Type: Posts; User: HTRegz; Keyword(s):
Search took 0.07 seconds.
September 30th, 2009, 10:01 PM
I'm speaking at SecTor (www.sector.ca) in Toronto next week and I'm trying to collect some data on perceptions of SSL from various target groups.
I figured I'd post an additional survey here --...
September 13th, 2009, 09:46 PM
UDP is a different sort of beast because it is Connectionless. You don't have the S, SA, A of TCP to confirm if a port is open, instead you have to rely on ICMP error messages, which are often...
September 13th, 2009, 09:44 PM
Awwww, you mentioned my name :) Although I like it better when they mention my last name as well.
Windows 7 RTM isn't actually affected, only Windows 7 RC is affected.
Also it looks like it's...
September 13th, 2009, 09:41 PM
The number of "in production" W2K servers would probably astound most people. I actually think this is a big issue and one that I find slightly concerning. As for blocking 139/445, since this is in...
March 22nd, 2009, 06:30 AM
That second post was definitely unnecessarily snappy.
There are problems with your code, but they could also be problems on the use side
1) No ':' at the end of your if statement...
March 13th, 2009, 07:25 AM
There's been page-long articles on my concerns over client-side DoS and DoS in general? Damn... where, all I've seen are my blog posts.
Whether or not the issue is widespread is not the case......
March 13th, 2009, 06:09 AM
The problem is they don't close the door in this case if the horse has bolted... they only close the door if the horse is already there... Meaning the other horse could bolt as well (to beat an...
March 12th, 2009, 05:30 PM
I heard back from MSFT and this was the intended functionality of the patch.
It sounds like functionality beat security here... and that sounds like an issue to me.
March 11th, 2009, 09:38 AM
I'm glad you managed to track down the problem... if you have any problems going forward, please let me know.
March 11th, 2009, 09:06 AM
Just wanted to share that the MS09-008 patch isn't as cut and dry as it seems. There's an issue where if someone has already exploited CVE-2009-0093, the issue will not be properly...
March 10th, 2009, 05:55 PM
Have you contacted nCircle Technical Support? You can also email me ( tyler [at] ncircle [dot] com ) and I can make sure your issue gets to the right people.
March 10th, 2009, 08:47 AM
You simply need to craft your query properly.
1) Is the form method POST or GET? This will change how the query is crafted. Your example makes use of a GET (no body, simply URL...
March 8th, 2009, 12:58 AM
That's a fairly generic question... so here's a fairly generic answer :)
It is indeed possible to change the reported version for many of your services. This will confuse software that...
March 4th, 2009, 05:49 AM
I'm gonna be at CanSecWest this year, so I figured I'd see who was going to be there to meet up for a beer. (http://cansecwest.com/)
March 4th, 2009, 05:33 AM
Whether or not he can access his email externally in dependent on a number on things.
Let's start with, How does he access his email at work?
Is it in a client (Outlook, Thunderbird, Eudora)...
March 4th, 2009, 05:24 AM
I'd recommend that you give Ubuntu Server a try... let it install and see where you end up
As for a GUI, you should definitely be able to get something up and running I used to run GUIs on my...
March 4th, 2009, 12:43 AM
There are quite a few places you can look...
While this may not help with infecting your VM, there's some interesting stuff at the virus source code database (http://vscdb.totallygeek.com/).
February 27th, 2009, 05:05 AM
Using metasploit is about 25 pages out of the overall total of the book, and it's not for everyone... or people that already know a thing or two but it's a great learning resource (one of the reasons...
February 26th, 2009, 02:24 PM
Most of the time, I find certs are useless... Sure as CSR mentioned, certs are useful when you don't have hands on experience... other than that the only time I'd advocate for them is if you...
February 25th, 2009, 02:26 PM
Spec: I highly suggest you check out Gray Hat Hacking... it changed my opinion on books with the word Hacking in them :) it's got a decent group of authors. Chris Eagle (who released the IDA Pro book...
February 25th, 2009, 01:52 AM
metguru has some good options... I have Reversing - The Secrets of Reverse Engineering sitting on my bookshelf. Hacking - The Art of Exploitation... I wouldn't pay for it... but I'd read it.
February 25th, 2009, 01:45 AM
Sites can definitely NOT "borrow" cookie information... that would be the opposite of all the security models that they attempt to put in place...
As Spec mentioned, generally those ads are based...
February 24th, 2009, 06:40 AM
macnux: Do some reading on the Same Origin Policy (http://en.wikipedia.org/wiki/Same_origin_policy). Essentially a website would have to violate the Same Origin Policy in order to access your...
February 23rd, 2009, 02:23 PM
I don't know how you installed it.. but if you installed and configured everything yourself might I suggest walking away and finding an easier way?
I'm a huge fan of XAMPP -...
February 23rd, 2009, 06:46 AM
I think you're confusing a home network and a "real network"... I mean those devices aren't even really routers... They are poorly named NAT devices. If they were real routers you could layer them...