I published the following diary on isc.sans.edu: “Quickly Investigating Websites with Lookyloo”: While we are enjoying our weekend, it’s always a good time to learn about new pieces of software that could be added to your toolbox. Security analysts have often to quickly investigate a website for malicious content and
I published the following diary on isc.sans.org: “Webshell looking for interesting files“: Yesterday, I found on Pastebin a bunch of samples of a webshell that integrates an interesting feature: It provides a console mode that you can use to execute commands on the victim host. The look and feel of the
If you own a website, you already know that servers are visited all day long by bots and crawlers with multiple intents, sometimes good but also sometimes bad. An interesting field in web server logs is the “user-agent”. The RFC 2616 describes the User-Agent field used in HTTP requests:
CMS or “Content Management Systems” became vey common for a few years. Popular CMS are WordPress, Drupal or Joomla. You can rent some space at a hosting provider for a few bucks or even find free hosting platforms. You can deploy them in a few minutes on your own server. Then, you
In the process of extending my pastemon tool, I’ve a quick poll for you. At the moment, I’m monitoring pastebin.com (and soon another one) but what are your favorite paste sites? Please take a few seconds to answer the questions:
The HTTP protocol has a list of response status codes to help communication between the server and the browser. Everytime a server responds to a browser request, a status code is sent. The most common ones are: “200” which means “Everything is ok, here is some food!” and “404” which
URL shortener on-line services are very helpful. You probably already use them every day. With mobile Internet and micro-blogging services like Twitter , it’s much more convenient to use short URLs. But the downside is, once again, the bad guys who quickly understood the opportunity of new type of attacks.
I heard the following quote today in a online video about a commercial product and I found it so true: “HTTP became the new TCP!” TCP, or “Transmission Control Protocol“, runs at the transport layer (4th) of the OSI model. HTTP runs on an upper one, the application layer. Historically,
What a coincidence! Yesterday I posted an article about protecting your brand in the web 2.0 jungle and today a nice story was reported on Slashdot. A very nice example of bad communication on the web 2.0. Robert Morgan, a Microsoft Research employee, wrote on his LinkedIn profile: “Working in
This afternoon I followed a webcast about the protection of your brand in the web 2.0 jungle. A fact is that the reputation of a brand built during years can be destroyed in only a few minutes! Think about that! Just to remind you, the “web 2.0” is the huge
