The maximum length filename (which includes the full path) cannot exceed 255 characters.  Just to be clear, that includes the directory name, spaces, punctuation or anything else that would appear in the address bar.  For example:

C:\Users\user\Desktop\filename.txt

The above is 34 characters in length.

Read more: Windows Filenames Exceeding 255 Characters

 

Spear Phishing is a targeted email attack and the message will typically come from someone you know.  We’ve been seeing this type of attack more frequently and the latest one had an interesting twist.  Using our domain, sevenlayers.com and changing the names to protect the innocent, the email was crafted as follows:

Read more: Spear Phishing

We like to use the best operating for the job and we use a mixture of Windows, Mac and Linux.  Our typical Linux installation is a virtualized system and it does not include a desktop; we do all of the administration from the command line.

The other day, we were asked to propose a solution which installs on Linux but the installation must be performed from a Linux desktop.  No problem, we installed the desktop package with the following command:

Read more: RDP to Linux

You've run a tool, such as ZAP, against your web site in an attempt to harden it and you discover your site is prone to 'clickjacking'. 

A quick search reveals:

Clickjacking

The malicious practice of manipulating a website user's activity by concealing hyperlinks beneath legitimate clickable content, thereby causing the user to perform actions of which they are unaware.

Read more: Apache - Prevent Clickjacking

I recently came across an Apache web server with a number of virtual hosts under /var/www.  Pointing a browser to the root, /var/www, would reveal all of the names of the virtual hosts on the server.  While not tragic, it does reveal some information that we would prefer not be visible to the general public.

Read more: Apache - Index of /

We have several clients using OpenVPN in one form or another but I was playing around with the OpenVPN appliance available for download here:

https://openvpn.net/index.php/access-server/download-openvpn-as-vm.html

As a side note -- they warn you against using VMWare Player.  While I didn't use Player, I was testing it out in VMWare Workstation 11 and it works perfectly. 

Read more: OpenVPN WebUI Login Issue