Stephen Reese

SQL injection attack on a PostgreSQL database (t_jiaozhu)

A web server running Apache 2 and PostgreSQL was successfully compromised using a SQL injection vulnerability. I first noticed there was a new table in one of our PostgreSQL databases named ‘t_jiaozhu’. public t\_jiaozhu table postgres The table wasn not something that myself or our developer had created so …


Running Terminal Server on Windows 2003 Server

Vista has been a decent Operating System so far but there are still a large number of software vendors who were not prepared for the OS. A number of statistical software packages are at this point not supported so I decided to implement a Terminal Server for users to access …

Using Common Sense to Secure your Information

Every day technology creates efficiency for millions of people. With all of the benefits that technology provides there are also many pitfalls that come with convenience. Online vendors make it easy for people to purchase goods at reasonable prices when compared to brick and mortar stores. There are many good …

Microsoft Vista and Office 2007 Initial Review

I recently got my hands on a copy of Microsoft’s latest offering in the form of desktop software, Vista and Office 2007. I have also acquired some new 64 bit Core 2 Duo Dell computers in order to test the new software for deployment though I have also been …

Copyrighted Music and Movies

Ever since the Napster rise and fall there has been an on going debate in regards to copyrighted material being shared across networks with peer to peer (P2P) applications and popular social networking websites. I know from my school and work that technology exists that may analyze network traffic and …

What is Web 2.0

An article describing the slow migration to what some call Web 2.0

Botnets that make money but at whos expense

Witlog claims he do not use his botnet for illegal purposes, only “for fun.” I found that claim pretty hard to believe given a) the income he could make installing ad-serving software on each computer under his control, combined with b) the risk he is taking of getting caught breaking …

New phishing techniques to fool online users

People are becoming aware of the insecurities posed by online shopping, browsing, and even messaging. The days of email that are obviously spam due to misspelled words and links that contain ip addresses instead of dns names are moving to a new level. The following post describes the process in …