Monthly Archives: November 2009

Stop blaming us

Occasionally, I see articles like this.

Hackers don’t, as a rule, need to go to such lengths to crack passwords. That’s because most of us fail to follow good security habits. A recent article on PhysOrg cites a study that found people are the weak link in computer security.

This is silly. People don’t need to “follow good security habits” unless they have “security” somewhere in their title. Security is a means to an end, and not the target. The target is to get the job done (or surf the web, or read your emails).

Saying this is not just silly – it’s also dangerous. When experts say “people are the weakest link in computer security”, they remove all responsibility from the security industry to make security better, and easier, for users. Why work on preventing brute-force attacks on passwords? Instead lets force our users to choose a 10 character password including at least 1 number and 1 letter of each case. Oh, and lets prevent those walking security hazards from saving the password in the browser on their malware infested machines. Yeah, that’ll teach them. The article over at discovery.com suggests I use e$4WruX7 as a password – a most helpful advice if I ever saw one. Here’s a better suggestion for you Jonathan: have the system lock out for 24 hours after 3 failed tries.That will make guessing a simple 6 digit-only PIN take more than 450 years.

Enough with this.  Users are not the weakest link any more than drivers are the weakest link in driving accidents. Sure, if we remove users (or drivers) from the equation, that solves all our problems. But since we can’t do that, lets focus on making seat belts, and airbags, and warning systems. Or easier (not harder!) password systems, better protected servers and better user interface.

Heathrow calling

Here’s a weird spam I got last night:

Hello

The route taken through Customs is mainly determined by your point of departure and whether you are bringing into the country more duty payable goods than your free allowance. For those passengers who have flown in from outside the European Community (EC), their baggage will have a white tag and they must pass through either the Red or Green channel according to the amount of duty free goods they have. Those passengers arriving from countries within the EC should use the Blue channel, and their baggage will have green-edged tag.

As part of our routine check and based on the above, we have a consignment in your name; you are advised to come to the office address below

Customs office
Terminal 3
Heathrow Airport

You are required to come with the following:
1. Your ID
2. Diplomatic Tag either white or green-edge tag.
3. Non Inspection document

Your appointment time is 10am GMT, failure to comply; we will have over the matter to Metropolitan and the FBI. I am the officer in charge of your matter.

Thomas Smith
UK Customs
Heathrow Airport

It’s weird, because it contains no advertisement, and no links. There’s nothing “encoded” in it –  it seems to be an old version of this notice.

So why would a spammer waste valuable botnet cycles on sending me the email? The only explanation I could come up with is “a boy who cried wolf” attack. You send this email a few times, and the Baysian filtering systems train themselves that this is a good email (i.e. “ham”). Most Baysian spam filtering systems have a loopback mechanism where spam email is used to train the system further, and ham email is used to teach the system what “good” email is. If this email is seen a few times and considered ham, spam filters will accept something similar to it that contains a link. That link, can be the spam or phishing attack.

Another guess is that it’s simply used to verify email addresses – you read that a scary Customs agent from Heathrow wants you in his office first thing tomorrow morning, and you quickly reply to ask what it’s about; the spammer (whose reply-to address is different than the “From”) gets a confirmation that your email address is valid, maybe with some more details like your phone number. This is a plausible explanation but it seems like too much hard work just to get some valid email addresses.
Any other guesses?

