For anyone that has done a long source code audit is not about really finding the easy/low hanging fruit stuff that can be slow and sometimes a bit “frustrating”. I recently had a nice 660,000 lines of code source code audit to be done in less than 2 weeks, the language was Java, so the first thing that was to be done (they had already hit fortify and other tools with it) and were looking for a bit of more interesting stuff apparently. This raised some specific problems while working and finding the vulnerabilities and exploitability of them.

Read the rest of this entry »

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , ,

Comments No Comments »

MapPress is a WordPress plugin that provides an interface to Google Maps and easily allows you to insert detailed Google Maps into WordPress posts or pages. We have a site that provides password auditing services called QD Tools and on the homepage there is a map that lists the city, state/province, and country of our customers. I have been using MapPress Pro for a long time because it offers lots of extra features and MapPress itself is such an awesome plugin I like supporting the developer. Anyhow the Google Map on the QD Tools homepage is has over 1,000 markers and continues to grow. I wanted to modify the default MapPress/Google Maps marker that was being used but there is no way in MapPress to retroactively change this so the instructions below explain how to do this.

Read the rest of this entry »

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , , , , , , , , ,

Comments 2 Comments »

If you are attempting to FTP to a server running vsftpd as its FTP daemon you will be refused if this is a default vsftpd installation. It is strongly recommended to not allow root access to FTP because of security concerns which would provide the ftp user access to destroy anything on the server running FTP at will. Regardless it might be necessary for specific tasks and the below information will assist you in configuring vsftpd to allow the root user to login.

Read the rest of this entry »

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , ,

Comments No Comments »

I have been meaning for a long time to set some configuration parameters for specific file types including which applications open them by default. I deal with a lot of different file types and I am typically having to scroll through a long list of Mac applications to select the one that I want to open the file. Since its not easy to do this in one spot on Mac OSX Mountain Lion without adding a third party application I started looking around to see what was available and ended up with Default Apps by Rubicode. Below I describe installing Default Apps and how it works.

Read the rest of this entry »

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , , , , , , , , , , , ,

Comments No Comments »

Earlier while trying to SSH to a device from a Terminal windows on my Macbook Pro running OSX version 10.8, also known as Mountain Lion, I received an error when attempting to connect to a 64 Bit Windows 7 Professional server. The error in the Mac Terminal window stated that the terminal failed to initialize. After troubleshooting I realized that the Windows 7 Pro server, which is running WinSSHD as an SSH server, didn’t like the default terminal emulation that the Terminal window, which is xterm-color256, in OSX Mountain Lion uses. Below we describe the error message in more detail and how to resolve this issue within the Terminal window itself or by installing iTerm2.

Read the rest of this entry »

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedInEmail
Tags: , , , , , , , , , , , , , ,

Comments No Comments »