Firewall

HOWTO use npm behind a corporate proxy

Overview

Working at $big_company is not without its challenges, but the least of which should be network access, right? No, of course not. Installed “security appliances” (see the SSL MiTM post for more on that) on the network always limit access from within the corporate firewall out to the Iernet at large to protect from security vulurables. This is all great and fine, but that kind of protection always errs on blocking, so working with open source projects that are easy to install and run out in the real world become a nightmare when you’re inside the coporate firewall.

HOWTO defend databases from SQL attacks with GreenSQL

UPDATE: as if to underscore the importance of this tool and approach, yesterday a story hit about a SQL Injection attack infecting over 132,000 systems in short order. Net-Security have the full details on this attack, including how it probes the host via JavaScript to check for known vulnerabilities, how it exploits them, and how it ultimately downloads a back-door trojan to get the game going. It’s really amazing to see how complicated and professional these things have gotten, and just adds to the reasoning that we have to step up to the plate and learn how to better defend against them.