http://negative.blogsome.com Mstrbtn tchnqs shld b ncrgd nd tght n the pblc schl systms! Sat, 22 Oct 2005 23:32:22 +0000 http://backend.userland.com/rss092 en I’m done with this blog. The archive will stay here for other purpose. It doesn’t mean that I hate blog. I just don’t like the way it handles my articles. Wiki is good to fill my needs. Will redirect you to my other page in 5 seconds. Or… just go to http://jim.geovedi.com/ http://negative.blogsome.com/2005/04/07/bye/ Just came back from holiday and reviewed apache logfile on my homeserver, I noticed that there are some wacky lines in access_log: 200.217.***.*** - - [11/Feb/2005:15:47:15 +0700] "GET /cgi-bin/awstats.pl?configdir=|echo%20; echo%20;id;echo%20;echo| HTTP/1.0" 404 287 200.217.***.*** - - [11/Feb/2005:15:47:45 +0700] "GET /awstats/awstats.pl?configdir=|echo%20; echo%20;id;echo%20;echo| HTTP/1.0" 404 287 After 2 minutes googling, I found a reference to the AWSTATS exploit. Looks ... http://negative.blogsome.com/2005/02/14/awexpl-strikes/ Probably due to Santy worm, Google filtering some keywords. But, it seems that Google guys are just searching for predefined strings…not so smart! inurl: admin.php [Blocked], inurl: admin.PHP [Pass], inurl:”admin php” [Pass], anything different than .php (for example: .pHp) will work.. http://negative.blogsome.com/2005/02/05/google_smart/ The Higher Regional Court now has ruled that blocking email by content is unlawful as it is considered confidential in German law. Blocking is only allowed when, say, a viral attack is imminent. The implications of the ruling aren’t yet fully clear. Whether the Higher Regional Court has unintentionally legalised ... http://negative.blogsome.com/2005/01/20/german_email_blocking/ On Tue, 18 Jan 2005 14:31:39 EST, “Sigmon Cheri Y Civ 82 CSS/SCPD :: Software Dev” said: Item: The “ongoing” debate among choices of open source vs. proprietary (all companies’) solutions, not just the major players in the industry. I’m certain you’ve seen similar situations… where there are groups of people ... http://negative.blogsome.com/2005/01/20/writing_secure_code/ [Sidebar: Fill Your Jump Bag] A “jump bag” is a collection of critical items you might need during crisis response when an attacker invades your network. It should contain these items: Tape recorder or minidisk Backup media Binary backup software CDs with statically linked binaries of critical OS executables Forensic software Windows NT and 2000 resource kits Bootable ... http://negative.blogsome.com/2005/01/20/jump_bag/ Several kernel level bounds checking vulnerabilities were found during an audit performed by Immunity team on the recent Darwin kernel xnu­517.7.7. These vulnerabilities are mostly in user to kernel memory copy operations and also allocation of kernel memory driven by user supplied size value(s). Well, they also put the ... http://negative.blogsome.com/2005/01/19/nukido/ Starting today until January 14, 2005, I’ll be in BS7799 Lead Auditor Course organized by Bellua — in association with Bureau Veritas, at Gran Melia Hotel, Jakarta. The course is intended for all those who wish to undertake and eventually lead audits of Information Security Management Systems. It is also ... http://negative.blogsome.com/2005/01/10/bs7799_course/ Honeynet Project just released a report about the security of Linux. The life expectancy of Linux has lengthened dramatically since 2001 and 2002, the project said, from a mere 72 hours two and three years ago to an average of three months today. Why? There are several explanations for that: Default ... http://negative.blogsome.com/2005/01/07/honeynet_trend_analysis/ The FBI is warning that fraudsters are using internet scams in the aftermath of the Asian tsunami disaster. The agency is warning of phishing websites claiming to be for relief charities, and emails offering to find victims for a fee or requesting that money be deposited in overseas accounts. Perhaps ... http://negative.blogsome.com/2005/01/07/tsunami-email-scams/