From: James Eaton-Lee (j.eatonlee@gmail.com)
Date: Fri Dec 09 2005 - 09:03:58 EST
On Wed, 2005-12-07 at 11:36 +0000, James Eaton-Lee wrote:
> I did a presentation on this for a talk I recently gave in Dundee. Some
> of the headings are a bit off because I was cramming material from what
> was originally an essay into a presentation lasting about 45 minutes,
> but most of the technical information is fairly accurate, so you're
> welcome to it if you want it.
>
> Available under Creative Commons Attribution/Sharealike 2.5 at
> http://www.jeremiad.org/download.shtml
As an afterthought to this, and having looked through the webserver logs
(as any security-conscious admin having posted a URL to a securityfocus
list should!)...
I award five security points to the visitor who used wget to fetch
download.shtml for inspection *before* opening it with a browser (links)
on his "-hardened-" linux system.
On the other hand, -5 security points from the people who generated the
9 hits (3 unique IPs) from hosts with useragent strings indicating
they're running on windows 98. (One of you is even using IE!)
In case anyone's actually interested in the paper, I'll try to remember
to quietly mention it when it's released!
- James.
-- James (njan) Eaton-Lee | 10807960 Semper Monemus Sed Non Audiunt, Ergo Lartus - (Jean-Croix) sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:15 EDT