Articles in category 'en'

If the previous version of VMWare Converter for Linux was quite buggy (I had errors when trying to convert virtual machines stored on NFS or mount via SSH/Fuse), the 4.0.1 works well: I installed it on a VM running Ubuntu 9.04, and manage to convert (windows) VM without any problem.

August 20, 2009, 2:30 pm lock

So you your boss asked you to secure his new strategic web application which is part of his plan to conquer the world. But that damn developers are used to think that their work is finish when it just works, and debugging their whole code is simply not an option. Here’s the solution: use [...]

November 29, 2007, 1:08 am lock

Since all current CPU in new servers are able to run in 64 bits mode, and most Linux distribution are also available in 64 bits version, I was wondering why we still continue to install 32 bits operating systems ?
So, I took two Dell Poweredge 1950 with two Intel Pentium 4 Xeon quad-core 2 [...]

August 29, 2007, 9:07 am lock

As reported by the ISC, some people are using images to hide PHP code : if an image, contains PHP code, for example in the comment section, it may be included as an usual PHP file, and the PHP code will be happily executed. It may be a great way to hide malicious code in [...]

June 19, 2007, 4:19 pm lock

It is possible to an authenticated user in Cacti to modify the graph_start and graph_end parameters values in the URL, and specify higher numbers than expected in order to make cacti use all the server CPU.
For example, if an user modify a graph URL as seen is the location bar:
http://localhost/cacti/graph_image.php?local_graph_id=2&rra_id=0&view_type=tree&graph_start=1164236234&graph_end=1179871034
to this one:
http://localhost/cacti/graph_image.php?local_graph_id=2&rra_id=0&view_type=tree&graph_start=1164236234000&graph_end=1179871034000
rrdtool will take [...]

June 2, 2007, 12:17 pm lock

ModSecurity2 is a Web Application Firewall, integrated into Apache as a module. You can use it at the final web server by adding the module (especially if you have a HTTPS web server, so your IDS/IPS cannot analyze these flows), or by adding an Apache based reverse proxy in front of your [...]

March 19, 2007, 2:39 pm lock

FreeRadius is now the default Radius server at my employer (french telco/ISP), and we are really happy with that. However, I was asked to find a way to have round-robin repartition between LNS, and it is not a Freeradius functionality.
I first stared to use a external program executed with the attr_rewrite module to randomly select [...]

March 15, 2007, 7:04 pm lock

After six month of nice work on my laptop (Asus V6J), Ubuntu has released a new version, code name: Edgy Eft (version 6.10). The upgrade worked quite well on my lpatop, only few minor annoyances (the worst problem was caused by generation of wrong UUID for swap) .
What’s new in this release:

Optimized startup with [...]

March 1, 2007, 1:46 am lock

You will find here some bugs or issues I found in Fortinet Fortigate firewall/IDS/Anti-Virus/Anti-Spam gateway.
CVE-2005-3057 : Bypass Fortinet anti-virus using FTP
CVE-2005-3058 : Bypass Fortinet URL filtering

AV analysis impact on network performance:
I found a 23 K file for which the AV analysis causes some important delay for network connections (this file is here).
Configuration:
We are using [...]

February 13, 2006, 3:34 pm lock