Autarchy of the Private Cave

A nice report on the cost of bruteforcing variable-length and variable-complexity passwords using cloud computing services (e.g. Amazon’s EC). There’s a kind of a tutorial in their previous post.

Slow DoS attack with just 1 computer against a number of web servers, including Apache: slowloris. There is a solution for Apache, packaged for RedHat and also available for Debian.

Finally, there’s Go programming language. The most inspiring promise to me personally is the ease of execution parallelization with language’s built-in syntactic constructs. That is something highly desired. Also, I like that it is a compiled language. However, it might be 10%-20% slower than pure C. Let’s see how it grows.

SecuriTeam has an old, but still very useful article on SQL injection.

I’ve created a PDF of that article, containing some of the comments (all the ‘thank-you’ and ‘help-me-hack’ comments were removed): sql injection walkthrough pdf download.

Note: there were no specific license terms attached to the article; I believe that the word “free” on the SecuriTeam site logo refers to the “right of free use and copying”. If you know this is not the case – please let me know to remove this PDF from public access. (see Brian’s comment)