Comments for Cupfighter.net http://www.cupfighter.net A blog by Schuberg Philis colleagues Wed, 17 Mar 2010 16:53:31 +0100 http://wordpress.org/?v=abc hourly 1 Comment on Citrix Edgesight 5.2 vs Memory Allocation within WOW64 by Mike Yazdzik http://www.cupfighter.net/index.php/2010/02/citrix-edgesight-5-2-vs-memory-allocation-within-wow64/comment-page-1/#comment-3502 Mike Yazdzik Wed, 17 Mar 2010 16:53:31 +0000 http://www.cupfighter.net/?p=881#comment-3502 Hi Roeland, have you had any luck with Citrix on this? I’m having similar issues with java apps and Edgesight 5.2 getting jvm not enough resources on w2k3 32bit servers? Hi Roeland, have you had any luck with Citrix on this? I’m having similar issues with java apps and Edgesight 5.2 getting jvm not enough resources on w2k3 32bit servers?

]]> Comment on Check your SQL backup automatically by Using a specific account for specific scripts in SCOM 2007 | Cupfighter.net http://www.cupfighter.net/index.php/2009/10/check-your-sql-backup-automatically/comment-page-1/#comment-3376 Using a specific account for specific scripts in SCOM 2007 | Cupfighter.net Wed, 03 Mar 2010 21:42:14 +0000 http://www.cupfighter.net/?p=604#comment-3376 [...] Now create your monitor (in the authoring section). See for basic instructions on how to create a monitor one of my previous posts: http://www.cupfighter.net/index.php/2009/10/check-your-sql-backup-automatically/ [...] [...] Now create your monitor (in the authoring section). See for basic instructions on how to create a monitor one of my previous posts: http://www.cupfighter.net/index.php/2009/10/check-your-sql-backup-automatically/ [...]

]]> Comment on 10 Red Balloons (got me thinking) by James Wilkes http://www.cupfighter.net/index.php/2010/01/10-red-balloons-got-me-thinking/comment-page-1/#comment-3056 James Wilkes Mon, 08 Feb 2010 22:42:02 +0000 http://www.cupfighter.net/?p=868#comment-3056 Over the past year as I have begun to harness these tools for my business I have been struck by the profundity of this (R)evolution. Every couple of months a moment of deep perspective sweeps over me, and I feel like I did when I had my first beer, or woman; this is huge, this is the real deal, pay attention. Keeping apace is time intensive, and that curiosity must be (for me) paired with motivation. Otherwise I go off into the wild Southwest and loose myself with landscapes, the web of life, the mysteries of biology, with a woman and a beer. Over the past year as I have begun to harness these tools for my business I have been struck by the profundity of this (R)evolution. Every couple of months a moment of deep perspective sweeps over me, and I feel like I did when I had my first beer, or woman; this is huge, this is the real deal, pay attention. Keeping apace is time intensive, and that curiosity must be (for me) paired with motivation. Otherwise I go off into the wild Southwest and loose myself with landscapes, the web of life, the mysteries of biology, with a woman and a beer.

]]> Comment on stress/load testing a Java-enabled web site with jMeter by Gabe http://www.cupfighter.net/index.php/2009/10/stressload-testing-a-java-enabled-web-site-with-jmeter/comment-page-1/#comment-2901 Gabe Sat, 30 Jan 2010 17:51:29 +0000 http://www.cupfighter.net/?p=609#comment-2901 Hi - Thanks for your post, it's one of many I found when researching a problem I had with JMeter. I wanted to offer a different approach to invoking custom Java from inside JMeter, which is to implement the JMeter 'Function' interface in Java. This allows you to directly invoke your own Java classes from JMeter. For those interested I have instructions and a skeleton implementation: http://gabenell.blogspot.com/2010/01/custom-functions-for-jmeter.html Hi – Thanks for your post, it’s one of many I found when researching a problem I had with JMeter. I wanted to offer a different approach to invoking custom Java from inside JMeter, which is to implement the JMeter ‘Function’ interface in Java. This allows you to directly invoke your own Java classes from JMeter. For those interested I have instructions and a skeleton implementation:

http://gabenell.blogspot.com/2010/01/custom-functions-for-jmeter.html

]]> Comment on Lenovo Windows 7 Drivers by ashok http://www.cupfighter.net/index.php/2009/06/lenovo-windows-7-drivers/comment-page-1/#comment-2900 ashok Sat, 30 Jan 2010 17:28:03 +0000 http://www.cupfighter.net/?p=83#comment-2900 good job good job

]]> Comment on 10 Red Balloons (got me thinking) by David Wiggs http://www.cupfighter.net/index.php/2010/01/10-red-balloons-got-me-thinking/comment-page-1/#comment-2886 David Wiggs Sat, 30 Jan 2010 02:07:14 +0000 http://www.cupfighter.net/?p=868#comment-2886 Very interesting POV! Thanks for the shout out. Very interesting POV! Thanks for the shout out.

