Archive for July 26th, 2011

Imperva (http://www.imperva.com ) isolated the four most prevalent Web application attacks:

1. Directory traversal = 37%
2. cross site scripting =36%
3. SQL injection =23%
4. Remote file include =4%

Sources:-
http://www.imperva.com/index.html
http://www.pcmag.com/article2/0,2817,2389117,00.asp

How to use ncftpget to copy directories from FTP server.

The old ftp command is not convenient for recursively copying directories from the command line. An alternative to the ftp command is the ncftpget.

1. Download ncftpget

a. RHEL/Fedora/CentOS


yum install ncftpget

b.Debian/Ubuntu


apt-get install ncftpget

2. Make sure you have the hostname, username and password of the ftp server, from which you want to download a bunch of directories. Let us say you want to copy /var/www/html in the ftp server to a local directory /home/user1/Desktop


ncftpget –u ftpusername -R -v ftp.example.com /home/user1/Desktop /var/www/html

You will be prompted for a password, once you entered the correct password, it will recursively(-R) download the files under /var/www/html to /home/user1/Desktop in a verbose(-v) mode – that is you will see the file transfer on your screen for each file.

The format is


ncftpget -u username -R -c hostname-of-ftp-server local-directory remote-directory

Of course it is recommended to use ftp as a last resort, otherwise you should use secure tools or protocols for security reasons. Recommended ones are sftp and scp.