Fuzzing anything that moves

<meta content="OpenOffice.org 3.0 (Linux)" name="GENERATOR" /><br /> <style type="text/css"> <!-- @page { margin: 0.79in } P { margin-bottom: 0.08in } A:link { so-language: zxx } --></style> <p style="margin-bottom: 0in">I’m in New Delhi, for the local <a href="(http://www.owasp.org/index.php/SecurityByte_and_OWASP_Asia_AppSec_Conference_2009">OWASP Conference</a>. There’s a <a href="http://www.owasp.org/index.php/SecurityByte_and_OWASP_Asia_AppSec_Conference_2009#tab=Conference">really nice lineup</a> and if you’re in the New Delhi area I highly recommend attending.</p> <p style="margin-bottom: 0in"> <p style="margin-bottom: 0in">I’ll be speaking twice. On Tuesday about blackbox testing. The abstract can be paraphrased from the immortal words of the great fuzzing master Ice-T:</p> <blockquote> <p style="margin-bottom: 0in">If you’re from Mars, and you have inputs, we will fuzz you.</p> </blockquote> <p style="margin-bottom: 0in">(Look up the <a href="http://www.rhapsody.com/body-count/body-count/kkk-bitch/lyrics.html">original text</a>, I guarantee it’s worth it)</p> <p style="margin-bottom: 0in"> <p style="margin-bottom: 0in">On Wednesday I’ll be talking a bit about breaking JSON applications, relying on the great research done by Amit Klein, Blueinfy, Jeremiah Grossman, Fortify, and many others.</p> <p style="margin-bottom: 0in"> <p style="margin-bottom: 0in">If you spot any errors in either of my presentations let me know and I will buy you a beer. This offer does not include anything stupid I say while on a discussion panel…</p> <p style="margin-bottom: 0in"> <p style="margin-bottom: 0in"> </div><!-- .entry-content --> <footer class="entry-meta"> </footer><!-- .entry-meta --> </article><!-- #post --> <nav class="navigation paging-navigation" role="navigation"> <h1 class="screen-reader-text">Posts navigation</h1> <div class="nav-links"> <div class="nav-previous"><a href="https://blogs.securiteam.com/index.php/archives/date/2009/11/page/2" ><span class="meta-nav">←</span> Older posts</a></div> </div><!-- .nav-links --> </nav><!-- .navigation --> </div><!-- #content --> </div><!-- #primary --> <div id="tertiary" class="sidebar-container" role="complementary"> <div class="sidebar-inner"> <div class="widget-area"> <aside id="sfsi-widget-11" class="widget sfsi"><h3 class="widget-title">Please follow & like us :)</h3> <div class="sfsi_widget" data-position="widget"> <div id='sfsi_wDiv'></div> <div class="norm_row sfsi_wDiv" style="width:120px;text-align:center;position:absolute;"><div style='width:25px; height:25px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons shuffeldiv '><div class='inerCnt'><a class=' sficn' effect='fade_in' target='_blank' href='https://blogs.securiteam.com/index.php/feed' id='sfsiid_rss' alt='RSS' style='opacity:0.6' ><img alt='RSS' title='RSS' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_rss.png' width='25' height='25' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a></div></div><div style='width:25px; height:25px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons shuffeldiv '><div class='inerCnt'><a class=' sficn' effect='fade_in' target='_blank' href='http://' id='sfsiid_facebook' alt='FACEBOOK' style='opacity:0.6' ><img alt='FACEBOOK' title='FACEBOOK' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_facebook.png' width='25' height='25' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a></div></div><div style='width:25px; height:25px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons shuffeldiv '><div class='inerCnt'><a class=' sficn' effect='fade_in' target='_blank' href='javascript:void(0);' id='sfsiid_google' alt='Google+' style='opacity:0.6' ><img alt='Google+' title='Google+' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_google.png' width='25' height='25' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a><div class="sfsi_tool_tip_2 gpls_tool_bdr sfsiTlleft" style="width:76px ;opacity:0;z-index:-1;margin-left:-59.5px;" id="sfsiid_google"><span class="bot_arow bot_gpls_arow"></span><div class="sfsi_inside"><div class='icon2'><div class="g-plusone" data-href="https://blogs.securiteam.com/index.php/archives/date/2009/11" data-size="large" data-annotation="none" ></div></div><div class='icon3'><div class="g-plus" data-action="share" data-annotation="none" data-height="24" data-href="https://blogs.securiteam.com/index.php/archives/date/2009/11">https://blogs.securiteam.com/index.php/archives/date/2009/11"></div></div></div></div></div></div><div style='width:25px; height:25px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons shuffeldiv '><div class='inerCnt'><a class=' sficn' effect='fade_in' target='_blank' href='https://twitter.com/beyondsecurity' id='sfsiid_twitter' alt='Twitter' style='opacity:0.6' ><img alt='Twitter' title='Twitter' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_twitter.png' width='25' height='25' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a><div class="sfsi_tool_tip_2 twt_tool_bdr sfsiTlleft" style="width:59px ;opacity:0;z-index:-1;margin-left:-51px;" id="sfsiid_twitter"><span class="bot_arow bot_twt_arow"></span><div class="sfsi_inside"><div class='icon1'><a href="https://twitter.com/@beyondsecurity" class="twitter-follow-button" data-show-count="false" data-show-screen-name="false">Follow </a></div><div class='icon2'><a rel="nofollow" href="http://twitter.com/share" data-count="none" class="sr-twitter-button twitter-share-button" lang="en" data-url="https://blogs.securiteam.com/index.php/archives/date/2009/11" data-text="Check this out: www.yourname.com #Topic via@my_twitter_name" ></a></div></div></div></div></div><div style='width:25px; height:25px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons shuffeldiv '><div class='inerCnt'><a class='addthis_button