Conficker: The other not so famous Variant A

There are lot more discussions are going on for Conficker variant C (ConfickerC) due to 1st April. Why 1st april?. The 1st april is the day ConfickerC should call home for updates. The domain name generator  algorithm  used by ConfickerC is making blocking or detecting live ConfickerC update servers is becoming harder when it will […]

Log Files: Dealing with Inconsistent Field Delimeter

Salam, Log files are big. Processing  it  would be cumbersome especially if the field separator are not so unique. Take a look at contain of file example.log below : “”,6667,”Rembau, NSembilan,Malaysia”,”GET /phpmyadmin “,404 “”,80,”Selangor”,”GET /phpmyadmin/ ,200 “”,9090,”A. Star, Kedah, Malysia”,”GET /phpmyadmin/favicon.ico,404 “”,6667,”Malysia”,”GET /phpmyadmin/print.css,404 “”,993,”A. Star, Kedah, Malysia”,”GET /phpmyadmin/phpmyadmin.css.php?lang=en-utf-8,404 At first sight, anybody would agree to […]

Securing PHP : Disabling Dangerous PHP Functions

PHP is a very popular language nowadays. But at the same time, it’s also one of the main sources for user accounts and servers getting compromised. Every PHP developer and hoster should understand the primary attack vectors being used by attackers against PHP applications. They also should be able to classify PHP functions that allowed […]