I published the following diary on isc.sans.edu: “(Ab)Using Security Tools & Controls for the Bad“: As security practitioners, we give daily advice to our customers to increase the security level of their infrastructures. Install this tool, enable this feature, disable this function, etc. When enabled, these techniques can also be
I published the following diary on isc.sans.edu: “Using Sudo with Python For More Security Controls“: I’m a big fan of the Sudo command. This tool, available on every UNIX flavor, allows system administrators to provide access to certain users/groups to certain commands as root or another user. This is performed with a
Developers need to implement good error handling procedures in their code. There is nothing more annoying that something like “error 0x4e45ff“. On the other side, reporting too much details to the end user can lead to security threads! Use Google and search for “mysql error and look the cached pages.