sficn' effect='fade_in' target='_blank' href='http://www.addthis.com/bookmark.php?v=250' id='sfsiid_share' alt='SHARE' style='opacity:0.6' ><img alt='SHARE' title='SHARE' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_share.png' width='25' height='25' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a></div></div><div style='width:25px; height:25px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons shuffeldiv '><div class='inerCnt'><a class=' sficn' effect='fade_in' target='_blank' href='https://www.linkedin.com/company/beyond-security' id='sfsiid_linkedin' alt='LinkedIn' style='opacity:0.6' ><img alt='LinkedIn' title='LinkedIn' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_linkedin.png' width='25' height='25' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a><div class="sfsi_tool_tip_2 linkedin_tool_bdr sfsiTlleft" style="width:66px ;opacity:0;z-index:-1;margin-left:-54.5px;" id="sfsiid_linkedin"><span class="bot_arow bot_linkedin_arow"></span><div class="sfsi_inside"><div class='icon2'><script type="IN/Share" data-url=""></script></div></div></div></div></div></div ><div id="sfsi_holder" class="sfsi_holders" style="position: relative; float: left;width:100%;z-index:-1;"></div ><script>jQuery(".sfsi_widget").each(function( index ) { if(jQuery(this).attr("data-position") == "widget") { var wdgt_hght = jQuery(this).children(".norm_row.sfsi_wDiv").height(); var title_hght = jQuery(this).parent(".widget.sfsi").children(".widget-title").height(); var totl_hght = parseInt( title_hght ) + parseInt( wdgt_hght ); jQuery(this).parent(".widget.sfsi").css("min-height", totl_hght+"px"); } });</script> <div style="clear: both;"></div> </div> </aside><aside id="text-19" class="widget widget_text"> <div class="textwidget"><br /> <br /> <br /></div> </aside><aside id="subscriber_widget-6" class="widget widget_subscriber_widget"><h3 class="widget-title">Get the latest via email</h3><div class="sfsi_subscribe_Popinner"> <form method="post" onsubmit="return sfsi_processfurther(this);" target="popupwindow" action="http://www.specificfeeds.com/widgets/subscribeWidget/TlBWazJsTWZPb1lSaXZJK2VUZTMybXplNXlWeHprTVF3ejRjaWp2bEJXSHhrT2hKbVJNTnVaR3RZNXNrRWZvY2t6amorUjRZTGVuUHhBQjd0UzgyRzM0YlBadzF6TWpLQVNlUGZaSjlJMHhIUW9PWGVEbUhwaFNhRnQzNGQ3dkJ8cTJKZFE5azU4Yyt1MVVYQlZYYVIxdXFvMlpyb244NmhJU3FFOW4vbkdwMD0=/8/"> <h5>Get new posts by email</h5> <div class="sfsi_subscription_form_field"> <input type="email" name="data[Widget][email]" value="" placeholder="Enter your email"/> </div> <div class="sfsi_subscription_form_field"> <input type="hidden" name="data[Widget][feed_id]" value="TlBWazJsTWZPb1lSaXZJK2VUZTMybXplNXlWeHprTVF3ejRjaWp2bEJXSHhrT2hKbVJNTnVaR3RZNXNrRWZvY2t6amorUjRZTGVuUHhBQjd0UzgyRzM0YlBadzF6TWpLQVNlUGZaSjlJMHhIUW9PWGVEbUhwaFNhRnQzNGQ3dkJ8cTJKZFE5azU4Yyt1MVVYQlZYYVIxdXFvMlpyb244NmhJU3FFOW4vbkdwMD0="> <input type="hidden" name="data[Widget][feedtype]" value="8"> <input type="submit" name="subscribe" value="Subscribe" /> </div> </form> </div></aside><aside id="tag_cloud-5" class="widget widget_tag_cloud"><h3 class="widget-title">Keywords</h3><div class="tagcloud"><a href='https://blogs.securiteam.com/index.php/archives/tag/authentication' class='tag-link-48 tag-link-position-1' title='1 topic' style='font-size: 8pt;'>authentication</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/beast' class='tag-link-60 tag-link-position-2' title='1 topic' style='font-size: 8pt;'>BEAST</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/david-harley' class='tag-link-50 tag-link-position-3' title='1 topic' style='font-size: 8pt;'>David Harley</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/dns' class='tag-link-56 tag-link-position-4' title='1 topic' style='font-size: 8pt;'>DNS</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/education' class='tag-link-49 tag-link-position-5' title='1 topic' style='font-size: 8pt;'>education</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/free-av' class='tag-link-54 tag-link-position-6' title='1 topic' style='font-size: 8pt;'>free AV</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/gunter-ollman' class='tag-link-53 tag-link-position-7' title='1 topic' style='font-size: 8pt;'>Gunter Ollman</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/imperva' class='tag-link-52 tag-link-position-8' title='1 topic' style='font-size: 8pt;'>Imperva</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/microsoft-ca' class='tag-link-63 tag-link-position-9' title='1 topic' style='font-size: 8pt;'>Microsoft CA</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/nginx' class='tag-link-57 tag-link-position-10' title='1 topic' style='font-size: 8pt;'>NGINX</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/passwords' class='tag-link-47 tag-link-position-11' title='1 topic' style='font-size: 8pt;'>passwords</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/pki' class='tag-link-62 tag-link-position-12' title='1 topic' style='font-size: 8pt;'>PKI</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/redhat' class='tag-link-69 tag-link-position-13' title='1 topic' style='font-size: 8pt;'>RedHat</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/ssl' class='tag-link-58 tag-link-position-14' title='3 topics' style='font-size: 22pt;'>SSL</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/testing' class='tag-link-51 tag-link-position-15' title='1 topic' style='font-size: 8pt;'>testing</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/tls' class='tag-link-59 tag-link-position-16' title='3 topics' style='font-size: 22pt;'>TLS</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/tomcat' class='tag-link-68 tag-link-position-17' title='1 topic' style='font-size: 8pt;'>Tomcat</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/virustotal' class='tag-link-55 tag-link-position-18' title='1 topic' style='font-size: 8pt;'>VirusTotal</a> <a href='https://blogs.securiteam.com/index.php/archives/tag/windows-2012' class='tag-link-61 