Adam Doupé

Assistant Professor, Arizona State University

Some Classic Literature Recommendations

| Comments

Recently, a friend asked me to recommend some classic English books for him. He’s Persian and was born in Iran, so it was fun to give him some of my favorite american books. I decided to put that list here in case you’re looking for a book to read.

Catch-22

One of the funniest books I’ve ever read. About WWII and it’s sad and funny at the same time.

A Confederacy of Dunces

The funniest book I’ve ever read. Captures the spirit of New Orleans and the characters are outlandish. Plus the book was published after the author committed suicide, so the whole book’s got a sad tinge.

Overview of Execution After Redirect Web Application Vulnerabilities

| Comments

Hi all, I’m here to talk about a little known web vulnerability that Bryce Boe already touched on. Execution After Redirects are logic flaws in web applications that can lead to Information Disclosure and Broken Access Controls.

What’s an EAR?

Well, an Execution After Redirect (EAR) flaw is when a developer causes an HTTP redirect to occur, typically via a web framework. The developer assumes that execution stops after the redirect, however, execution continues.

Paper Review: Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications.

| Comments

What is this?

In an effort to improve my writing and analysis skills, I’m going to review papers using less than 500 words. This is my first attempt.

Overview

Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications is a paper written by Davide Balzarotti et. al., and was published at the IEEE Symposium on Security and Privacy in 2008.

Compiling Jpcap on 64-bit Ubuntu 10.10

| Comments

Why?

While learning more about clojure, I wanted to do some network sniffing. Following a guide to raw traffic in clojure I needed to install jpcap in order to use libpcap from java.

Jpcap doesn’t provide a 64-bit version so I had to compile my own. Here’s the documentation of how I did it. A patch is provided at the end of the post.

Compiling jpcap 0.7 on 64-bit Ubuntu 10.10

  1. First install sun java on ubuntu 10.10

Configuring Linux Bridge to Act as a Hub

| Comments

So after struggling for a while with this, the answer is surprisingly simple.

For a bridge that you’ve created with brctl, you can use this simple command:

brctl setageing <bridgename> 0


This command tells Linux to forget every MAC address that it sees on
the bridge, making it act as a hub.

Here’s the source.

Enabling Total DNS on GoDaddy

| Comments

So I was trying to switch adamdoupe.com over to posterous (an amazing service).
Adamdoupe.com is registered via GoDaddy, and posterous even has a help
section on how to switch DNS. However, the Total DNS setting was
disabled in my account, and I figured I would post my problem/solution
here so I can help out anyone else with this problem.
 
The problem was that I had Custom Nameservers enabled. With this you
can’t enable TotalDNS. The solution is simple, switch from Custom
Nameservers to Parked Nameservers
. Then you can enable Total DNS
to have your domain point where ever your little heart desires.