Archive for the ‘LINKS’ Category.

« Previous Entries
Next Entries »

Microsoft software expelled by top college

May 30, 2002, 8:57 am

vnunet:
Microsoft software expelled by top college

Newnham women’s college, Cambridge, has banned Microsoft Outlook and Outlook Express because it is tired of cleaning up after virus attacks.
The college, which has around 700 users, took the decision after the latest Klez virus outbreak.

Category: LINKS, security  |  Comment

The rise of hackers vs. colleges

May 29, 2002, 1:03 pm

Atlanta Journal-Constitution: The rise of hackers vs. colleges:
Security being bolstered for university computer systems

Category: LINKS, security, universities  |  Comment

outline weblog

May 28, 2002, 8:05 am

Marc Barrot’s outline weblog keeps getting cooler.

Category: LINKS, web  |  Comment

Six arrested over ‘Nigerian email’ frauds

May 24, 2002, 3:47 pm


Six arrested over ‘Nigerian email’ frauds:
Six people were arrested in South Africa last weekend on suspicion of being involved in the infamous Nigerian email and letter fraud.

Category: LINKS, security  |  Comment

Is Your Forest Burning?

May 24, 2002, 12:46 pm

Network World, Daniel Blum:
Is Your Forest Burning?

Over time, Microsoft has backed away from the single-forest concept, finally publishing this past winter a white paper disclosing that service administrators in one domain can’t be isolated from other domains in the forest. Since then, Microsoft has done a security-threat analysis. It determined that a serious hacker’s goal is to gain physical access to a domain controller, or network access to a service administrator account.

Microsoft also has been doing disaster planning. Recently, it wiped out the domain controllers on its entire development group forest, which serves thousands of users, and tested the procedures necessary to bring it back online. And at Microsoft’s recent TechEd conference, a speaker went so far as to advise large companies that “if you don’t have a single CIO, you shouldn’t have a single forest.”

Category: arch, LINKS, security  |  Comment

SQLSnake code analysis

May 22, 2002, 12:57 pm

Bakos & Jiang:
SQLSnake code analysis

Category: LINKS, security  |  Comment

DMCA Attacks: NAI Tells Sites To Remove PGP (Updated)

May 22, 2002, 12:37 pm

DMCA Attacks: NAI Tells Sites To Remove PGP (Updated) [Slashdot: News for nerds, stuff that matters]

Category: arch, LINKS, security  |  Comment

While looking for examples of SQL Code Injection attacks, I found

May 20, 2002, 4:23 pm

While looking for examples of SQL Code Injection attacks, I found

a nice concise summary of many typical web application vulnerabilities, including specific product-specific things to look for, e.g.:

MySQL

– Supports ‘INTO OUTFILE’
– Runs often as “root”
– Most modules and libs do not support multiple-statements.

Oracle

– Subselects possible
– UNION possible
– Comes with many stored procedures (utf_file!)
– No multiple-statements

DB2

– Subselects possible
– UNION possible
– Stored procedures
– No multiple-statements

Postgres

– Supports COPY (if superusermode)
– Subselects possible
– UNION possible
– Stored procedures
– Multiple statements are possible!

MS SQL

– Subselects possible
– UNION possible
– Stored procedures
– Multiple statements are possible!
– Many dangerous default stored procedures (xp_cmdshell, sp_adduser)

Category: LINKS, security  |  Comment

Did the Internet enable a new economy?

May 19, 2002, 1:46 pm

John Robb:
The New Economy
: “Did the Internet enable a new economy? I think the latest evidence says that it has. But it isn’t the new economy corporate America expected.”

Category: LINKS, misc  |  Comment

Wireless Networking at 72Mbps

May 18, 2002, 6:13 pm

Wireless Networking at 72Mbps Dual-channel 802.11a [Slashdot: News for nerds, stuff that matters]

Category: arch, LINKS  |  Comment
« Previous Entries
Next Entries »