]]> Comment on Security Assessment Agreement Outsourcing by Karel van Houten http://www.cupfighter.net/index.php/2009/10/security-assessment-agreement-outsourcing/comment-page-1/#comment-2815 Karel van Houten Mon, 25 Jan 2010 11:57:58 +0000 http://www.cupfighter.net/?p=627#comment-2815 Frank, A nice piece of work! These matters are often overlooked when conducting these assessments. I would like to suggest one more item: The situation where the service provider is using some infrastructure of some other provider to provide the services that are under assessment. That second provider might take legal steps against the assessor when his infrastructure is under attack. The primary service provider should state that all providers involved are bound by agreements that make this assessment legally possible. Regards, Karel. Frank, A nice piece of work!

These matters are often overlooked when conducting these assessments.

I would like to suggest one more item: The situation where the service provider is using some infrastructure of some other provider to provide the services that are under assessment. That second provider might take legal steps against the assessor when his infrastructure is under attack. The primary service provider should state that all providers involved are bound by agreements that make this assessment legally possible.

Regards,
Karel.

]]> Comment on Aladdin eToken and Windows 7 by Ariepenarie http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/comment-page-1/#comment-2701 Ariepenarie Mon, 18 Jan 2010 12:05:41 +0000 http://www.cupfighter.net/?p=351#comment-2701 Don't ask me how, but I have found the 5.1 SP1 beta software and it runs fine on my Windows 7 x64 system. http://dms.aladdin.ru/file.php?id=dec8e874e791762cbfa9b307107c6bd5 Don’t ask me how, but I have found the 5.1 SP1 beta software and it runs fine on my Windows 7 x64 system.

http://dms.aladdin.ru/file.php?id=dec8e874e791762cbfa9b307107c6bd5

]]> Comment on Aladdin eToken and Windows 7 by victor http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/comment-page-1/#comment-2610 victor Wed, 13 Jan 2010 10:57:17 +0000 http://www.cupfighter.net/?p=351#comment-2610 Could anybody please post the complete download-link? I can't read russian and I didn't see "Windows 7" mentioned on that page. Could anybody please post the complete download-link? I can’t read russian and I didn’t see “Windows 7″ mentioned on that page.

]]> Comment on Aladdin eToken and Windows 7 by oscar http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/comment-page-1/#comment-2163 oscar Sat, 26 Dec 2009 10:10:20 +0000 http://www.cupfighter.net/?p=351#comment-2163 sorry, wrong link... is should be this link below with regards Oscar (rdam,nl) http://www.aladdin.ru/support/download/category177 sorry, wrong link… is should be this link below

with regards Oscar (rdam,nl)

http://www.aladdin.ru/support/download/category177

]]> Comment on Aladdin eToken and Windows 7 by oscar http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/comment-page-1/#comment-2162 oscar Sat, 26 Dec 2009 10:08:39 +0000 http://www.cupfighter.net/?p=351#comment-2162 hi guys, the etoken software supporting windows 7 is downloadable due the link below. with regards Oscar (rdam,nl) http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/ hi guys, the etoken software supporting windows 7 is downloadable due the link below.

with regards Oscar (rdam,nl)

http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/

]]> Comment on Aladdin eToken and Windows 7 by oscar http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/comment-page-1/#comment-2160 oscar Sat, 26 Dec 2009 10:05:11 +0000 http://www.cupfighter.net/?p=351#comment-2160 Hi guys, the solution you are looking for is on this page below.. problem is solved. the russians already has a released pki software supporting windows 7. http://www.aladdin.ru/support/download/category177 goodluck. with regards Oscar (rdam,nl) Hi guys,

the solution you are looking for is on this page below..
problem is solved. the russians already has a released pki software supporting windows 7.

http://www.aladdin.ru/support/download/category177

goodluck. with regards Oscar (rdam,nl)

]]> Comment on Aladdin eToken and Windows 7 by Ich AG http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/comment-page-1/#comment-2113 Ich AG Wed, 23 Dec 2009 22:36:33 +0000 http://www.cupfighter.net/?p=351#comment-2113 The Link is failed....Where can i download the beta drivers? It is most important! The Link is failed….Where can i download the beta drivers? It is most important!

