Mallory is More than a Proxy - Raj Umadas and Mike Zusman of Intrepidus Group gave an amazing talk on Mallory last night at the Philadelphia OWASP chapter meeting. At first glance Mallory seems like a simple tool, just a proxy application that sits on the wire. Closer inspection, how
Evaluating CMS Security - When evaluating content management systems (CMS) it is extremely important to include criteria covering security considerations. CMS'es are complex, and extremely powerful web applications, and as such present interesting security challenges. Although m
Using Drupal XML-RPC to Bypass Authentication Failure Detection - Drupal provides robust, and largely ignored, XML remote procedure call (RPC) functionality. This functionality is available through the xmlrpc.php file that is available at the Drupal root in any installation. Any module can provide a hook into the XMLR
Securing Drupal User Accounts - Securing a default Drupal installation takes some work and forethought. Drupal's native functionality creates a number of vulnerabilities that can only be mitigated through careful configuration.
Brute Forcing Drupal - Brute forcing account credentials for Drupal 5 and 6 sites including a sample script.
Monitoring Drupal for Insecure Settings - The Drupal content management system (CMS) is a wonderful for maintaining multiple, user driven and owned websites. From a security context, however, Drupal can present a challenge.
Exploiting PHP PCRE Functions - An examination of the /e flag in the PHP preg_replace function and how it can lead to vulnerabilities (and exploits).
PHP Null Byte Poisoning - Null byte poisoning can be an extremely dangerous problem in PHP applications. In order to fully understand the PHP null byte issue we have to examine how C handles strings.
Writing OSSEC Custom Rules and Decoders - By default OSSEC monitors many of the programs commonly installed on a machine, but it's real power comes from the ability of system administrators to customize OSSEC.
Google Safe Browsing API - Google has put together a really cool API that allows developers to query their database of suspected malware and phishing sites.
User Insecurity and Open Source Projects - Who should be responsible for protecting users from themselves? Should the Drupal core code base prevent such situations from even being possible? It's arguable that they should.
Drupal Content Access Module XSS Fun - Asking me about computer security and privacy is probably a lot like asking a law enforcement agent about home security - you're going to get an answer colored by experience.
Defending Web Applications with PHPIDS - PHPIDS is a very intriguing project that mimics the functionality of much more involved intrusion detection systems.
SEI Advanced Incident Handling - Day 5 - The Software Engineering Institute, part of Carnegie Mellon University, and the organization that comprises CERT, offers an Advanced Incident Handling (AIH) course that I am currently attending.
SEI Advanced Incident Handling - Day 4 - The Software Engineering Institute, part of Carnegie Mellon University, and the organization that comprises CERT, offers an Advanced Incident Handling (AIH) course that I am currently attending.
SEI Advanced Incident Handling - Day 3 - The Software Engineering Institute, part of Carnegie Mellon University, and the organization that comprises CERT, offers an Advanced Incident Handling (AIH) course that I am currently attending.
SEI Advanced Incident Handling - Day 2 - The Software Engineering Institute, part of Carnegie Mellon University, and the organization that comprises CERT, offers an Advanced Incident Handling (AIH) course that I am currently attending.
SEI Advanced Incident Handling - Day 1 - The Software Engineering Institute, part of Carnegie Mellon University, and the organization that comprises CERT, offers an Advanced Incident Handling (AIH) course that I am currently attending.
Dangers of Drupal Cron - The Drupal default installation and configuration presents several security challenges and potential vulnerabilities with scheduling cron.
Envisioning Perspective - In order to properly assess the security posture of any organization it is essential to first make sure you can accurately gauge the landscape.
Educause Security 2009 - It's interesting to see a security conference so heavily focused on privacy, but identity theft is the intersection of privacy and security.
Security Review of NanoCMS - A brief security evaluation of NanoCMS version 0.4 final revealed a number of notable security vulnerabilities.
Review of Chained Exploits by Whitaker, Evans and Voth - Academic fields are severely limited by the vocabulary available to discuss issues and the "chained exploit" is sure to become a mainstay in the discourse of information security.
Security Evaluation of Frog CMS - Frog CMS is a lightweight content management system written in PHP that supports several back-end databases
Drupal Password Reset via XSS - The Drupal account page contains a flaw, which combined with a well crafted XSS attack, could be used to change a user's password to an arbitrary value.
OSSEC Version 2.0 Released - OSSEC is a wonderful open source host based intrusion detection tool that can greatly enhance your server security.
Drupal Security Team Ignores Multiple XSS Vulnerabilities - The Drupal security team's rather disappointing advice to rectify this situation was not to fix the vulnerabilities in the module code in question, but rather to limit the scope of users granted 'administer content types' privileges.
Post Compromise Shell Shoveling - Shoveling a shell is a process whereby an attacker can gain interactive access to a compromised host.
pPIM 1.01 Multiple Vulnerabilities - pPIM 1.01 contains multiple vulnerabilities, from version information leakage, to system credential disclosure.
Building an MD5 Rainbow Table - A short perl program that creates a MySQL database of MD5 values, or a rainbow table.
Web Application Security - In the latest Silver Bullet podcast Gary McGraw makes mention of the fact that he feels that web application security is attracting too much attention these days
Developing Security with Metrics - It is a professional hazard in security to become stuck in a reactive stance, always running to put out the latest fire.
Pen Tests are Bullshit - Recently I've spotted an increasingly tractable argument against pen testing emerging in the computer security industry.
