It wont be just 1 guy.
The way this usually works is using computers of innocents infected with
malware, usually referred to as zombies or trojans.
The hacker then uses the infected computers to launch the attack.
So it could easily be thousands of unsuspecting people doing it.
Regards
Russ
Fyi in railo u can do this from the railo admin.
There is also an extension for the cfadmin to do this, check riaforge.
Regards
Russ Michaels
On Sep 11, 2012 5:42 AM, .jonah jonah@creori.com wrote:
Good point.
Here's my writeup on importing certs into the java keystore in ColdFusion:
Considering the way the hacker described this on twitter and the length of
time between his initial taunt and when the sites went down, I suspect more
to it than a DDOS. It sounds almost like he had his hand on the rhetorical
switch and he turned it off.
On Tue, Sep 11, 2012 at 1:22 AM, Russ
OK. I used http://certman.riaforge.org to add the cert, restarted CF, and
I'm still getting:
I/O Exception: Name in certificate `vendor.com' does not match host name `
download.vendor.com'
The problem might be that when I use my browser to go to
https://download.vendor.com and then view the
OK. I used http://certman.riaforge.org to add the cert, restarted CF, and
I'm still getting:
I/O Exception: Name in certificate `vendor.com' does not match host name `
download.vendor.com'
The problem might be that when I use my browser to go to
https://download.vendor.com and then view
Can you provide the actual URL you're trying to get to? It would be
useful to be able to look at the certificate chain.
You should be able to see it here:
https://download.api.bingads.microsoft.com
On Tue, Sep 11, 2012 at 7:58 AM, Dave Watts dwa...@figleaf.com wrote:
OK. I used
Can you provide the actual URL you're trying to get to? It would be
useful to be able to look at the certificate chain.
You should be able to see it here:
https://download.api.bingads.microsoft.com
OK, I took a quick look at it. First, there are two intermediate
certificates in the chain.
You may need to download and install them into the keystore as well
I'll try that.
What version of Java are you using? I believe Java 6 supports Subject
Alternative Names.
Java Version 1.6.0_26
How do I use Subject Alternative Names?
On Tue, Sep 11, 2012 at 10:00 AM, Dave Watts
You may need to download and install them into the keystore as well
That did not appear to have worked.
On Tue, Sep 11, 2012 at 10:05 AM, John M Bliss bliss.j...@gmail.com wrote:
You may need to download and install them into the keystore as well
I'll try that.
What version of Java
I think there're some cfhttp alternatives out there. Anyone know whether
one will fix this issue for me?
On Tue, Sep 11, 2012 at 10:20 AM, John M Bliss bliss.j...@gmail.com wrote:
You may need to download and install them into the keystore as well
That did not appear to have worked.
On
Java Version 1.6.0_26
How do I use Subject Alternative Names?
They should just work if they're going to work at all, so if they
don't work you might try one of the HTTP alternatives you mentioned.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
http://training.figleaf.com/
Fig
Suggestion as to which one...?
http://ultrahttp.riaforge.org/
http://cflib.org/udf/HTTPGet
On Tue, Sep 11, 2012 at 11:25 AM, Dave Watts dwa...@figleaf.com wrote:
Java Version 1.6.0_26
How do I use Subject Alternative Names?
They should just work if they're going to work at all, so if
Suggestion as to which one...?
http://ultrahttp.riaforge.org/
http://cflib.org/udf/HTTPGet
Well, the second one just uses java.net.URL, it looks like, so I don't
think it'll behave any differently. I don't know about the first one.
There's a Windows binary, CFX_HTTP, you could try that if
http://ultrahttp.riaforge.org/
FYI, that one uses cfhttp
-Leigh
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://blogs.coldfusion.com/post.cfm/security-hot-fix-for-coldfusion-september-2012
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
anyone seen details of what the vulnerability actually is ?
that is a huge job to update thousands of security sandboxes.
On Tue, Sep 11, 2012 at 7:34 PM, Brian Thornton br...@cfdeveloper.comwrote:
http://blogs.coldfusion.com/post.cfm/security-hot-fix-for-coldfusion-september-2012
Yes...
