This explains the outage today.
Malaysia Today has been hacked by the GasakdotNet group. They better have their backups ready…..
UPDATE: 19:10, Malaysia Today is back online.

• 1 Comment

This is how you turn off directory list for yr Tomcat server.
1. Edit the default servlet in the {$CATALINA_HOME}/conf/web.xml file.
2. Look for the <init-param> section within the <servlet section>
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>
org.apache.catalina.servlets.DefaultServlet
</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
<init-param>
<param-name>listings</param-name>
<param-value>true</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
3. Change the <param-value> to false for the <param-name>listing</param-name> section.
<init-param>
<param-name>listings</param-name>
<param-value>false</param-value>
</init-param>

• 0 Comments

Its sometimes necessary to limit who has access to a server via SSH. Most Linux security hardening checklist today require this to be enforced.
Fortunately this can be easily done with openSSH. Just edit the /etc/ssh/sshd_config file and add the desired directives shown below. You don’t need them all, just use what suits you needs.
openSSH provides [...]

• 1 Comment

Firefox 2.0.0.13 has just been released. It fixes a few security issues.
XUL popup spoofing variant (cross-tab popups)
Java socket connection to any local port via LiveConnect 2008-17
Privacy issue with SSL Client Authentication
HTTP Referrer spoofing with malformed URLs
Crashes with evidence of memory corruption (rv:1.8.1.13)
JavaScript privilege escalation and arbitrary code execution
If the auto update does not work for [...]

• 4 Comments

Beware, I received a phishing attempt today claiming that HSBC is carrying out it’s regular maintenance work and needs me to update my profile.
Always remember, banks never send us emails with action items.

• 0 Comments