InfoSec Institute Ethical Hacking Day 4 & 5 - I've just finished InfoSec Institute's Ethical Hacking class (http://www.infosecinstitute.com/courses/ethical_hacking_training.html). The last two days were so hectic that I didn't even get a chance to blog about them as I would have liked.
InfoSec Institute Ethical Hacking Day 3 - Day three of ethical hacking didn't end until about 7 PM and with the CPT exam scheduled for the end of day four I didn't get a chance to blog.
InfoSec Institute Ethical Hacking Day 2 - I've just finished the second day of InfoSec Institute's Ethical Hacking class (http://www.infosecinstitute.com/courses/ethical_hacking_training.html)
InfoSec Institute Ethical Hacking Day 1 - I've just finished the first day of InfoSec Institute's Ethical Hacking class (http://www.infosecinstitute.com/courses/ethical_hacking_training.html).
Installing TrueCrypt on Mandriva - TrueCrypt is a great encryption utility that is available for several operating systems and uses.
The Economy and Information Security - The internet security blog Security Aegis has just published an article, distilled out of interviews with some industry professionals, concerning the state of information security and the economy.
Undeniable Deniable Filesystems - In a new paper published on Bruce Schneier's website (http://www.schneier.com/paper-truecrypt-dfs.pdf), researchers examine deniable file systems (DFS).
Samurai Web Testing Framework - he Samurai Web Testing Framework is a bootable Linux CD that contains numerous tools specifically designed for web application penetration testing and vulnerability assessment.
Captcha Cracking - Network Security Research (http://network-security-research.blogspot.com/) has published a new paper that details some of the ways CAPTCHA can be defeated
Is Security Certification Worth it? - At some point in every security professionals career they look at certification and begin to weigh their value.
CEPT Practical - The Certified Ethical Penetration Tester (CEPT) certification is sponsored by the IACRB (Information Assurance Certification Review Board).
Security Researcher Toolkit - When you start working in computer security, as with many computer related fields, you'll find that there are a lot of expensive tools out there to assist in your work.
The New School of Information Security - The New School of Information Security is one of the most timely and radical books on computer and information security that I've ever read.
Developing Drupal Module Exploits - While the Drupal security team does a great job of making sure the core modules distributed with Drupal are secure, there are a host of third party contributed modules that often contain security problems.
What is Fast Flux Hosting? - Fast flux hosting, commonly utilized amongst malware bot herds and spammers, is a method used to hide servers.
MediaDefender DDOS of Revision3 - There's a very interesting write up of the recent denial of service attack against Revision3 on the company's blog.
OSSEC Intrustion Detection System - OSSEC is an open source host based intrusion detection system (IDS). An IDS is one of the most important tools available to a security administrator.
Microsoft Office Encryption 2003 and 2007 - This article was designed to address some nagging questions about utilizing Microsoft Office encryption as well as compatibility issues between Office 2003 and Office 2007.
USB Malware - Remember the good old days when you traded C-64 games with your friends by carrying your floppy drive over to his or her house to copy disks? Back in those days very few people had the two drives you needed to copy a disk so the entire process was a bit
The New Threats in Computer Security - One of the trends that seemed to come up over and over again was the changing landscape of computer security. There seems to have been two major sea changes in information security over the last couple of years.
Web Hacking Lesson 1 - This is the first in a series of training articles that goes hand in hand with a test site that should be downloaded and installed by the reader.
Is Oracle Data Encrypted on the Wire? - Determine if queries and responses to and from Oracle databases (which occur over TCP port 1512 by default) were encrypted.
On Multiple Single Factor Authentication - Two factor authentication is fast becoming an industry standard for high value applications. Unfortunately a lot of misunderstanding surrounds two factor authentication, and thus, the implementation is often less than ideal.
Using FreeNX on Mandriva - FreeNX is a remote desktop client/server program much like VNC. I've found that on Mandriva, remote connections using the TightVNC server that is usually installed, can be sluggish.
Exploiting Input Validation - Exploiting form input validation failures is one of the easiest ways to leverage control of a web server through an online application.
PHP Filesystem Security - A discussion of preventative measures PHP application developers can take when deploying their programs on a Linux filesystem.
Cross Site Request Forgery - A short discussion of cross site request forgery (XSRF) attacks and some simple preventative measures.
TCP/IP, Ports and Network Connections* - Understanding the TCP/IP handshake, including sequencing negotiation, how to view and discover available ports on local and remote machines and how to monitor local TCP/IP connections.
Linux Permissions - Understanding the nuances of file permissions in Linux is a daunting task.
Writing Buffer Overflows - A brief tutorial on buffer overflow vulnerabilities and developing exploits.
Wireless Hacking with Kismet - The proliferation of wireless networks is sometimes scary when you consider how insecure most wireless configurations are.
Effective File Removal - Removing a file from your computer is not as simple as just moving it to the 'Recycle Bin', read up on why and how to actually delete material from your hard drive.
NT Security Tools - A few good security tools for Windows, reviews, and links to download them.
Hardening Your Windows 2000 Server - A list of simple steps you can take to significantly increase the level of security on a default installation of Windows 2000.
Cold Fusion Server Security - Cold Fusion server security. Includes a discussion of accessing the CFIDE administrator function on Cold Fusion servers and RDS security.
Overview of Computer Security Part I - A rather long white paper on all sorts of aspects of computer security. Developed for a training program on computer security.