A Productive Day
Posted on September 27th, 2008 at 22:02 by fr3@K

今天真是多產的一天啊, 連這篇也算的話今天已經寫了四篇文字. (文字的內容與品質則是另外一回事) 這該是個人最高紀錄了吧! 這代表了一件事情 - 我實在是太不務正業了!

昨晚開始拜讀 Rootkits, 加上今天上廁所的時候看了幾頁, 目前進度只有二十來頁. 怎麼說這都是我現階段要拿來吃飯的傢伙, 不能擺爛啊. 只是手邊積了幾篇寫了一半的文字, 不把它們寫一寫, get them out of the system, 老是覺得不是很自在.

這本書作者的寫作功力跟技術實力都很強, 雖然主題與我傳統上的興趣沒什麼相干, 但目前為止讀起來很好玩. 看來我很可能會上鉤, 以後又多個題目玩耍了.

拼一下看睡前能寫多少算多少, 明天繼續 root.

del.icio.us:A Productive Day digg:A Productive Day spurl:A Productive Day newsvine:A Productive Day furl:A Productive Day Y!:A Productive Day 黑米共享書籤:A Productive Day 推推王:A Productive Day

Tagged with ,
No Comments

Security Enhanced CRT, Safer Than Standard Library?
Posted on September 15th, 2008 at 0:48 by fr3@K

In a blog post Danny Kalev published earlier this year on InformIT, an example was presented demonstrating how one could write valid but insecure code involving vector and auto_ptr which compiles without any warning, despite other warnings Micorsoft’s recent compilers would’ve issued against standard compliant code. Together with other points he made in the post, Danny suggests Micorsoft doesn’t really care about your code safety. I couldn’t have agreed with him more, and would like to contribute my own analysis in support of Danny’s finding.
(more…)

del.icio.us:Security Enhanced CRT, Safer Than Standard Library? digg:Security Enhanced CRT, Safer Than Standard Library? spurl:Security Enhanced CRT, Safer Than Standard Library? newsvine:Security Enhanced CRT, Safer Than Standard Library? furl:Security Enhanced CRT, Safer Than Standard Library? Y!:Security Enhanced CRT, Safer Than Standard Library? 黑米共享書籤:Security Enhanced CRT, Safer Than Standard Library? 推推王:Security Enhanced CRT, Safer Than Standard Library?

Tagged with , , , , ,
2 Comments

iGoogle, Not Safer than Anything Else?
Posted on August 10th, 2008 at 17:51 by fr3@K

Some of my friends use iGoogle as a portal for handling daily office routines. They had been selling me the solution for a while. They were able to get me to give iGoogle a test drive a few weeks ago.
(more…)

del.icio.us:iGoogle, Not Safer than Anything Else? digg:iGoogle, Not Safer than Anything Else? spurl:iGoogle, Not Safer than Anything Else? newsvine:iGoogle, Not Safer than Anything Else? furl:iGoogle, Not Safer than Anything Else? Y!:iGoogle, Not Safer than Anything Else? 黑米共享書籤:iGoogle, Not Safer than Anything Else? 推推王:iGoogle, Not Safer than Anything Else?

Tagged with , , , , ,
No Comments

Knock Knock, You’ve Been Hacked!
Posted on April 6th, 2008 at 7:31 by fr3@K

I received an email yesterday afternoon, informing me this blog has been hacked:

Regarding fsfoundry.org,

This email is not an April’s fools email and it has been sent to notify you that your blog’s version is old and needs to be updated ASAP as it was hacked.

While tracking some Viagra spammers I have come accross several links coming from your blog and, after testing it, it appears your blog is 2.1.* generation hence vulnerable to SQL injection blind-fishing attacks. Search Google to learn more. In a few words: spammers can take full control of your blog in a matter of minutes and deface it at will.

These attacks are as serious as they can get as the spammers have full access to your blog and add hidden HTML elements to mask their links.

You MUST update your blog to the latest official WordPress version and manually clean your last 5-10 posts of the parasite links which you will only see in HTML view.

Not doing so may attract severe search engine penalties as you are currently linking to sites with VERY bad reputation.

Hoping you will take required action,
A.S.S. (Anonymous Security Specialist)

PS: I got your email address from your Dashboard / Users Management Section. I have warned many during the past months regarding the vulnerable blogs, being a blogger myself, but it seems I haven’t warned everyone. Lateste WordPress is secure.

PPS: Your login name is XXXX and password hash is XXXXXXXXXXXXXXXXXX

(more…)

del.icio.us:Knock Knock, You've Been Hacked! digg:Knock Knock, You've Been Hacked! spurl:Knock Knock, You've Been Hacked! newsvine:Knock Knock, You've Been Hacked! furl:Knock Knock, You've Been Hacked! Y!:Knock Knock, You've Been Hacked! 黑米共享書籤:Knock Knock, You've Been Hacked! 推推王:Knock Knock, You've Been Hacked!

Tagged with , , ,
No Comments

SiteMeter is Now SpyMeter?
Posted on April 26th, 2007 at 23:45 by fr3@K

SiteMeter 是一個提供幫助 web master 了解 viewer 瀏覽網站行為 服務的 provider. 有太多網站, 尤其是個人網站與部落格 (包括 COdE fr3@K) 使用他們的 free package.

