Archive for November, 2007

yl18.net: the chinese menace

Friday, November 16th, 2007

This is the story of an attack I had to investigate for a client. The synthoms: mass defacement of web pages in the server, the only tool: roughly 1GB of web server log files.
(more…)

Posted in Security | 1 Comment »

Net::DHCP

Monday, November 5th, 2007

The aim of Net::DHCP (hosted at RubyForge) is to provide a set of classes to low level handle the specifics of DHCP (rfc2131, rfc2132, etc.) in ruby.

With Net::DHCP you will be able to craft custom DHCP packages and have access to all the fields defined for the protocol.
(more…)

Posted in Networking, Ruby | No Comments »

sql injection: inference attack

Monday, November 5th, 2007

SQL Injection is the process of injecting SQL commands into strings processed by an application. This is possible when there is insufficient validation of user input before it is executed in dynamic SQL queries.

Different types of attack exist and not all of them are suitable for every situation.
(more…)

Posted in Security | No Comments »