[blog.rayfoo]

Before and After you join a company

ray — Mon, 08 Mar 2010 14:31:39 +0000

Saw this at Biggy Heady, too funny not to share Translated loosely from a Chinese blog post (http://drjimdiary.blogspot.com/2009/06/blog-post.html) Before you join the company … Boss: Welcome! Office without you sure will looks different! Employee: If I am too tired working, I may just quit. Boss: Don’t worry about that, I won’t let it happens. Employee: Can I rest on weekends? Boss: [...]

Troubleshooting Splunk

ray — Mon, 08 Mar 2010 14:27:51 +0000

Have been fiddling around with Splunk lately. Splunk’s a really good tool to use for log collection and analysis (and that’s oversimplifying it, I believe it can even do event correlation…), which really made my love for data mining go crazy of late:P Best part is that it has a perpetual free license, nice! One of [...]

Useful Firefox Plugins

ray — Wed, 03 Mar 2010 15:46:23 +0000

Sharing my list of favourite Firefox plugins. Some are used more for only when doing web application penetration testing, whereas some are useful for everyday awareness/protection when surfing around the interwebs. Do leave comments if this helps, or you have any complaints/suggestions to help improve the list Adblock Plus: you know what this is [...]

DNS rebinding defense with Nginx

ray — Fri, 26 Feb 2010 16:47:58 +0000

DNS rebinding’s a particularly nasty attack, having similar characteristics as CSRF attacks where the user’s browser can be used to access/attack sites on behalf of the attacker. I’m not going to describe how it works here, there’s plenty of literature out there that talks about it. And if that’s not enough, Google Is Your Friend. One of [...]

Web Security Dojo v1.0 release

ray — Fri, 26 Feb 2010 16:19:48 +0000

Web Security Dojo is a turnkey web application security lab with tools, targets, and training materials built into a Virtual Machine(VM). It is ideal for both self-instruction and training classes since everything is pre-configured and no external network connection is needed. All tools and targets are configured to use non-conflicting ports and a [...]

All ’bout Security & Connectivity Seminar 2010

ray — Thu, 25 Feb 2010 17:50:06 +0000

The 2nd All ‘Bout Security& Connectivity Seminar is here again in Temasek Polytechnic! This seminar provides a knowledge-sharing platform for IT Security, Network Professionals and students. The seminar includes talks on IT security and connectivity and a Web Challenge (supported by HITB), which is open to public. The aim of the challenge is to test the [...]

(How to) Signup for SecureMe

ray — Thu, 25 Feb 2010 17:41:23 +0000

If you wish to have a safe and private way to surf the internets while you’re at a public wifi hotspot, or somewhere like a hotel “free” network or whatnot, why not consider using a VPN + proxy + DNS resolver combination? SecureMe is a project I started to try out and get some experience from [...]

Rubbish attracts flies

ray — Thu, 25 Feb 2010 17:25:25 +0000

Immediately after the previous post on the list of SSH user IDs used in attempting the brute forcing, the blog has suddenly gotten a lot more attention… …from spammers. The number of blocked spam jumped by over a hundred in the span of just a day! Perhaps it would be good to be careful on the [...]

SSH brute force namelist

ray — Wed, 24 Feb 2010 15:59:56 +0000

It’s weird, but therapeutic to see what kind of data has been gathered from the public server… Today’s feature: the list of user IDs that has been used to attempt brute forcing on ssh till date! *drum roll* From the looks of this list, some of these people/botnet operators think I’m German/Spanish/Japanese. Really weird, or these botnets [...]

SecureMe so far…

ray — Sun, 21 Feb 2010 09:16:07 +0000

Have been using my VPN + proxy + dns resolver combination (or the so-called SecureMe project) for a while to date, and it has served my pretty well so far.. I primarily use this at public wifi hotspots like Wireless@SG, where the network is not trusted. Of course this could be extended to apply in [...]