Random thoughts, How loud can I scream in void ?

To content | To menu | To search

Tag - security

Entries feed - Comments feed

Tuesday, February 3 2009

European Organization for Nuclear Research is leaking data

By Francois Pesce on Tuesday, February 3 2009, 18:37 - Security

The European Organization for Nuclear Research (CERN), who launched the Large Hadron Collider in October 2008 is leaking data... After being forced to shut-down the huge particle collider, due to various technical problems, it looks like they're having some IT issues too...

That's what a simple Google request looking for SQL statements is resulting in. By displaying of mysql-backups hosted on a CERN machine, it seems that a big collection of data is publicly available.

Edit (2009-02-09): It has finally been fixed, a joyful 403 error is displayed on http://iepmbw.cern.ch/iepm-bw.cern.ch/mysql-backup/ but, currently, the parent directory still provides "Index of" files.

Edit (2009-June): It has finally been completely fixed, host is down!.

no comment

Thursday, April 5 2007

What kind of web hosting solution for the future President of France ?

By Jok on Thursday, April 5 2007, 15:14 - General

No surprise here, all the candidates have adopted Apache httpd, most of them are using the services of french web hosting companies, and only one web site runs FreeBSD instead of Linux.

Continue reading...

one comment

Wednesday, March 22 2006

Stop spam with captcha (deprecated)

By Jok on Wednesday, March 22 2006, 19:20 - General

I have observed an increase into the spam traffic of my website, and because I want to deliver only essential informations here, I had to adopt a solution to this problem.

Continue reading...

7 comments

Monday, January 16 2006

An Apache module that disguise or remove "Server" HTTP header

By Jok on Monday, January 16 2006, 09:15 - Apache Modules Development

Although sending the Server header in HTTP responses is not defined as a MUST in RFC 2616, the Apache HTTP Server does not allow you to disable sending this header via it's configuration. You can reduce it to "Apache" by removing the version, or the additional modules with the ServerTokens directive. Despite what some people are saying, even mod_headers can't suppress it.

Continue reading...

one comment