The Cockoo’s Egg This book was one of the first hacker books I read – and it still stands as the best. Following the discovery, tracing and eventually unmasking of a highly sophisticated computer espionage ring, this story is thrilling, and best of all: true. The book is still surprisingly relevant, and many of the… Read more »
Monthly Archives:: February 2011
The rise and fall of HBGary Federal
Wired‘s Threat Level blog has a very good article on how not to run a professional information security services firm. HBGary Federal, that was recently hacked by the loosely attached group of hacktivists called Anonymous (press release here), has, it seems, fallen ill to some unknown spy movie virus when trying to unmask the group… Read more »
Hello HawkHost
A couple of days ago I wrote about how I was migrating this site away from Bluehost due to abysmal response times lately. Well, the results are just in, and I thought I’d share it with you. I went for HawkHost, and my experience so far has been great, just look at this: I use… Read more »
Lost your iPhone? Change your passwords!
Researchers at the Fraunhofer institute has done some interesting research on physical access attacks on iPhones and iPads. Turns out, if you have physical access to a turned off and locked iOS device, the process of getting all passwords on the phone boils down to three simple steps: Jailbreak it, thus getting SSH access Copy… Read more »
Bye, Bye, Bluehost
I’m currently migrating this site away from Bluehost, and I can’t say I’m going to miss them. Repeated downtime (uptime @99.7 % and going down), sharing server with DDoS targeted sites and a response time from hell finally got me looking for a new host. Although Bluehost was cheap there’s plenty of (cheap) fish in… Read more »
Norwegian newspaper VG sports rick rolls and riddles in HTTP headers
While testing the small python banner grabbing script I made a couple of weeks ago, I noticed some strange headers from the Norwegian newspaper VG: $ ./pybgrab.py http://www.vg.no [+] http://www.vg.no: [!] No ‘Server’ header received, the response contained the following headers: X-VG-WebServer: leon Cache-Control: must-revalidate Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 X-VG-WebCache: dexter X-Rick-Would-Never: Run Around… Read more »
How to use MBSA standalone to check a MS server for patch status
Recently I’ve been checking the patch level on a LOT of Microsoft servers, mostly versions of Microsoft Server and Microsoft SQL Server. Microsoft has a great tool for this, the Microsoft Baseline Security Analyzer. It’s legacy software, but it’s free of charge and still works like a charm. Obviously, not all administrators are too keen… Read more »