Tuesday, November 06, 2007

Security Links - 11/06/07

Serversniff.net - Fantastic little tool for auditing SSL. Easy way to test for the presence of SSL v2 and weak/export grade ciphers.

Hungry Machine - The guys over at Hungry Machine less show us how to quickly and effectively perform Geo-Locating by IP address in Ruby on Rails. Just goes to show that the 'net is alot less anonymous than people think. [For those that are unaware, IP address Geo-Locating is how adult friend finder always manages to display banner ads with lovely ladies from your present location! Now if only they could find a way to display a different set of women based on my location. I find it hard to believe that the exact same set of Caucasian women waiting for me in Arlington, VA are also patiently waiting for me when I travel to Bangkok, Thailand. ;) ]

ToorCon 2007 - Alot of the presentations are now available for download. (Hint: Click the [M])

Overlooked SQL Injection Techniques - Another presentation from ToorCon but not linked on their page. Great presentation that shows alot of often overlooked SQL Injection techniques.

The Bungling Sys Admin
- A coworker's blog. I think its good for us security folks to be reminded of what its like working down in the trenches and on the front lines. Also some fairly useful information there.

Labels: , , ,