/images/header.png)
I just thought I would quickly share an HTTP request that I saw today. Here it is, a one-liner:
GET http://www.vmware.com/a/info/?id=290 HTTP/1.0
Calling this an HTTP request is actually pretty generous. It violates the protocol in just about every way imagineable. The fact that real programmers write this stuff illustrates just how hard it is to detect malicious web requests without raising any false positives.
Hi everyone, I will be at the 23rd Annual Computer Security Applications Conference (ACSAC) this week in Miami. I hope to make it to most of the interesting talks and post articles about the better presentations. The main reason for my visit will be presenting the results from the Spector project that I worked on while at Arbor Networks. After the talk, I will post a shorter article summarizing the Spector research that also includes comments from the questions and discussion at the conference. This should be a busy week with plenty of interesting blog posts, so stay tuned.
I saw this cartoon and just had to write a post about it. This is the first security-related cartoon/joke I have ever seen. I think it is quite funny, but you be the judge.
This week I will be in Boston at the USENIX Security Symposium and Hot Topics in Security workshop. More posts will follow on interesting presentations throughout the week.
Welcome to StriaghtSecTalk.com. This goal of this site is to provide articles relating to various information security topics in weblog format that are interesting, comprehensive, and neutral. Also, when appropriate, articles will list citations, and they will always be as accurate as possible. Your feedback and participation is always encouraged. If there are any topics in particular that you would like to see discussed, don’t hesitate to send me an e-mail. Thank you for visiting StraightSecTalk.com, and I look forward to your continued readership.
Cheers,
Kevin Borders
Editor - StraightSecTalk.com