Stanford security experts unveil defenses against ‘phishing’ attacks
It's an online con that is growing fast and stealing tens of millions of dollars.
An e-mail seemingly from a financial institution instructs you to log on to a legitimate-looking Web site. Such “phishing” attacks exploit a universal weakness in online security: passwords.
To read the rest of the story and download this new utility please go here:
well after a possible hack last week that was a pain in the as* i have reinstalled and i am setting up my security settings before i connect to the internet this time...
problem is that when i try to change the security setting using in the control setting the left panel (where the change is... (2 Replies)
slweb(1M)slweb(1M)NAME
slweb - start the HP-UX hardware event viewer tool (a Web interface)
SYNOPSIS
Path:
DESCRIPTION
The HP-UX hardware event viewer tool (slweb) can be used to display hardware events from log files or raw hexadecimal word pairs.
The command starts the user interface. Once started the help facility of is available and can be used to learn more about by clicking on
field labels or column headings.
The HP-UX hardware event viewer tool user interface uses a Web browser. Executing the command without any options performs the following
tasks:
o create server certificates if needed
o start the management Web server if it is not running
o start a Web client (browser)
An attempt will be made to connect to a Netscape Web browser running on the X server defined by the DISPLAY environment variable. If a
running Netscape client is found, it will be used, otherwise a new Netscape session will be initiated. This will only happen if the Net-
scape process is running the same system as that referenced by the DISPLAY variable, unless the option is used.
If is executed without any options, the server will stop automatically after a period of inactivity. If the server is started explicitly
using it will run until the system is rebooted or the server is stopped with
Options
The recognizes the following options:
Display events on a remote system (
hostname), using a client on the local system. The Web server on the remote system must already be running.
Forces a client browser to be used in less secure ways.
Two security features are overridden by the option.
The option forces the client browser to be used or started, even if the X-traffic between the X-server and the Netscape
browser is not secure.
If is executed by privileged user with the option, a temporary login bypass key will be generated. The bypass key allows
the user to access the Web interface without having to provide login information again.
Only use this option if you are sure the network traffic between the host where Netscape is running, and the host in the
DISPLAY variable is secure.
Forces the creation of new server certificates.
This can be performed if the server's certificates expire, or if the security of the certificates has been compromised.
When new certificates are created, the command will also restart the slweb Web server.
The option is only available to the because it requires creation of an SSL certificate.
The option is only available to the
stops the running slweb
Web server.
starts the slweb
Web server, if started this way, it will run until rebooted or until stopped with
displays the status of the slweb
Web server.
stops and then starts (
the slweb Web server.
Security Certificates
will generate an SSL certificate authority and use that to sign a generated SSL certificate. Because this certificate is self signed, your
web browser will probably prompt you to see if you want to accept this certificate before it connects to the HP-UX hardware event viewer
application.
It is possible to accept these certificates each time, just for the session, or you can accept the certificates on a permanent basis (10
years), and not have to accept them again later.
regenerates the certificates when they are not there, if the hostname is changed on the system, or when the option is used.
Online Help
Once the HP-UX hardware event viewer is started, the online help provides details on how to use the tool.
RETURN VALUES
Upon completion, returns one of the following values:
Successful.
An error occurred.
WARNINGS
Accepting a certificate saves an identifier for the certificate in a file where the browser is running. If you reinstall the gui, the cer-
tificate will be altered, and some browsers report the change in id as a potential security violation.
When this happens, you have to instruct your browser to delete the saved certificate. On Netscape 4.7x this is done by selecting the menu
pick. On the resulting dialog box, select the " area and delete any certificates for machine associated with the security violation.
AUTHORS
slweb was developed by Hewlett-Packard
REFERENCES
See the "privileges" man page for more information on the
slweb(1M)