Form Limit, and another bulletin...
http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb12-21.html
This guy found the problem..
http://misterdai.yougeezer.co.uk/
Kudos to Davd Boyer...
On Tue, Sep 11, 2012 at 2:44 PM, Russ Michaels r...@michaels.me.uk wrote:
anyone
On Tue, Sep 11, 2012 at 4:28 AM, Maureen mamamaur...@gmail.com wrote:
Considering the way the hacker described this on twitter and the length of
time between his initial taunt and when the sites went down, I suspect more
to it than a DDOS. It sounds almost like he had his hand on the
Also 3rd party monitors detected no traffic telltales that would
indicate an attack of that magnitude was in progress.
So GD stepped on their own you-know-what and this was due to
incompetence rather than incompetence+malice. Not sure I feel that
much better about it.
On Tue, Sep 11, 2012 at
Hey all,
I work for Go Daddy and just wanted to let you know a bit about what happened
yesterday. Go Daddy was not attacked by a DDoS and no customer data was at
risk. You can see the full details about this here:
i already read tha adobe bulletin, it doesn't really say much.
On Tue, Sep 11, 2012 at 7:49 PM, Brian Thornton br...@cfdeveloper.comwrote:
Yes...
Form Limit, and another bulletin...
http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb12-21.html
This guy found the
well done for taking responsibility I say, they could have easily let
everyone believe it was the hackers who owned up to it.
sadly folks are too quick to bitch and moan and threaten to leave the first
time something goes wrong, but fail to remember how long they have had a
good service with no
On Tue, Sep 11, 2012 at 5:40 PM, Mike Z mzava...@godaddy.com wrote:
Hey all,
I work for Go Daddy and just wanted to let you know a bit about what
happened yesterday. Go Daddy was not attacked by a DDoS and no customer
data was at risk. You can see the full details about this here:
No coupon code? :-(
Sorry I don't have a coupon code for you.
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
I've been reading about this all day and I'm just missing something
and I can't understand the relationship between HTML formfields/values
and cfhttp/cfhttpparam values? None of the many examples I've reviewed
showed how to get variables a user inputs into a form into the cfhttpparams.
Do I need
cfhttpparam type=Formfield name=x_first_name
value=#form.fname# should do the trick.
On Tue, Sep 11, 2012 at 9:11 PM, Rick Faircloth
r...@whitestonemedia.com wrote:
I've been reading about this all day and I'm just missing something
and I can't understand the relationship between HTML
cfhttpparam type=Formfield name=x_first_name value=#form.fname#
So, how does the cfhttpparam above get the #form.fname# value? Does I use
a regular HTML form and submit the values to another page that receives
and posts them via cfhttp? (If that's true, then I'll now understand how
the value of
So, how does the cfhttpparam above get the #form.fname# value? Does I use
a regular HTML form and submit the values to another page that receives
and posts them via cfhttp? (If that's true, then I'll now understand how
the value of a select formfield gets into a cfhttpparam...)
I think
Yes...CF converts it over to html and javascript so that the actual output
is html. cfhttpparam type=Formfield name=x_first_name
value=#form.fname# If we were to use my name would look like
cfhttpparam type=Formfield name=x_first_name
value=Eric after CF processes it.
i already read tha adobe bulletin, it doesn't really say much.
I doubt you will ever see details and description about any possible attack.
It would be too easy for those looking for ideas...
~|
Order the Adobe Coldfusion
Ok... that's what I was thinking must be going on.
The CFHTTP page was basically a receptor or processing
page that acted on the variables the form sent. In this
case, passing them on to whatever URL was going to receive
the posted data.
Right?
-Original Message-
From: Dave Watts
Got it! Thanks! I think tomorrow will be a less
frustrating day. It's amazing how much information
there is on the 'net that has critical gaps in the
explanation of functionality. Too much assumption by
the authors, I think.
-Original Message-
From: Eric Roberts
Oh, and thanks for the feedback and explanation, Dave!
Rick
-Original Message-
From: Dave Watts [mailto:dwa...@figleaf.com]
Sent: Tuesday, September 11, 2012 10:21 PM
To: cf-talk
Subject: Re: Not understanding the relationship between html form values and
cfhttpparam values
So, how
33 matches
Mail list logo
