Slashdot Mirror

← Back to Users

User: onki

onki's activity in the archive.

Stories
0
Comments
9
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 9

  1. Re:This is news? on The Anatomy of Cross Site Scripting · · Score: 1
    HTML encode EVERYTHING the user sends to you.
    This doesn't help you. Most xss attacks are not about inserting html but using xss to see where a site is exploitable. The common attacks to 'crack' a site are sql injections based on the information used by xss these days. To prevent such behaviour a coder should not bend the rules to keep his managers time schedule. He/she should: type cast data validate anything that can't be type casted quote data in sql queries etc..... There is no other way.
  2. Re:Slackware rules! on Slackware 9.1 Released · · Score: 1

    brrr, dropline uses pam.....

  3. Re:Slashdotted on Interview With A Maddog · · Score: 1

    Since when does phpnuke scale?

  4. Kids and opensource on Moving Your Kids to Linux? · · Score: 1

    Let's all look at what kind of toys they could use. Running stupid little games (sorry) like console stuff isn't working. The graphical games look like they climbed out of 1991. Let's not blame/use our kids for using software that is stable to try to turn it into a teletubby os. Moi

  5. Re:Logs Clogged on Happy Birthday Code Red · · Score: 2, Informative

    Use mod_rewrite to direct those scans to a cgi/web script. I'm storing them in a database which is being read as soon as my firewall starts (laptop). Completely automated.

  6. Re:you are lucky! on How to "Open Source" Custom, Contract Software? · · Score: 1

    Is he? Small office development makes you wonder if you would like to use opensource/gpl|whatever. It can pay off to convince them. Done it myself.

    Regards,

    Hans

  7. do I want to know how many chars I typed? on How Many Keys Have You Pressed? · · Score: 1

    I wouldn't. Had this old IBM keyboard where noone else was able to find the A, E, ^ or any other common used key. The chars just vanished :)

  8. Re:wow... slashdot has a apache prob? on Gartner Group Suggests Dumping IIS For Now · · Score: 1

    Hmm, weird, trying to change the password brings up the download popup, lol, maybe they should use IIS instead?

    Onki -- :wq

  9. Re:wow... on Gartner Group Suggests Dumping IIS For Now · · Score: 1

    Well, suppose it had to come this way. People have been taking the MS troubles for far to long now. Been running a small app, server-side, myself and I decided I will not support ISS anymore (b.t.w, this was before I saw the Gartner announcemnt). I still wonder what would happen if people would bill Bill for all the time they have wasted fixing their servers. I know, their license won't allow us to bill them .... Onki -- :wq