on Facebook:
“This website is not created or affiliated with Facebook in anyway. | Trademarks, service marks, logos, (including, without limitation, the individual names of products and retailers) are the property of their respective owners. |
By clicking anywhere on this page, you acknowledge and you are giving full consent to use the 'like' feature of Facebook to 'like' this page and one other relevant page to promote the presence of this page on Facebook.
If you do not agree with the above terms, please exit this page immediately.”
I was reading news today and I stumbled across the news that Argos have been including in their Order Confirmation emails:
1) Customer’s full name
2) Customer’s full address
3) Customer’s full credit card number (embedded in HTML)
4) Customer’s card’s 3 digit security code (embedded in HTML)
..and yes, you guessed it, all in PLAINTEXT!
What does that mean? Well, if you’ve been reading your emails on a public Wifi LAN or your inbox has been stolen/intruded…you better check whether your card has been misused.
The security promises Argos made are as shown below (screen scraped on 07/03/2010):
Surely, if you thought it’s necessary to encrypt the transaction process then why would you be dumb enough to embed those same data in confirmation emails sent in plaintext?
Source of the flaw
The flaw was discovered by a PCPro reader when he was searching for another receipt in his email inbox using the last 4 digits of his card number. To his surprise, the order confirmation email from Argos came up and that’s when the critical flaw was found.
VeriSign confirmed the flaw and Argos claim to have apologised to that very customer but said he’s the only one who has reported the incident.
However, the story doesn’t end there. The latest news is that PCPro has found another flaw in those very same confirmation emails. The details are EMBEDDED in the URL which was supposed to direct the customer to the security page! How ironic!
WHY Argos?? (The consequence is not just in the email itself but your browser history too).
My personal experience
Luckily, I haven’t bought anything from Argos online for a very long time. However, I did manage to dig up an order confirmation email I had from Argos for an order back in 2007. I did a check in the HTML of the email and I don’t see any of the details embedded. In fact, none of the four fields of personal details I listed above were included in the confirmation email. So, what happened Argos and why?