Put up a survey today to solicit feedback about the rules, servers/platforms supported and so on. Please let me know what you want so I can work on it!
Take the survey here.
.::anti-abuse.com::.
Security Revealed
Archive for May, 2005
Modsecurity survey up
Posted in May 30th, 2005
Put up a survey today to solicit feedback about the rules, servers/platforms supported and so on. Please let me know what you want so I can work on it!
Take the survey here
.
Comments Off
modsecurity rules mailing list setup
Posted in May 25th, 2005
Setup the mailing list for the rules today. I’ll use it to announce new releases, to help the process of bug reporting, feature requests, etc. Please feel free to subscribe and start using it. You can sign up here:
http://lists.gotroot.com/mailman/listinfo/modsecurity (cache)
Comments Off
modsecurity rules mailing list setup
Posted in May 25th, 2005
Setup the mailing list for the rules today. I’ll use it to announce new releases, to help the process of bug reporting, feature requests, etc. Please feel free to subscribe and start using it. You can sign up here:
http://lists.gotroot.com/mailman/listinfo/modsecurity (cache)
Comments Off
New Rules Release
Posted in May 19th, 2005
Ok, just an update on the rules, put out two new releases today with both the application protection rules and the comment spam rules. Includes new sigs and tweaks for the former, and new rules for the later. If you don’t know that this is about, then check out the mod_security page. Now you can protect your webserver again known and unknown flaws in your web applications!
Download the rules, as always, from the rules page.
Please visit the main mod_security rules page for any notes about this release.
You can download the latest version of the application protect rules directly from this URL: http://www.gotroot.com/downloads/ftp/mod_security/rules.conf
And you can download the latest version of the blacklist rules from this URL: http://www.gotroot.com/downloads/ftp/mod_security/blacklist.conf
Please visit the mod_security rules page for the IIS rules.
Comments Off
No soup for you!
Posted in May 14th, 2005
Apple Insider is reporting (cache) that the Federal courts have ruled in Apple’s favor over its use of the trademark “Tiger” for its new operating system. Apple was sued by TigerDirect?, which asserted that it had the rights to “Tiger” and not Apple. More than likely, this was all about getting some press, and not really about the use of Tiger.
Comments Off
No soup for you!
Posted in May 14th, 2005
Apple Insider is reporting (cache) that the Federal courts have ruled in Apple’s favor over its use of the trademark “Tiger” for its new operating system. Apple was sued by TigerDirect?, which asserted that it had the rights to “Tiger” and not Apple. More than likely, this was all about getting some press, and not really about the use of Tiger.
Comments Off
Potential major security flaw with hyper-threading
Posted in May 13th, 2005
In October, 2004 Colin Percival discovered a vulnerability (cache) in the hyper-threading implementation (cache) of the entire Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processor line. This flaw allows for local information disclosure. This flaw was also disclosed by Dag Arne Osvik in the paper Other People’s Cache – HyperAttacks with HyperThreading (cache) and also by Dan Bernstein. This problem primarily effects multi-user systems (servers), and for now, the solution is to turn hyperthreading off. Its not clear if this is a timing attack, a cache information leakage attack or something else entirely. For the moment, Colin is keeping his details a secret, until later today, when he will release them at BSDCAN (cache). More details as we have them in the article. UPDATE: Colin’s paper is here.
Comments Off
Potential major security flaw with hyper-threading
Posted in May 13th, 2005
In October, 2004 Colin Percival discovered a vulnerability (cache) in the hyper-threading implementation (cache) of the entire Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processor line. This flaw allows for local information disclosure. This flaw was also disclosed by Dag Arne Osvik in the paper Other People’s Cache – HyperAttacks with HyperThreading (cache) and also by Dan Bernstein. This problem primarily effects multi-user systems (servers), and for now, the solution is to turn hyperthreading off. Its not clear if this is a timing attack, a cache information leakage attack or something else entirely. For the moment, Colin is keeping his details a secret, until later today, when he will release them at BSDCAN (cache). More details as we have them in the article. UPDATE: Colin’s paper is here.
Comments Off
AOL now offering free e-mail
Posted in May 12th, 2005
AOL has now gotten on the free e-mail love train. Matching google’s 2GB of free mail, the service is available to all net users, and not just AOL subscribers. The annoucement is here (cache). From the official announcement “Starting today, you can download the latest version of AIM and start using your AIM Screen Name to also send and receive emails. Now, AIM is not only the service that allows your friends and family to IM you, but by adding @aim.com to your Screen Name, it is how they can email you as well.”
So, you have to be using the AIM client to use it, but hey, its free. :-)
Comments Off
AOL now offering free e-mail
Posted in May 12th, 2005
AOL has now gotten on the free e-mail love train. Matching google’s 2GB of free mail, the service is available to all net users, and not just AOL subscribers. The annoucement is here (cache). From the official announcement “Starting today, you can download the latest version of AIM and start using your AIM Screen Name to also send and receive emails. Now, AIM is not only the service that allows your friends and family to IM you, but by adding @aim.com to your Screen Name, it is how they can email you as well.”
So, you have to be using the AIM client to use it, but hey, its free. :-)
Comments Off
New version of Firefox out 1.0.4
Posted in May 12th, 2005
Mozilla.org (cache) released version 1.0.4 of firefox. It includes fixes for the security vulnerabilities disclosed earlier this week. You can download it from here (cache).
Comments Off
Advertisments
Popular Tags
Recent Entries
- Info World: AT&T won’t stop Black Hat demo of cell phone eavesdropping “The operator denies rumors it will try to block a hacker’s demonstration of cell phone call interception at the Black Hat conference”
- c|net: Black Hat shines light on security (roundup)
- Bugtraq: CFP NcN 2010
- Bugtraq: [security bulletin] HPSBUX02556 SSRT100014 rev.2 – HP-UX Running rpc.ttdbserver, Remote Execution of Arbitrary Code
- Spotlight on Linux: SimplyMEPIS 8.5.x
- Infocon: green
- Web Traffic Analysis with httpry, (Fri, Jul 30th)
- Bugtraq: [HITB-Ann] Reminder: HITB2010 Malaysia Call for Papers Closing August 9th
- 6 Ways to Make Sure Your Sex Life Stays Private
- Information Security Investigator: BlackHat 2010 Video! The ATM Hack and Jackpot
Recent Comments
- Keine Kommentare vorhanden.
Social Network
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Jan | Jun » | |||||
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 31 | |||||