Archive for April, 2008

My previous blog post attempted to explain SQL injection and why it’s a problem.   It’s started to get media coverage now and the media is looking for a target (scapegoat). So as is often the case, someone gets wrongly blamed and right now it’s of course Microsoft.

It’s NOT Microsoft’s fault.

Read the rest of this entry »

It’s a shame but not many website owners or for that matter, web developers are familiar with what SQL Injection is and just why it’s something they need to worry about.  I’m noticing through various forums, friends, etc an increased number of sites being exploited for Cross Site Scripting through SQL Injection.  Most blog readers are going to say “HUH? Cross Eyed Scripting? What Injection?”

Read the rest of this entry »

If you want Windows Update to check for updates without firing up a browser you can do this via CLI:

wuauclt.exe /detectnow

If there are updates available after a couple minutes you’ll see the little update notification in the system tray:

image

A question that’s been coming up rather often lately is: “How do I configure the Windows Firewall on my Dedicated Server / VPS Server?” Not many people realize that in SP1 Windows 2003 got a software firewall feature added and even fewer are familiar with how to configure it correctly.  Because of this I wanted to provide a few tips on how to configure your Windows Firewall.  Please note that this is NOT the all encompassing tutorial on how to secure your server or how to use Windows Firewall but it’s a great starting point.

Read the rest of this entry »

Calendar
April 2008
S M T W T F S
« Mar   May »
 12345
6789101112
13141516171819
20212223242526
2728293031