• Best VPN Service

    Top VPNs that Unlock Netflix, provide Secure Torrenting, Strong Encryption, Fast Downloads, DNS Leak Protection, Identity Protection and have Cheap VPN prices.

    read more

    Hyper-V Concepts

    It's time to get familiar with Hyper-V Virtualization, virtual servers, virtual switches, virtual CPUs, virtual deployment infrastructure (VDI) and more.
    Read more

Hot Downloads

Everything You Need to Know About SQL Injection Attacks & Types, SQLi Code Example, Variations, Vulnerabilities & More

Posted in Web Application Vulnerability Scanners

Everything You Need to Know About SQL Injection Attacks & Types, SQLi Code Example, Variations, Vulnerabilities & More - 5.0 out of 5 based on 1 vote

sql injection introSQL Injection Attacks are one of the most popular attacks against web servers, websites and web applications. A fairly popular website can expect to receive anywhere between 80 and 250 SQL injection attacks on a daily basis and these figures can easily reach thousands when an SQL vulnerability is disclosed to the public.

This article aims to help network engineers, administrators, security experts and IT professionals understand what an SQL injection is by taking you step-by-step on how an HTTP SQL injection attack is executed using real code. 

Here is a list of topics we’ll cover:

Additional related articles:

SQL Injection Attacks - Basics

SQL Injection, or SQLi for short, refers to an attack vector that exploits a web application by abusing the inherent trust between the web application and the database. An SQL injection attack would allow an attacker to perform malicious actions on the database through the use of specially crafted SQL commands. SQL is the most commonly used database query language, making it ideal for an attacker to target.

Since SQL Injection attacks can be performed against a wide array of applications, this attack is one of the most widely common and most critical of web vulnerabilities. So much so that injection attacks, such as SQL Injection, have placed first in OWASP’s Top 10 list,  several times in a row.

SQL Injection attacks can allow an attacker to extract, modify, add and delete data from a database, in turn affecting data confidentiality, integrity and availability (since an attacker could potentially delete data and disrupt operations). In addition, an SQL Injection attack can be used as a springboard to escalate the attack.

Example of an SQL Injection Vulnerability

example of sql injectionA web application would typically communicate with a variety of back-end systems, including a database. Let’s take an HTML form, which inserts values into a database, as an example. 

Once the form is filled out and submitted, an HTTP request (usually a POST request) is sent to the web application, where the input values are directly included into the SQL statement that will insert these values into the database

The only way an SQL Injection vulnerability could occur is if the web application trusts the user’s input without parameterizing it and using prepared statements. This is done by instructing the database that a certain part of the query should be executed while the rest is to be treated as the user’s input. 

Prepared statements ensure that the database does not interpret certain characters in the user’s input as part of the SQL statement, therefore allowing the attacker to submit their own SQL statements

Register to download Acunetix and perform free network & web server vulnerability scans: https://www.acunetix.com/vulnerability-scanner/online-scanner/

SQL Injection example: The following pseudo code is a simple example showing how a user can be authenticated:

NEXUS NX-OS: Useful Commands, CLI Scripting, Hints & Tips, Python Scripting and more

Posted in Cisco Data Center

NEXUS NX-OS: Useful Commands, CLI Scripting, Hints & Tips, Python Scripting and more - 5.0 out of 5 based on 23 votes

cisco nexus configurationWhether you’re new to Cisco Nexus switches or have been working with them for years this article will show how to get around the Nexus NX-OS using smart CLI commands and parameters, create your own commands and more. Learn how to filter show command outputs, efficiently use include | begin | exclude search operators, Turn pagination on/off, redirect output to files, run multiple commands in one CLI line, capture specific keywords from show command output,  create custom CLI commands using alias, execute scripts, introduction of Python environment in the Nexus NX-OS, executing Python scripts and much more!

By the end of this article we’ll agree there’s no doubt the Cisco NX-OS has several interesting commands and powerful scripting capabilities that can improve and facilitate the day-to-day administration of CISCO Nexus network devices.  

While basic knowledge on the Cisco NX-OS, Linux and Python scripting is recommended, it is not mandatory in order to understand the topics covered.