大約幾周前, 除了原有的 SiteMeter, 我在站上另外加裝了 StatCounter (一個較少人使用, 提供類似服務的 provider). 今天有空看了StatCounter 的 一篇 blog, 才驚覺 SiteMeter 可能已經被 SpecificClick Network (一家專門側錄分析使用者在網上行為的公司) 收買. 雖然 StatCounter 沒有指名道姓, 但很容易就能猜到說的是 SiteMeter.

(more…)

del.icio.us:SiteMeter is Now SpyMeter? digg:SiteMeter is Now SpyMeter? spurl:SiteMeter is Now SpyMeter? newsvine:SiteMeter is Now SpyMeter? furl:SiteMeter is Now SpyMeter? Y!:SiteMeter is Now SpyMeter? 黑米共享書籤:SiteMeter is Now SpyMeter? 推推王:SiteMeter is Now SpyMeter?

Tagged with , , , , ,
2 Comments

只用密碼而沒有用戶名?
Posted on October 1st, 2006 at 12:07 by fr3@K

只用密碼認證? 非常有趣的 idea. 我不是 security 專家, 但還是覺得這篇 blog 不全然是在胡謅一通.

只是這樣不反而造成前人需要更改密碼的機會大大增加了?

密碼改了幾次, 還能記得嗎?

為了要確保能記住密碼而用了身份證號碼, 爸爸的手機, 媽媽的生日, 女朋友的三圍做密碼…. 這樣密碼還安全嗎?

del.icio.us:只用密碼而沒有用戶名? digg:只用密碼而沒有用戶名? spurl:只用密碼而沒有用戶名? newsvine:只用密碼而沒有用戶名? furl:只用密碼而沒有用戶名? Y!:只用密碼而沒有用戶名? 黑米共享書籤:只用密碼而沒有用戶名? 推推王:只用密碼而沒有用戶名?

Tagged with , , ,
No Comments

SSHing Hosts with Different Usernames
Posted on September 28th, 2006 at 20:43 by fr3@K

應該有不少人跟我一樣, 有好幾個在不同的地方 shell 帳號. 有自己的機器上的, 有公司的, 有花錢租的 virtual host, 有參加 FOSS 相關計畫用的. 這些帳號 (login name) 常不一樣.

當我在這些機器上 ssh 過來 ssh 過去的時候, 常得多敲好幾個鍵, 把 login name 餵給 ssh. 今天被這事情搞煩了, 認真把 ssh_config 的 man page 看了, 產出就是 ~/.ssh/config:


# Office
Host office-domain.name *.office-domain.name 192.168.* some-office-machine-name
    User login-name-at-office

# Some project
Host shell.foss-project.org
    User another-login-name
del.icio.us:SSHing Hosts with Different Usernames digg:SSHing Hosts with Different Usernames spurl:SSHing Hosts with Different Usernames newsvine:SSHing Hosts with Different Usernames furl:SSHing Hosts with Different Usernames Y!:SSHing Hosts with Different Usernames 黑米共享書籤:SSHing Hosts with Different Usernames 推推王:SSHing Hosts with Different Usernames

Tagged with , , ,
No Comments

SSH Port Forwarding Basics
Posted on May 18th, 2006 at 4:06 by fr3@K

Intro

SSH port forwarding 也稱為 SSH tunneling. 這個功能可把連到一個 ssh session 其中一端某個 port 的 TCP connection, 透過加密的 channel,forward 到 session 的另外一端的指定端口. 將開啟 port forwarding 的 ssh session 結束掉, port forwarding 也跟著結束.

Local to Remote Port Forwarding

下面的 command 會建立一個從 firedrake (我的電腦) 連到 fsfoundry.org 的 ssh session. 並且在 firedrake 的 localhost 的 port 8080 等待 incoming connection. 當有 connection 連進來, 該 connection 就會被 forward 到 fsfoundry.org 的 localhost port 3128:


    firedrake$ ssh fsfoundry.org -L 8080:localhost:3128

Remote to Local Port Forwarding

相反地, 下面的 command 會建立一個從 firedrake 連到 fsfoundry.org 的 ssh session. 並且在 fsfoundry.org 的 localhost 的 port 3128 等待 incoming connection. 當有 connection 連進來, 該 connection 就會被 forward 到 firedrake 的 localhost port 8080:


    firedrake$ ssh fsfoundry.org -R 8080:localhost:3128

X11 Forwarding

建立一個連到 fsfoundry.org 的 ssh session. 這個 session 會把在其 session 內開的 X11 application forward 回到 firedrake 的 X Server.


    firedrake$ ssh -X fsfoundry.org

比較舊版的 OpenSSH 用的是 -Y 而不是 -X.

del.icio.us:SSH Port Forwarding Basics digg:SSH Port Forwarding Basics spurl:SSH Port Forwarding Basics newsvine:SSH Port Forwarding Basics furl:SSH Port Forwarding Basics Y!:SSH Port Forwarding Basics 黑米共享書籤:SSH Port Forwarding Basics 推推王:SSH Port Forwarding Basics

Tagged with , , , ,
No Comments