-
What is HIPS and what isn’t?
I support Microsoft’s attempt to introduce kernel patch protection whole heartedly and I don’t have a too high opinion about HIPSs either, but this interview can only be characterized as: Microsoft trying to say: look, HIPS products can work with KPP Sophos saying: we have HIPS too To make it even clearer: running an executable…
-
The hidden capabilities of windows firewall
Windows, beginning with XP SP2 contains a decent firewall. It doesn’t have leak prevention or outbound connection filtering. However it does have: inbound connection filtering, ICMP filtering, a default deny policy, GUI and command line interface, configuration using group policy and something I discovered only recently: limiting a certain rule with multiple IP / netmasks…
-
Graceful degradation people!
I went to check out Less Accounting (because I saw it at the Web 2.0 show). Here are two screenshots, one with javascript enabled and the other with it disabled: Do I really need javascript to submit a simple form? Really? As for the server running the given website, its version number isn’t too reassuring…
-
The Problem with Programming
Via Raganworld comes the following interview with Bjarne Stroustrup (you know, the C++ guy :)): The Problem with Programming My favorite quote: There are just two kinds of languages: the ones everybody complains about and the ones nobody uses. (the article has also a nice threaded discussion possibility added. almost as nice as the one…
-
How to create a well behaved bot?
From the ever watchful master of bots and scrapers incrediBILL (:-)) comes the following tip, which you might find useful if you yourself plan / need to implement a web crawler as part of your product / service.
-
Nmap online
Some brave people have put online a service where you can scan an arbitrary computer with Nmap using their server to do the scanning on your behalf. One can say that this is the grownup version of Shields Up!. I was worried that their service could be abused in an attack-by-proxy (or in this case…
-
Threaded vs. Flat discussions
This post from Coding Horror talks about a subject near and dear to my heart: the usability of the discussion boards. Here is my take on what constitutes an easy to use environment: Flat discussion works best if few replies are expected for a given topic. You can make sure of this by splitting up…
-
Things I read / listen to – part2
While going through the motions of checking for new items on Google Reader, I realized that many great blogs / podcasts were left out from the last list I published. For example Casting from the server room which is a (great) podcast similar to In The Trenches (and not surprisingly they are both members of…
-
If you dot’ succeed at first…
try harder. I was trying to get Ubuntu (6.10) to hibernate, without much success (remember, I’m a Linux newbie). One of the side effects of the experiment was that Ubuntu did not recognize my swap partition any more (probably because during the hibernation-attempt it was overwritten with some random data from memory). If you find…
-
Things I read / listen to
After getting mentioned on a great security/forensics blog, I thought I list of the feeds I watch. This is not a comprehensive list (I have at least twice as much in my Google Reader), but these are the ones with which I try to keep up: 2600.com – Off the hook radio show. While sometimes…