Storing both CHECKSUM data and files on the same server

Problem:


A lot of people store their application source files and respective check-sum files on the same servers. Users will not notice even if their files and checksum data files become changed.


Suggestion:

- Separate CheckSum file and downloadable files on separate servers.
- Use PGP Signature.

Comments

Popular posts from this blog

XSS: Gaining access to HttpOnly Cookie in 2012

HttpOnly Session ID in URL and Page Body | Cross Site Scripting

From Vulnerability to Exploit (Joomla! SQL Injection)