Search DominoPower's 10,675 Lotus-related article archive 
Home
EasyPrint
News details Click here for the RSS feed's XML code. This is not a browser URL.
Articles-only Click here for the RSS feed's XML code. This is not a browser URL.
Twitter Feed Click here for the Twitter feed.
HACKING PREVENTION
The security of common sense
By Steven D. Campbell

This article contains examples of code that could potentially be used to hack into a Domino Web site. DominoPower in no way endorses the practice of hacking. The code samples presented here are concrete examples of the methodologies used to compromise Domino security and are good learning tools in that respect.

It seems as if companies and their computers are being hacked on a continuous basis. Every day we get news reports of major Web sites whose content was tampered with. In fact, there's been so much panic about security issues that I think we need to really re-examine our procedures and get back to common sense.

Name and rank
To determine your susceptibility to security breaches, you must first decide what category you fit in. Your company is either high risk or low risk. High risk companies are: any government agency (CIA, NSA, etc.), any company with a massive audience (Yahoo, CNN, etc.), or any company engaged in very controversial activities (pro-choice groups, National Rifle Association, etc.).

If you're not in one of the above groups, then you're probably low risk. People don't seem to want to believe this, but it's true. Hackers hack into government agencies because it's a historical right of passage for them and because they feel there are some dark secrets hidden within the bureaucracy that they want to uncover. Hackers break into companies with large audiences because hacking is like graffiti: the larger the billboard the more people can see you were there and what you have to say. Lastly, they break into companies engaged in things they find personally repugnant and are willing to face punishment by attempting to disrupt them.

I'm not here to defend hacking. I think it's silly and, as I'll illustrate, a big waste of time. Also, I personally have an aversion to ever hearing the words, "The United States of America versus Steven Campbell." Talk about one-sided… Still, people do hack, and there are ways to break into Domino Web sites and compromise Domino security.

The enemy
I'm going to go backwards and first start talking about the least likely security breaches and then move up to the most common. This is because attention seems to be paid to them in this very order.

The distant third most common form of security breach is outside attack. That is, an attack by some person not connected with your company in any way. They may be 16 year-old hackers with no homework that night or sophisticated industrial spies selling information to your competitors. People also lump anarchists in here as potential attackers. I know we programmers may seem messy, but programming is structured and follows strict rules that must be adhered to. No self-respecting anarchist has "Programmer" on his or her business card.

1  ·  2  ·  3  ·  4  ·  5  ·  6  ·  7  ·  8  ·  9  ·  10  ·  Next »
Other articles you might like
Home > Strategies > Security (19 articles)
   Incident report: denial of service attack against ConnectedPhotographer.com
   Centralised email encryption at the Domino server level
   Analysis: Spying Chinese temptress steals senior Brit's BlackBerry
Get Weekly Email Updates
Subscribe to our regular weekly email newsletter. It's packed with tips, reviews, deep analysis, and the latest news.
 
Recent DominoPower Articles
What to look for in a Domino-based document management solution
Understanding Domino.doc end-of-life options
When the debugger won't debug hidden code that isn't hidden
What to do if the LotusScript debugger won't single-step over code
Top 10 ways to launch and build a Lotus consulting practice (with a little help from the Beatles)
Troubleshooting an OpenSuse Notes install
Incident report: denial of service attack against ConnectedPhotographer.com
Latest Lotus Headlines
SnTT - Enabling ALL the bells and whistles!
Tivoli Data protection causes Domino to crash
Fun when running DB2 CLP scripts
Introducing Flippr, the easy way to admin Quickr
DXL and fake security
Using search forms in IBM Workplace Collaborative Learning 2.7
Schmidt, Freed, and Gering on the OVF Toolkit
>> Read all the news
More from the ZATZ journals
Computing Unplugged: Eight steps to successful and reliable home backups
David Gewirtz Online: CNN commentary and analysis
OutlookPower: Can Outlook run when it's not running (and other mysteries)?
-- Advertisement --

PDF Conversion for Lotus Notes
Convert Lotus Notes documents to PDF for sharing, archiving or web printing.

  • 1-step PDF: As easy as clicking a Lotus Notes toolbar icon
  • Archive email folders or views as a self-contained PDF
  • Convert any document collection into a PDF file
  • Produce print-quality output from Web applications
  • Client side or Server side conversion
  • Doesn't require any DLL files
  • LotusScript API for developers


Ready to learn more?
-- Advertisement --

Easy Domino Access: Remove Passwords, End Login Prompts, Reduce Password Management
PistolStar's Password Power provides browser-based single sign-on to Lotus Domino, Sametime and Quickr with the enhanced security of the Kerberos or NTLM authentication protocol.

  • Full support available for NTLM authentication protocol in non-Active Directory environments
  • Seamlessly integrate Microsoft Active Directory and the Kerberos authentication protocol
  • Leverage Active Directory password policies to unify Lotus applications


Learn more about Password Power's powerful, advanced functionality.
ZATZ Home  ·  News  ·  Back Issues  ·  Credits/Trademarks ·  Link To Us
Copyright © 1998-2009, ZATZ Publishing. All rights reserved worldwide.
Editor's Login