http://www.opencores.org/ perhaps? - Google is your friend.
Forum: OMG Ponies

Just out of curiosity id, which daemon are you using?
Forum: OMG Ponies

I was thinking that it might be interresting to pool more of the leetness into a live format. I generally avoid security channels on IRC as the occupants rarley adds value to my work, research or life. Perhaps the *.ckers.org folks could succeed where others have failed? Just a thought.
Forum: OMG Ponies

M4-io Wrote: ------------------------------------------------------- > So far my mod_security rules list has 90+ entries, > 231 useragents and 7000+ ip's that cannot access > any of my scripts. You might want to consider blocking IPs through another method than mod_security due to the overheads caused. Iptables, firewall, router or even the allow/deny directives. As Ivan has stated
Forum: Networking

Did you try "-1 OR 1=1" (w.o.q) ? Based on the statement you have provided that should select * for all members. I suspect the query is longer or some other manipulation is occuring, but with the information you provided there should be several injection vectors. The version of MySQL also determines what options you have.
Forum: SQL and Code Injection

I'm MERLiiN and I think ninjas are awesome. I have http://www.realultimatepower.net/ just like Robert.
Forum: Intro

Googledork: inurl:"url=http://" Showing results 1-10 of about 10,400,000
Forum: Full Disclosure

You know you can turn mod_security on/off through .htaccess if you have the matching AllowOverride? In any event it really depends on the ruleset, I find that it is mostly useful for protecting against automated attacks and temporarily blocking new common exploits. You can make certain assumptions that could break the odd functionality, but most times having uname -a in the postdata or url is m
Forum: Networking

<brainfart>where's my delete post button again</brainfart>
Forum: Full Disclosure

Hi Rsnake! I have successfully used mod_security to block certain attacks that should not be occuring in normal traffic, such as the %00 null value attacks on php. I also have a few regexps to cut off automata bot attacks and SMTP injection which both have constants. I also filter out some basic basic XSS and SQL injection to deter the script kiddies. I also protect the very limited amount
Forum: Networking