Here’s a list of topics covered:

Additional related articles:

NX-OS Command Output Filtering – Search Operators

cisco nexus cli commands tips tricksThe output from NX-OS show commands can be lengthy and that makes it difficult to find the information we are looking for. The Cisco NX-OS software provides the means to search and filter the output to assist in locating the information we are after. 

Experienced Cisco users will surely be familiar with the IOS (Catalyst) include | begin | exclude search operators which are also offered in the Nexus NX-OS (see below). The NX-OS offers additional searching and filtering options, which follow a pipe character (|) at the end of the show command. This provides amazing flexibility and helps make administration of any Nexus device a great experience. The most “Linux-like” useful options are displayed below:

N5k-UP# show interface brief | ?
<…>
diff  Show difference between current and previous invocation (creates temp files: remove them with 'diff-clean' command and dont use it on commands with big outputs, like 'show tech'!)
egrep  Egrep - print lines matching a pattern
grep  Grep - print lines matching a pattern
less  Filter for paging
no-more  Turn-off pagination for command output
section   Show lines that include the pattern as well as the subsequent lines that are more indented than matching line
sort    Stream Sorter
source   Run a script (python, tcl,...) from bootflash:scripts
vsh   The shell that understands cli command
wc   Count words, lines, characters
xml   Output in xml format (according to .xsd definitions)
begin   Begin with the line that matches
count   Count number of lines
exclude   Exclude lines that match
include   Include lines that match 

Filtering Output From The ‘Show’ Command - ‘Show <command> | grep’ & ‘Show <command>egrep’ Parameters

Free Webinar: Migrating from Hyper-V to VMware

Posted in Windows Server 2016

Free Webinar: Migrating from Hyper-V to VMware - 5.0 out of 5 based on 1 vote

hyper-v vmware migration webinarIf your organization is planning to migration from a Hyper-V virtualization environment to VMware then this FREE webinar is just for you.

Aimed toward Hyper-V and VMware admins this webinar will cover critical topics such as:

  • vSphere basics and a crash course in HA, DRS, and vMotion
  • Management differences between vSphere and Hyper-V
  • How to migrate VMs from Hyper-V to VMware using the VMware vSphere Converter

The entire session will be geared towards Hyper-V admins who are looking to broaden their horizons by adding VMware know-how to their toolbox.

Webinar Date: Tuesday, June 27th 2017

Time: Time for US attendees: (10am PDT / 1pm EDT), Time for EU attendees: (2pm CEST)

Click here to register for this FREE Webinar

Best VPN Review: StrongVPN. Download Speed Τest, Torrenting, Netflix, BBC, HULU, DNS Leak Test, Security, VPN Options, Device Support and more

Posted in Best VPN Reviews

Best VPN Review: StrongVPN. Download Speed Τest, Torrenting, Netflix, BBC, HULU, DNS Leak Test, Security, VPN Options, Device Support and more - 5.0 out of 5 based on 4 votes

strongvpn top ratedStrongVPN is one of the most popular VPN service around the world. With a presence in over 23 countries,+650 servers, cheap prices, Strong Encryption and blazing fast download speeds – it rightfully deserves the No.1 position in our Best VPN Review.

This in-depth review took weeks to write as we performed extensive testing on workstations and mobile clients, downloading, VPN torrenting, performing security tests, VoIP & Video latency, gaming and more, in an attempt to discover any flaws, issues or limitations the VPN service might have. Here’s what we’ve tested and reviewed for our readers: 

Without any further delay, let’s take a look and see what StrongVPN was able to deliver during these very challenging tests!

Positives:

  • Ranked No.1 in our Best VPN Service review
  • Superfast Download/Upload Speeds supporting Torrents
  • Very low Latency
  • Strong Encryption
  • Zero-Log Policy
  • Effective DNS Leak, IP Leak & WebRTC Protection
  • Cheap for 12 month signup plans 

Concerns:

  • Kill-switch
  • 5 day money-back guarantee period

Visit StrongVPN

Overview 

StrongVPN is one of the oldest in the industry, beginning as a humble PC company in 1994. A subsidiary of Reliable Hosting, the company was created after a move to San Francisco prompted the sale of VPN services.