]]> Comment on Aladdin eToken and Windows 7 by Eddy DC http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/comment-page-1/#comment-2102 Eddy DC Wed, 23 Dec 2009 10:56:04 +0000 http://www.cupfighter.net/?p=351#comment-2102 The Beta drivers works under Windows 7. :-) The Beta drivers works under Windows 7. :-)

]]> Comment on Aladdin eToken and Windows 7 by mistbow http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/comment-page-1/#comment-1980 mistbow Fri, 18 Dec 2009 10:46:04 +0000 http://www.cupfighter.net/?p=351#comment-1980 Try Beta drivers eToken for Windows 7 by Aladdin. Send request for beta from support page ore try this link: http://dms.aladdin.ru/file.php?id=df7de0955069f3eda73ef4c7c09c8574 till 22 Dec 2009 GMT. Try Beta drivers eToken for Windows 7 by Aladdin. Send request for beta from support page ore try this link:
http://dms.aladdin.ru/file.php?id=df7de0955069f3eda73ef4c7c09c8574
till 22 Dec 2009 GMT.

]]> Comment on Seccubus the new name for AutoNessus by Seccubus.com website is online… | Cupfighter.net http://www.cupfighter.net/index.php/2009/11/seccubus/comment-page-1/#comment-1840 Seccubus.com website is online… | Cupfighter.net Sun, 13 Dec 2009 22:32:01 +0000 http://www.cupfighter.net/?p=782#comment-1840 [...] month our coworker Frank Breedijk rechristened his vulnerability management tool Seccubus. Today he has launched his new website [...] [...] month our coworker Frank Breedijk rechristened his vulnerability management tool Seccubus. Today he has launched his new website [...]

]]> Comment on TLS renegotiation attack. More bad news for SSL by MitM Plaintext Injection Vulnerability in TLS (openssl) « waffle http://www.cupfighter.net/index.php/2009/11/tls-renegotiation-attack/comment-page-1/#comment-1834 MitM Plaintext Injection Vulnerability in TLS (openssl) « waffle Sun, 13 Dec 2009 12:26:28 +0000 http://www.cupfighter.net/?p=676#comment-1834 [...] TLS renegotiation attack. More bad news for SSL | Cupfighter.net [...] [...] TLS renegotiation attack. More bad news for SSL | Cupfighter.net [...]

]]> Comment on Needs an OO Database but you have “only” Bash? by ben http://www.cupfighter.net/index.php/2009/06/needs-an-oo-database-but-you-have-only-bash/comment-page-1/#comment-1794 ben Fri, 11 Dec 2009 19:25:44 +0000 http://www.cupfighter.net/?p=237#comment-1794 This is awesome!!! This is awesome!!!

]]> Comment on TLS renegotiation attack. More bad news for SSL by Frank Breedijk http://www.cupfighter.net/index.php/2009/11/tls-renegotiation-attack/comment-page-1/#comment-1785 Frank Breedijk Fri, 11 Dec 2009 10:36:48 +0000 http://www.cupfighter.net/?p=676#comment-1785 The attack works with client site certificates if the server allows renegotiation. Since the certificate is sent in the replayed client hello message and subsequent handshake an attacker would be able to execute a reuest of his liking and still authenticate with the client certificate. A TLS MitM attack where the attacker can inject arbitraty data before the clients original request is very feasable. Client site certificates do not change this, on fact, the first demonstrated attacks where against webservers that requested client side certs. The attack works with client site certificates if the server allows renegotiation. Since the certificate is sent in the replayed client hello message and subsequent handshake an attacker would be able to execute a reuest of his liking and still authenticate with the client certificate.
A TLS MitM attack where the attacker can inject arbitraty data before the clients original request is very feasable. Client site certificates do not change this, on fact, the first demonstrated attacks where against webservers that requested client side certs.

]]> Comment on Aladdin eToken and Windows 7 by Frank Breedijk http://www.cupfighter.net/index.php/2009/07/aladdin-etoken-and-windows-7/comment-page-1/#comment-1784 Frank Breedijk Fri, 11 Dec 2009 10:35:15 +0000 http://www.cupfighter.net/?p=351#comment-1784 If you get in touch with the helpdesk of you reseller they should be able to provide you with them. That's how we got them. If you get in touch with the helpdesk of you reseller they should be able to provide you with them. That’s how we got them.

]]>