Liran Tal's Enginx Driving an innovative future

blogger-image-1348616266 0

MEAN.io Session Cookie parameters

Continuing with my contribution to the MEAN.io (MongoDB, ExpressJS, AngularJS, and NodeJS) technology stack (or should we say framework by now with the progress it’s been making?) I’ve submitted another pull request to allow setting up MEAN.io session cookie parameters. It is often required for enterprise applications to set session cookie parameters and not rely on Express’s defaults. These parameters are for example the cookie expiration time, and whether the...

daloRADIUS   Code   Commit  r2119 3

daloRADIUS Import Users – fix password type

Recently an issue has been reported with regards to a defect in importing users into daloRADIUS with a different password type than the default Cleartext-Password. The source for this problem can be tracked back to an issue that Adam opened on daloRADIUS’s discussion board, which mainly concerns with the problem of importing users where the password type field is not the default Cleartext-Password. A fix for this has already been...

vbox-nat 0

Vagrant networking to enable Internet accessible machine setup

If you’re using vagrant, like most devopsers out there, you might have also been on the road to run it on a local development machine and make it accessible through the Internet with some NAT rules on your modem or firewall. If you experienced this, and been struggling with getting vagrant networking to function right then we will look into a working setup for this purpose. The case where networking issues could occur,...

daloradius_logo 0

daloRADIUS bug fix for refill traffic or time

With thanks to Ezequiel Villarreal, and another fine example of the open source movement in general and the daloRADIUS users community in specific, a patch has been contributed to solve an issue with refilling a user’s traffic or time limits in daloRADIUS’s Accounting interface. Ezequiel was kind enough to e-mail information about a problem, along with constructive feedback on the project (always great to hear!), but not without also sending the fix...

8984OS_Learning Pentesting for Android Devices 0

Reviewing book – Learning Pentesting for Android Devices

My personal background in computer security, penetration testing and vulnerability assessment started in my early age when I explored the world of programming, and later on practiced it more regularly when I adopted the GNU/Linux operating system. Back then, planting backdoors and holes in Loadable Kernel Modules (LKM) in Linux was an exciting journey to explore. In the spirit of software security, in the past week I’ve been reading through PacktPub’s...

Drupal 6 - Manage subscriptions 2

Drupal 6 – Subscription notifications aren’t going out?

We recently had an issue with a Drupal 6 site, where-as notifications didn’t seem to reach their destination on user’s email, even though we verified that all users were subscribed correctly to the relevant content items. An initial investigation began with the mail server to figure out if it’s getting any traffic from Drupal, whether it’s just misconfigured, down or has any other reasonable issue that can be reverted. The mail server logs proved...

drupal-security-team 2

Advanced Poll 6.x versions – XSS Vulnerability

During the weekend I discovered an XSS issue with the Advanced Poll module. I've made sure to provide a patch and submit this to the issue queue. I have actually submitted a few other SAs in the past, one of them was for the nice_dash module, which aims to provide a dashboard interface for Drupal administrators, but unfortunately it wasn't yet commited.   Drupal Security Advistory – XSS vulnerability in...

database-tables-files 0

Drupal Database Log to Syslog

Drupal Database Log is utilizing the built-in watchdog module but it can end up being quite a resource hog if you’re over utilizing it and having many modules enabled, let alone all the PHP warning and errors that it will log – causing an overkill in performance to your database with a lot of writes. Disabling the DB Logging module and enabling Syslog in Drupal 6: include_once(‘includes/install.inc’); // Replacing the...

564035_10201681129923342_1322183071_n 0

Media in Drupal 7 – presenting it in Drupal Camp Israel 2013

I attended Drupal Camp Israel – 2013 last week, and presented there about Drupal 7 Media, which is very much the title of my recently published book by Packt Publishing. The conference organization was overall good, lectures flew smoothly, there were camera men video-taping the whole event so that’s a nice plus to watch the offline lectures for people who couldn’t attend the event. It was organized this year by Roy Segall and Anat Kahana. The conference started...