The US-based company doesn’t promise a whole lot on its website, but under the hood it’s a fast VPN with a no-log policy and great customer service. It supports 5 concurrent connections for $10 per month, or just $5.83 a month if you opt for a yearly package.

While some of the best VPNs focus on a wide range of servers, StrongVPN prioritises speed and the ability to unblock Netflix. It has servers in 45 cities across 23 countries, most of which can bypass region blocks.

Such functionality has made this StrongVPN very popular in China and other countries with aggressive blocking policies. This review will analyze the benefits for a new, global audience.

Ease of Use – StrongVPNGUI Interface

StrongVPN’s install is as simple as it gets. Users are presented with a regular installer and just have to hit next until it’s complete. StrongVPN intelligently installs TAP drivers, requiring no extra prompts. After completion, the application will launch automatically.

At first glance, StrongVPN’s interface is simple. It presents your location, a list of servers, and VPN protocol used to encrypt traffic. Most users will never have to go outside of this interface, leaving a minimal, simple experience.

The StrongVPN client - Probably not the best looking GUI but surely the best service

The StrongVPN client - Probably not the best looking GUI but surely the best service

Once you drill down into settings, things get more complex. Though well-labelled, there’s a lot of information with no tooltips or tutorial. However, these are presented as advanced options so, naturally, they are targeted at power users.

3CX Unified Communications New Web Client IP Phone, Web Meetings, Click-to-Call & More with V15.5

Posted in IP PBX - Unified Communications

3CX Unified Communications New Web Client IP Phone, Web Meetings, Click-to-Call & More with V15.5 - 5.0 out of 5 based on 1 vote

3cx video conferenceThe developers of the popular software PBX, 3CX, have announced another major update to their unified communications solution! The latest release, 3CX v15.5, makes the phone system faster, more secure and more reliable with a number of improvements and brand new features. 

 Notably, v15.5 brings with it a totally new concept for the PBX system, a completely web-based softphone client that can be launched straight from any open-standards browser. The web client has an attractive, modern interface which makes it incredibly user-friendly, allowing tasks such as call transferring, deskphone control and more to be carried out in a single click.

3CX’s Web-Client provides leading features packed in an easy-to-use GUI

3CX’s Web-Client provides leading features packed in an easy-to-use GUI

Download Your Free 3CX IP PBX Now!

Unified Communications IP PBX That Can Be Deployed Anywhere

Furthering their commitment to providing an easy to install and manage PBX, 3CX has also made deployment easier and more flexible. 3CX can be deployed on MiniPC appliances of leading brands such as Intel, Zotac, Shuttle and Gigabyte meaning that businesses on a budget can ensure enterprise level communications at a fraction of the price.

Additionally, 3CX has ensured more freedom of choice when it comes to deploying the PBX in the cloud. With more supported hosters, such as 1&1, and an easy to use 8 step wizard that allows customers and resellers to have a fully configured PBX up and running in minutes. 

IP PBX with Integrated Web Conferencing

The brand new web client includes integrated web conferencing completely free of charge without any additional licensing or administration. Video conferences are held directly from the browser with no additional downloads or plugins, and most importantly, this applies to remote participants as well!

3CX: IP PBX Web Client with integrated Web Conferencing Free of Charge!

3CX: IP PBX Web Client with integrated Web Conferencing Free of Charge!

More Reliable, Easier to Control Your Deskphone or Smartphone

By implementing the uaCSTA standard for deskphones, 3CX has significantly improved remote control of phones. This has ensured more reliable control of IP phones regardless of the location of the extension or whether or not the PBX is being run on-premise or in the cloud. Moreover, the 3CX smartphone clients for Android and iOS can now also be remote controlled.

3CX’s Click-to-Call Feature from any Web page or CRM

3CX’s Click-to-Call Feature from any Web page or CRM

Additional Improvements & Features Include:

  • Click2Call Chrome Extension to dial from any web page or CRM
  • Integrated Hotel Module
  • Support for Google Firebase PUSH
  • Achieve PCI compliance in financial environments

Find out more about v15.5 and try it out today for FREE by heading over to the 3CX website.

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup