-
Shooting yourself in the foot
This is a very old one and you can find it on a ton of sites. Most recently I saw it at the InfoSecPodcast blog. Rather than reposting the whole, here is just my favorite one: Unix % ls foot.c foot.h foot.o toe.c toe.o % rm * .o rm: .o: No such file or directory…
-
Responsinble behavior
Disclaimer: the views expressed in this post (and on the entire blog) do not necessarily reflect the opinion of my past or current employers. These are entirely my own opinions. Know your audience! and Never underestimate human stupidity! these are two ideas missed by Alex Eckelberry in his latest blog post. Before I give you…
-
Hack the Gibson – special edition – aka lucky 13
I’ve been absent lately with the whole Hack the Gibson series, completely missing the 100th episode for example, not because I wouldn’t have material, but because I’m very busy (or very lazy, depending on your viewpoint :-)). However I just wanted to let you know about a usefull resource, which unfortunately seems to be dead…
-
Serving up authenticated static files
Two components which are usually found in web applications are authentication and static files. In this post I will try to show how these two interact. The post will refer to PHP and Apache specifically, since these are the platforms I’m familiar with, however the ideas are generally applicable. The advantages of static files are:…
-
Compressed HTTP
The HTTP standard allows for the delivered content to be compressed (to be more precise it allows for it to be encoded in different ways, one of the encoding being compression). Under Apache there are two simple ways to do this: Using the mod_deflate Apache module If you have mod_php activated, setting the zlib.output_compression variable…
-
The emperor is not naked!
I was reading the SANS journal for this morning (in my time zone :-)), titled Antivirus: The emperor is naked and got a little upset (probably because it’s very hot here and I didn’t had my morning tea yet :-D). If you are like me (eg. lazy) and don’t want go over to read the…
-
Living off of the hype
Disclaimer: I work for a competitor, however this is my personal opinion and does not necessarily represent the views of any of my past or future employers. So tell me, what does F-Secure exactly contribute to the malware fighting effort? Sure, they have a blog and a chief researcher who has an opinion about everything…
-
Finding a Windows computer based on its NetBios name
A short tip: when working in hybrid environments (that is where both Windows and Linux machines are present), it is useful to be able to lookup a machine IP based on its NetBios name. You can do this by writing nmblookup [the name of the computer]. This will do a broadcast on all the interfaces…
-
Offline updating of Debian systems
It has been my experience that a Linux system is much more usable if it’s connected to the Internet, because then the package management system can be used to resolve the dependencies of the programs. From what I’ve seen (and please bear in mind that I’m fairly new to it), in Linux it is much…
-
Computer immune system
Disclaimer: this post (as all the others) are my personal opinion and do not necessarily represent the opinions of any of my past or current employer. From time to time I get questions from people like: how to best secure my computer? or which security products to use?. Other times they me is product X…