Posts | Archive

PDPT: Passive DNS Port Test

The Passive DNS Port Test (PDPT) tool acts as a passive DNS monitor to flag resolvers that may be vulnerable to the cache poisoning issue described in CERT VU #800113. Similar to OARC's porttest, this monitor will judge the source port behavior of resolvers based on the standard deviation ...

Beware of Google App Engine SDK

An easily exploited vulnerability in Google App Engine's SDK can put your development servers at risk. While this bug is trivial to fix, engineers at Google have declined to address the vulnerability, so be cautious when using the SDK to develop your web service.

The Vulnerability

The vulnerability exists ...

Thinkpad X300 Has Arrived!

My brand-new Lenovo ThinkPad X300 has arrived! It is beautiful, bright, and light!

The X300's specifications:

  • Intel Core 2 Duo L7100 @ 1.2ghz (4MB L2)
  • 13.3 WXGA+ TFT (1440x900 LED backlight)
  • 4GB PC2-5300 DDR2
  • 64GB Samsung SSD
  • Intel 4965AGN WiFi
  • Primary 6 Cell Li-Ion Battery
  • Secondary 3 Cell ...

iRoll: Rick Roll meets the iPod

Unless you've been living under a rock or some other non-internet-connected object, you've probably been Rick Rolled at some point. I decided to take the concept a step further and whipped up a Python script that will let you Rick Roll the entire iPod of an unsuspecting victim ...

Black Hat DC 2008 Briefings

Just arrived home from Washington, DC where I attended and presented at the Black Hat DC Briefings. I was fairly busy throughout the briefings and didn't make it to as many presentations as I hoped, but I thought I'd detail a few of the more interesting ones.


Presentations ...

Copyright © 2018 - Jon Oberheide