Website Application Security Scanner Using Local File Inclusion and Remote File Inclusion

Today many web-based applications developed to be accessible via the internet. The problem that often occurs is commonly found on web application vulnerabilities. Many application developers often ignore security issues when developing applications that can cause substantial losses if a hacker manages to gain access to the system. A hacker can replace web pages, obtain sensitive information, or even take over control of the website. For that reason there is a need for applications that can help developers to overcome these problems. This application is expected to detect the vulnerabilities that exist on a website. Existing processes include: The process of crawling to get the whole link from target websites, attacking process is useful for testing the attacks, and the last is the process of displaying a report about the security hole on the website. This application is developed using Microsoft Visual C # 2010. Based on the results of tests made on this application, it can be concluded that the application can detect vulnerabilities in the website and report any form of link that has a security hole on the website

Blocking Java Applets at the Firewall

This paper explores the problem of protecting a site on the Internet against hostile external Java applets while allowing trusted internal applets to run. With careful implementation, a site can be made resistant to current Java security weaknesses as well as those yet to be discovered. In addition, we describe a new attack on certain sophisticated firewalls that is most effectively realized as a Java applet

DENIAL OF SERVICE ATTACKS

This paper describes the most common types of DoS, including the latest one, named Distributed Reflection Denial of Service. The operation of the Internet’s TCP protocol is followed by complete explanation on how several types of DoS work. Bandwidth and CPU load are very important aspects on how the resources are delivered by the servers. Therefore an attack that produces load on any of the two resources – bandwidth and processing power – can cause valid traffic not to obtain useful service, because of the malicious attack. The crucial fact is that the world is changing rapidly and the world's Internet of today and tomorrow is not the Internet of yesterday. Therefore we must be one step behind (if not forward) any attacker, in order to be prepared and make our servers stay live on the Internet.DoS, Denial of Service, hijack, DRDoS, Internet attack, vulnerability, TCP/IP, TCP, crack, sniff, routing, router