attack

Unix and Linux Discussions Tagged with attack
	Thread / Thread Starter	Last Post	Replies	Views	Forum
	Datacenter Crash (Server Unreachable for About 17 minutes) ( 1 2 3) Neo	02-26-2020 by Neo	14	6,437	Cybersecurity
	Denial Of Service Attack Update Neo	06-18-2019 by Neo	4	43,819	What is on Your Mind?
	UUCP attack? ctafret	10-29-2010 by methyl	4	3,643	Cybersecurity
	Phishing attack disguised as message from FDIC Linux Bot	01-20-2009 by Linux Bot	0	1,782	IT Security RSS
	Patricia Attack 0.6 (Default branch) Linux Bot	12-21-2008 by Linux Bot	0	653	Software Releases - RSS News
	Brute force SMTP attack right now help mcraul	11-30-2008 by research3	4	7,163	UNIX for Advanced & Expert Users
	A Different Kind of DoS Attack Linux Bot	09-17-2008 by Linux Bot	0	2,636	IT Security RSS
	The Attack of the Spiders from the Clouds Linux Bot	07-31-2008 by Linux Bot	0	4,203	Virtualization and Cloud Computing
	The Attack of the Spiders from the Clouds Linux Bot	07-31-2008 by Linux Bot	0	3,604	Virtualization and Cloud Computing
	anonymous ftp attack? dennisheazle	04-07-2008 by dennisheazle	2	6,598	Cybersecurity
	FAA: Boeing?s New 787 May Be Vulnerable to Hacker Attack Linux Bot	01-06-2008 by Linux Bot	0	1,516	Complex Event Processing RSS News
	Unix attacks in the last 5 years. suzant	10-04-2001 by suzant	6	5,813	Cybersecurity
	/var/log/httpd/access_log eddie	10-02-2001 by LivinFree	3	10,759	Cybersecurity
	Security Newsletter PxT	10-01-2001 by PxT	0	3,060	Cybersecurity
	Default.ida Traz	09-03-2001 by LivinFree	3	2,779	UNIX for Dummies Questions & Answers

LEARN ABOUT PHP

hash_equals

HASH_EQUALS(3)								 1							    HASH_EQUALS(3)

hash_equals - Timing attack safe string comparison

SYNOPSIS

       bool hash_equals (string  $known_string, string	$user_string)

DESCRIPTION

	Compares two strings using the same time whether they're equal or not.

	This function should be used to mitigate timing attacks; for instance, when testing crypt(3) password hashes.

PARAMETERS

	      o $known_string
		- The string of known length to compare against

	      o $user_string
		- The user-supplied string

RETURN VALUES

	Returns TRUE when the two strings are equal, FALSE otherwise.

ERRORS
/EXCEPTIONS
	Emits an E_WARNING message when either of the supplied parameters is not a string.

EXAMPLES

       Example #1

	       example

	      <?php
	      $expected  = crypt('12345', '$2a$07$usesomesillystringforsalt$');
	      $correct	 = crypt('12345', '$2a$07$usesomesillystringforsalt$');
	      $incorrect = crypt('apple',  '$2a$07$usesomesillystringforsalt$');

	      var_dump(hash_equals($expected, $correct));
	      var_dump(hash_equals($expected, $incorrect));
	      ?>

	      The above example will output:

	      bool(true)
	      bool(false)

NOTES

       Note

	       Both  arguments	must  be of the same length to be compared successfully. When arguments of differing length are supplied, FALSE is
	      returned immediately and the length of the known string may be leaked in case of a timing attack.

       Note

	       It is important to provide the user-supplied string as the second parameter, rather than the first.

PHP Documentation Group 													    HASH_EQUALS(3)