Category: segurança

Quad9 is a free, recursive, anycast DNS platform that provides end users robust security protections, high-performance, and privacy. 

Security: Quad9 blocks against known malicious domains, preventing your computers and IoT devices from connecting malware or phishing sites. Whenever a Quad9 user clicks on a website link or types in an address into a web browser, Quad9 will check the site against the IBM X-Force threat intelligence database of over 40 billion analyzed web pages and images. Quad9 also taps feeds from 18 additional threat intelligence partners to block a large portion of the threats that present risk to end users and businesses alike. 

Performance: Quad9 systems are distributed worldwide in more than 70 locations at launch, with more than 160 locations in total on schedule for 2018. These servers are located primarily at Internet Exchange points, meaning that the distance and time required to get answers is lower than almost any other solution. These systems are distributed worldwide, not just in high-population areas, meaning users in less well-served areas can see significant improvements in speed on DNS lookups. The systems are “anycast” meaning that queries will automatically be routed to the closest operational system.

More information here

Qualidade segurança

There is a vulnerability in IBM WebSphere Application Server that could allow an HTTP response splitting attack in Channel.

More information on this link

portal segurança WebSphere WebSphere Portal

Several versions of WebSphere Portar are vulnerable.

BM WebSphere Portal could allow a remote attacker to obtain sensitive information, caused by the failure to restrict access to resources located within web applications. An attacker could exploit this vulnerability to obtain configuration data and other sensitive information.

How to fix this vulnerability ? Go to this link from IBM

 

segurança WebSphere WebSphere Portal

Em alguns casos é desejado ou necessário que algumas pessoas possam administrar os grupos no diretório Domino. Aparentemente é suficiente colocar o usuário ou grupo de usuários com acesso de editor/autor na ACL do names.nsf e marcar a role GroupModifier.  O problema é que se for dado este direito o usuário pode alterar qualquer grupo do Diretório, inclusive se colocar como LocalDomainAdmins ou Administrator ou outro grupo de segurança.
 Para solucionar o problema com segurança o  TN 1370433 explica uma alternativa onde não é necessário alterar o design do formuário Groups

segurança