tag-link-position-19' title='1 topic' style='font-size: 8pt;'>Windows 2012</a></div> </aside><aside id="text-18" class="widget widget_text"> <div class="textwidget"><br /> <br /> <br /></div> </aside><aside id="archives-9" class="widget widget_archive"><h3 class="widget-title">Archives</h3> <label class="screen-reader-text" for="archives-dropdown-9">Archives</label> <select id="archives-dropdown-9" name="archive-dropdown" onchange='document.location.href=this.options[this.selectedIndex].value;'> <option value="">Select Month</option> <option value='https://blogs.securiteam.com/index.php/archives/date/2016/07'> July 2016 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2016/03'> March 2016 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2015/12'> December 2015 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2015/11'> November 2015 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2015/10'> October 2015 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2015/09'> September 2015 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2015/08'> August 2015 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2015/07'> July 2015 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2015/06'> June 2015 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2015/05'> May 2015 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2015/01'> January 2015 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2014/08'> August 2014 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2014/06'> June 2014 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2014/05'> May 2014 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2014/04'> April 2014 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2014/03'> March 2014 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2014/02'> February 2014 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2014/01'> January 2014 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/12'> December 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/11'> November 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/10'> October 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/09'> September 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/08'> August 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/07'> July 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/06'> June 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/05'> May 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/04'> April 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/03'> March 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/02'> February 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2013/01'> January 2013 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/12'> December 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/11'> November 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/10'> October 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/09'> September 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/08'> August 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/07'> July 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/06'> June 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/05'> May 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/04'> April 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/03'> March 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/02'> February 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2012/01'> January 2012 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/12'> December 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/11'> November 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/10'> October 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/09'> September 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/08'> August 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/07'> July 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/06'> June 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/05'> May 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/04'> April 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/03'> March 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/02'> February 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2011/01'> January 2011 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/12'> December 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/11'> November 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/10'> October 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/09'> September 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/08'> August 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/07'> July 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/06'> June 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/05'> May 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/04'> April 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/03'> March 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/02'> February 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2010/01'> January 2010 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/12'> December 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/11'> November 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/10'> October 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/09'> September 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/08'> August 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/07'> July 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/06'> June 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/05'> May 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/04'> April 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/03'> March 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/02'> February 