CodeAsDocumentation by Martin Fowler
Here is the link. I agree with his opinions.
The main threats to a Web server are:
See Securing Your Web Server in more detail.
nslookup:
Phases of SQL injection
Hacking the Windows SMB tutorial shows you how to hack the Windows SMB and provent to do that. Good tutorial!
The following is a list of well-known ports often used:
I'll update the lists.
I took a very very brief look at the book Pro .Net Directory Services Programming. I knew that .NET Directory Services is on top of ADSI before. About one month ago, I was trying to access the properties of a virtual directory programmingly and found that I was able to do that using System.DirectoryServices. That's why I bought this book and tried to see what System.DirectoryServices does cover.
First get the dll.
The main threats to a database server are:
See Securing Your Database Server in more detail. I didn't pay attention to network eavesdropping before. To counter network eavesdropping:
I need to dig more on the last three countermeasures.
The following are some common SQL injection commands:
The same technique might be used to execute a DROP TABLE statement or to execute a system stored procedure that created a new user account and added that user to the sysadmin role.
SQL injection attacks are possible because the SQL language contains a number of features that make it quite powerful and flexible, namely:
The most of the post is adopted from Stop SQL Injection Attacks Before They Stop You.
The following principles and implementations are adopted from Paul Litwin's article Stop SQL Injection Attacks Before They Stop You.
The corresponding implementations are: