-
Posts
34 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by Gaz
-
-
<< insert insult here >>
0 -
The problem is that finding a collision won't be a problem for forum softwares. A hacker would need access to the database to find the md5 hash anyways, and if he has access to the database, it doesn't really matter any more.
Exactly, and rainbow tables can be rendered useless by salting your hash.
The problem with MD5 collisions is when you're talking about binaries that could potentially be replaced with a malicious alternative with the same hash. Luckily most smart people are using SHA (for example, the FreeBSD ports system computes both MD5 + SHA-256 for a downloaded package; try finding a collision for both )
0 -
Plus at twenty I'm out of room to forward any more ports.
(ok, yeah, I know twenty is a lot but most are rarely used. Like all the filesharing ports -- I don't use them all the time, just every now and then when I need something.)
So am I out of luck or is it possible to do this?
If the DMZ function isn't doing what you want, and you're running out of forward input boxes on your router config the only other solution is to get a better router. Find an old box and learn how to use PF
0 -
and right away I see my sliding glass door is open.
Most likely they lifted the door up and off the tracks. I walked in on a burgler who used the same method; nearly made away with a laptop. Unlucky mike Get it checked out!
0 -
However, I was recently reviewing my web stats for one of my web sites, and I noticed most of the visitors were finding my web site by searching for pornography.
More likely what you are seeing is a result of Referer spamming.
0 -
In Firefox, if you want to open a link in a new tab, middle click it.
My middle click is paste
Ctrl+click works good
0 -
It's all there
0 -
[edit'] ahh, one sec, you said it can't update. Those links above are for something slightly different. They are for if there's a little popup box which says "This is not genuine..." erm, I know how to fix your problem, gimme a sec to find it...0
-
A company that sells a program that shares other peoples hard work for free really irritates me. They make money by exploiting other people. Stealing. I hope they and Limewire and bearshare and all the other ones get fined more they can pay and get shut down. Just my moral 2 cents.
These companies and open source projects create software that can be used to "share other peoples hard work for free". Should they be fined too?!
Ultimately, piracy happens because the end-user makes that decision. There is nothing wrong with P2P/any Technology, only the way in which it is (ab)used.
0 -
That tutorial has certainly perked my interest, are there any particular books you would recommend bascule?
0 -
Windows doesn't like booting for a drive that isn't primary. I have a setup of primary (gentoo) secondary (winxp) and used something like this in grub:
1 map (hd0) (hd1)2 map (hd1) (hd0)
3 rootnoverify (hd1,0)
4 chainloader +1
5 boot
http://www.gnu.org/software/grub/manual/html_node/map.html
CD-Roms etc don't show up as hdx in grub. Hope that helps
0 -
The program will only be used on some of the computers in the office. Nobody will have access to the program who doesn't already have access to the customer data.
Thats still no excuse to code sloppy sql-injectable code. What happens if Mr employee gets fired and decides to ' DROP DATABASE really_important_stuff ?
If they only need to display data, I suggest creating a read only user for the database in question and using that for queries.
0 -
Heh I can't get windows defender to update its defs (running XP SP2 in VMware)
Windows Defender was unable to complete the update: 0x8024001d. The system cannot write to the specified deviceGoogle says nothing :/
edit: fixed it by deleting C:\Windows\SoftwareDistribution\Download
0 -
You can learn more by looking at your webserver logs and grepping through them for common things like sql commands (union,select,insert) and characters that shouldn't be there. A lot of attacks on a site I run come from vietnamese and chinese proxies, consider blocking them if they aren't your audience. You can also check secunia and milw0rm for vulns; patch to the latest verison of your CMS when updates are available.
If you're running apache have a look at mod_security, it can stop a great deal of attacks if you're too lazy to update your webapps but it is by no means a reason not to patch; only a safety net if you forget.
Tree's code looked secure. I shall implement that.Proper could should never accept user input like that. Always validate! I would use a regular expression containing the list of pages "home|page1|page2" and compare input to the list.
PHP is executed server side. You cannot bring up info about other files/directories, or do pretty much anyathing at all, by executing a script on another server!It's not being executed on the some_free_host.com site. If you look at the code, it's telling it to include the contents of "some_really_nasty_script" into the current page, so it gets run on the poor webserver.
0 -
He should be jailed for being "excessivly cheesy"
0 -
Yes' date=' I've got it so that only my mac address is able to access it.
However, I have yet to disable all security, I'll try that one next.[/quote']
Start off simple; no mac filtering, no wpa key etc. this way you know if
a) your hardware / driver is bad or
b) you typo'd somewhere
Then slowly build up your security, wpa key; mac filter et al.
0 -
Kaspersky seems to do a good job on my brother's XP box
0 -
A Singapore researcher has found a way to make malware 100% undetectable under vista 64 bit using AMD's SVM/Pacifica virtualization technology. It basically creates an ultra-thin hypervisor that takes over control of the base operating system and there is no performance penalty - gfx and other devices are fully usable by the os which is now executing inside virtual machine. This all happens on-the-fly without rebooting.
A lot of the article sounds like marketing (matrix references et al) but the virtualisation technology is here..xen etc. oh and it doesn't just affect windows: "I see no reasons why it should not be possible to port it to other operating systems, like Linux or BSD"
http://theinvisiblethings.blogspot.com/2006/06/introducing-blue-pill.html
http://www.eweek.com/article2/0,1895,1983037,00.asp
" A working prototype of the Blue Pill will be unveiled at the Black Hat Briefings on the same day that Microsoft is scheduled to show off some of the key security features of Windows Vista.0 -
You're running a BETA os, from microsoft no less. What were you expecting?
0 -
If you want to make lots of money off support calls and fixing machines, go with the largely untested (in production environment) vista.
If you want something that is tried, tested and picked apart for security exploits go with XP or wait for vista SP2 *
*assuming unix/linux is not an option
0 -
IIRC from a TV prog I watched, it all needs to be calibrated for an individule that can take considerable time...
If this is true, then there is no doubt it will get pushed to the side - just look at voice regognition typing software and how unsuccessful that was.
I <3 my keyboard.
0 -
Public beta:
http://www.microsoft.com/windowsvista/getready/default.mspx
direct download
If you're into that sort of thing...
0 -
Go with Debian or one of the BSDs
0 -
Find an old box and install linux on it. There are plenty of great free FTP servers and it will be infinitely more secure and cheaper than paying for a licence and more legal than warezing soft.
0
Unix freeBSD help -> phpMyAdmin installation
in Computer Help
Posted
To get a list of what php extensions etc you have installed, you can use pkg_info(1) like so:
If php4-session isn't listed in that output you're going to want to install it:
This will take some time as it downloads the source and compiles. You can then restart apache with (i'm assuming you're running apache2 here)
More information on installing software is available if you get stuck.
The ports tree has both php5 and php4 available. So nope you don't want to install anything labeled php5-* since you're running 4.