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2009/01'> January 2009 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/12'> December 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/11'> November 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/10'> October 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/09'> September 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/08'> August 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/07'> July 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/06'> June 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/05'> May 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/04'> April 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/03'> March 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/02'> February 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2008/01'> January 2008 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/12'> December 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/11'> November 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/10'> October 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/09'> September 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/08'> August 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/07'> July 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/06'> June 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/05'> May 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/04'> April 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/03'> March 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/02'> February 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2007/01'> January 2007 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/12'> December 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/11'> November 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/10'> October 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/09'> September 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/08'> August 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/07'> July 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/06'> June 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/05'> May 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/04'> April 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/03'> March 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/02'> February 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2006/01'> January 2006 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2005/12'> December 2005 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2005/11'> November 2005 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2005/10'> October 2005 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2005/09'> September 2005 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2005/08'> August 2005 </option> <option value='https://blogs.securiteam.com/index.php/archives/date/2005/07'> July 2005 </option> </select> </aside> </div><!-- .widget-area --> </div><!-- .sidebar-inner --> </div><!-- #tertiary --> </div><!-- #main --> <footer id="colophon" class="site-footer" role="contentinfo"> <div class="site-info"> <a href="https://wordpress.org/">Proudly powered by WordPress</a> </div><!-- .site-info --> </footer><!-- #colophon --> </div><!-- #page --> <!--facebook like and share js --> <div id="fb-root"></div> <script>(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));</script> <!--<div id="fb-root"></div> <script> (function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_US/sdk.js#xfbml=1&appId=1425108201100352&version=v2.0"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));</script>--> <!--google share and like and e js --> <script type="text/javascript"> window.___gcfg = { lang: 'en-US' }; (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })(); </script> <!-- google share --> <script type="text/javascript"> (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/platform.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })(); </script> <!-- linkedIn share and follow js --> <script src="//platform.linkedin.com/in.js" type="text/javascript">lang: en_US</script> <!-- Addthis js --> <script type="text/javascript" src="https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-558ac14e7f79bff7"></script> <script type="text/javascript"> var addthis_config = { ui_click: true }; </script> <!-- twitter JS End --> <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="https://platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script> <div class="sfsi_outr_div" > <div class="sfsi_FrntInner_chg" style="background-color:#ffffff;border:1px solid#f3faf2; font-style:;color:#000000;box-shadow:12px 30px 18px #CCCCCC;"><div class="sfsiclpupwpr" onclick="sfsihidemepopup();"><img src="https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/close.png" /></div><h2 style="font-family:Helvetica,Arial,sans-serif;font-style:;color:#000000;font-size:15px">If you enjoy this blog , please share it :)</h2><ul style=""><li><div style='width:51px; height:51px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons '><div class='inerCnt'><a class=' sficn' effect='fade_in' target='_blank' href='https://blogs.securiteam.com/index.php/feed' id='sfsiid_rss' alt='RSS' style='opacity:0.6' ><img alt='RSS' title='RSS' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_rss.png' width='51' height='51' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a></div></div></li><li><div style='width:51px; height:51px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons '><div class='inerCnt'><a class=' sficn' effect='fade_in' target='_blank' href='http://' id='sfsiid_facebook' alt='FACEBOOK' style='opacity:0.6' ><img alt='FACEBOOK' title='FACEBOOK' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_facebook.png' width='51' height='51' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a></div></div></li><li><div