Server Move

I wanted to install Gallery so that I can easily share some of the “art” that I shoot :). The server I was on did not have some settings (it has php – safe_mode on) that stopped me from installing Gallery. The good people at , where I host this site, offered to move me to a new server that would allow me to install Gallery. So here we are on a brand new server. I will be posting some new pictures soon.

MySQL – Setting up initial privileges

Ever install MySQL and wondered what to do next? Well, the first thing is to secure the root user (Note: The MySQL root user is different from the OS root user). These three simple steps should deal with it.

shell> mysql -u root mysql
mysql> SET PASSWORD FOR [email protected]=PASSWORD(‘new_password’);

MySQL has really good documentation on their website. It is can be accessed here.

IE Bug – Pretty Scary

During my daily visit to Richard Bejtlich’ blog, I came information about this flaw in IE which can be exploited to make people believe that they are viewing/visting one site (URL) when in fact they are located on another website. To quote from the “Zap The Dingbat” (who actually discovered the bug)

There is a flaw in the way that Internet Explorer displays URLs in the address bar.
By opening a specially crafted URL an attacker can open a page that appears to be from a different domain from the current location.Exploit
By opening a window using the http://[email protected] nomenclature an attacker can hide the real location of the page by including a non printing character (%01) before the “@”.
Internet Explorer doesn’t display the rest of the URL making the page appear to be at a different domain.

For example, if you click on this button, you will see the URL in the address bar if you are using IE. But the full address of the URL is[email protected]/security/ex01/vun2.htm.

Pretty scary eh.. Just imagine how much this can be abused. People can be tricked into entering their credit card information, usernames/passwords etc.. by mimicking valid sites. And as if though this is not bad enough, Micro$oft hasn’t even released a patch for this yet. So for now, either you type in all addresses manually in the address bar or use trusted saved bookmarks. I would recommend scrapping IE and to start using Mozilla Firebird as your default browser. It is fast, small, adheres to standards and is FREE [as in beer].

The Tao Of Security

I came across this blog by Richard Bejtlich while I was researching for security related sites. Richard is a principal consultant at Foundstone and his knowledge and methodology just amazes me. I visit this site everyday if not more :). I hope to add more bits about technology as I come across interesting things.

New blogging software!

In the spirit of New Year, I decided to try a new blogging software . Apparently the one I used before is not being actively developed anymore. And WordPress is the continuation of the older B2 project. The interface looks a lot cleaner and it has a lot more features in the background. Only problem was that I couldn’t figure out how to import all my old posts. I did make a backup of the old database. Will try to see if I can manually import them. Isn’t life wonderful 🙂 .


Isn’t technology great :). For those in search of a free Encyclopedia, look no further. “WikipediA” is a web based collaborative effort to create a free content encyclopedia. Take a look and if you can, contribute 🙂 to the project and give back to the world.