Tuesday, February 10, 2004 - Posts

Thorny issue: To release or not to release Audit/Security/Hacking tool ?

I' ve coded up a tool to audit a web site for script injection checking following things:

  • Input on form
  • Querystring
  • URL(I know, URLSCAN partially does it)
  • CSS : cross site script injection
  •  SQL injection tring to change SP, launch extended SP (send mail), grant user rights, delete stuff

 

Now I am undecided if I should release it without being another John Lam

posted Tuesday, February 10, 2004 8:09 PM by stefandemetz with 0 Comments

How MS patches it's 300.000 PCs

clock forward

http://www.directionsonmicrosoft.com/sample/DOMIS/update/2004/01jan/0104cpam.htm

posted Tuesday, February 10, 2004 7:40 PM by stefandemetz with 0 Comments

The weakest link of .NET

One of my beefs with .NET is the declassing of MSMQ to a second class technology within .NET. I know that Longhorn - Indigo will get this type of tech up to par again.

What's you vote for the weakest link in .NET?

posted Tuesday, February 10, 2004 7:32 PM by stefandemetz with 0 Comments