style='width:51px; height:51px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons '><div class='inerCnt'><a class=' sficn' effect='fade_in' target='_blank' href='javascript:void(0);' id='sfsiid_google' alt='Google+' style='opacity:0.6' ><img alt='Google+' title='Google+' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_google.png' width='51' height='51' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a><div class="sfsi_tool_tip_2 gpls_tool_bdr sfsiTlleft" style="width:76px ;opacity:0;z-index:-1;margin-left:-59.5px;" id="sfsiid_google"><span class="bot_arow bot_gpls_arow"></span><div class="sfsi_inside"><div class='icon2'><div class="g-plusone" data-href="https://blogs.securiteam.com/index.php/archives/date/2009/11" data-size="large" data-annotation="none" ></div></div><div class='icon3'><div class="g-plus" data-action="share" data-annotation="none" data-height="24" data-href="https://blogs.securiteam.com/index.php/archives/date/2009/11">https://blogs.securiteam.com/index.php/archives/date/2009/11"></div></div></div></div></div></div></li><li><div style='width:51px; height:51px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons '><div class='inerCnt'><a class=' sficn' effect='fade_in' target='_blank' href='https://twitter.com/beyondsecurity' id='sfsiid_twitter' alt='Twitter' style='opacity:0.6' ><img alt='Twitter' title='Twitter' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_twitter.png' width='51' height='51' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a><div class="sfsi_tool_tip_2 twt_tool_bdr sfsiTlleft" style="width:59px ;opacity:0;z-index:-1;margin-left:-51px;" id="sfsiid_twitter"><span class="bot_arow bot_twt_arow"></span><div class="sfsi_inside"><div class='icon1'><a href="https://twitter.com/@beyondsecurity" class="twitter-follow-button" data-show-count="false" data-show-screen-name="false">Follow </a></div><div class='icon2'><a rel="nofollow" href="http://twitter.com/share" data-count="none" class="sr-twitter-button twitter-share-button" lang="en" data-url="https://blogs.securiteam.com/index.php/archives/date/2009/11" data-text="Check this out: www.yourname.com #Topic via@my_twitter_name" ></a></div></div></div></div></div></li><li id='SFshareIcon'><div style='width:51px; height:51px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons '><div class='inerCnt'><a class='addthis_button sficn' effect='fade_in' target='_blank' href='http://www.addthis.com/bookmark.php?v=250' id='sfsiid_share' alt='SHARE' style='opacity:0.6' ><img alt='SHARE' title='SHARE' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_share.png' width='51' height='51' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a></div></div></li><li><div style='width:51px; height:51px;margin-left:15px;margin-bottom:30px;' class='sfsi_wicons '><div class='inerCnt'><a class=' sficn' effect='fade_in' target='_blank' href='https://www.linkedin.com/company/beyond-security' id='sfsiid_linkedin' alt='LinkedIn' style='opacity:0.6' ><img alt='LinkedIn' title='LinkedIn' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_linkedin.png' width='51' height='51' style='' class='sfcm sfsi_wicon' effect='fade_in' /></a><div class="sfsi_tool_tip_2 linkedin_tool_bdr sfsiTlleft" style="width:66px ;opacity:0;z-index:-1;margin-left:-54.5px;" id="sfsiid_linkedin"><span class="bot_arow bot_linkedin_arow"></span><div class="sfsi_inside"><div class='icon2'><script type="IN/Share" data-url=""></script></div></div></div></div></div></li></ul></div ></div > <script> jQuery( document ).scroll(function( $ ) { var y = jQuery(this).scrollTop(); if (/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent)) { if(jQuery(window).scrollTop() + jQuery(window).height() >= jQuery(document).height()-100) { jQuery('.sfsi_outr_div').css({'z-index':'9996',opacity:1,top:jQuery(window).scrollTop()+"px",position:"absolute"}); jQuery('.sfsi_outr_div').fadeIn(200); jQuery('.sfsi_FrntInner_chg').fadeIn(200); } else{ jQuery('.sfsi_outr_div').fadeOut(); jQuery('.sfsi_FrntInner_chg').fadeOut(); } } else { if(jQuery(window).scrollTop() + jQuery(window).height() >= jQuery(document).height()-3) { jQuery('.sfsi_outr_div').css({'z-index':'9996',opacity:1,top:jQuery(window).scrollTop()+200+"px",position:"absolute"}); jQuery('.sfsi_outr_div').fadeIn(200); jQuery('.sfsi_FrntInner_chg').fadeIn(200); } else { jQuery('.sfsi_outr_div').fadeOut(); jQuery('.sfsi_FrntInner_chg').fadeOut(); } } }); </script> <script type='text/javascript' src='https://blogs.securiteam.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4'></script> <script type='text/javascript' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=4.6'></script> <script type='text/javascript' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=4.6'></script> <script type='text/javascript' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=4.6'></script> <script type='text/javascript'> /* <![CDATA[ */ var ajax_object = {"ajax_url":"https:\/\/blogs.securiteam.com\/wp-admin\/admin-ajax.php"}; var ajax_object = {"ajax_url":"https:\/\/blogs.securiteam.com\/wp-admin\/admin-ajax.php","plugin_url":"https:\/\/blogs.securiteam.com\/wp-content\/plugins\/ultimate-social-media-icons\/"}; /* ]]> */ </script> <script type='text/javascript' src='https://blogs.securiteam.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=4.6'></script> <script type='text/javascript' src='https://blogs.securiteam.com/wp-content/themes/twentythirteen/js/functions.js?ver=20160717'></script> <script type='text/javascript' src='https://blogs.securiteam.com/wp-includes/js/wp-embed.min.js?ver=4.6'></script> <script type="text/javascript" id="slb_context">/* <![CDATA[ */if ( !!window.jQuery ) {(function($){$(document).ready(function(){if ( !!window.SLB ) { {$.extend(SLB, {"context":["public","user_guest"]});} }})})(jQuery);}/* ]]> */</script> </body> </html>