[blog.rayfoo]

Saw this at Biggy Heady, too funny not to share

Translated loosely from a Chinese blog post (http://drjimdiary.blogspot.com/2009/06/blog-post.html)

Before you join the company …

Boss: Welcome! Office without you sure will looks different!
Employee: If I am too tired working, I may just quit.
Boss: Don’t worry about that, I won’t let it happens.
Employee: Can I rest on weekends?
Boss: Of coz! That’s the bottom line of our company policy.
Employee: Do we need to OT till midnight?
Boss: No way, Who told you that?
Employee: Do we have meal allowance?
Boss: Needless to say, its definitely higher than other companies.
Employee: Is it possible that I will work till death?
Boss: No, why are you thinking in that way?
Employee: Will the company organize overseas trip for us?
Boss: It’s part of our company policy!
Employee: Do I need to come to work on time?
Boss: No, it depends.
Employee: How about salary, always paid on time?
Boss: Always!
Employee: Will the new hire got to do all the jobs?
Boss: How can that be possible? There are many seniors staff above you.
Employee: Will I get a chance if there is vacancy for management position?
Boss: No question about it, that’s how the company survived.
Employee: You are not lying to me are you?

After you join the company, just read in reverse order …

Have been fiddling around with Splunk lately.  Splunk’s a really good tool to use for log collection and analysis (and that’s oversimplifying it, I believe it can even do event correlation…), which really made my love for data mining go crazy of late:P  Best part is that it has a perpetual free license, nice!

One of the things I encountered when using Splunk was that it didn’t seem to be indexing all the log files that it was set to monitor.  After some reading up and experimenting the reason became clear: Splunk will not work properly if you set it to monitor too many files.

How many is too many?  For example, setting it to monitor a logfile directory which only has one active log and 100+++ rotated logs, is too many.  What should be done instead is to set it to monitor the active logfile only, and use oneshot adding of the other logfiles to the index you want.

Gonna do some more sharing/writeups about this crazily great tool.  There’s really a lot that this thing can do man.

Sharing my list of favourite Firefox plugins.  Some are used more for only when doing web application penetration testing, whereas some are useful for everyday awareness/protection when surfing around the interwebs.  Do leave comments if this helps, or you have any complaints/suggestions to help improve the list

• Adblock Plus: you know what this is for…  Remember to disable when performing penetration testing.
• CacheViewer: Allows for viewing and sorting of cache files.  Seldom used, but a great tool nonetheless when the need comes for it.
• Domain Details: Displays plenty of information about the server (type, headers, IP, location) that you’re accessing.  Good for basic information awareness during normal surfing.
• Download Statusbar: View and manage downloads from a tidy statusbar.
• DownThemAll: For fast grabbing of files from a directory.
• Firebug: Powerful tool for web developers that allows you to freely manipulate/view the loaded objects for a page.  I haven’t really figured out how to use this for penetration testing yet though.
• Greasemonkey: Could come in very handy if you want to do some mods to a site’s page automatically, remember to enable/disable the scripts that aren’t needed when on a penetration testing job.
• IE Tab: Don’t really use this, unless I get a site that’s coded to work only with “browsers like IE”.
• iMacros for Firefox: Another powerful macro editing/playback tool, I don’t use this though
• JavaScript Debugger: JS debugger and profiler, more useful for web developers I think.
• Live HTTP headers: Great for showing basic information about the HTTP headers being exchanged.
• NoScript: A MUST-HAVE for Forefox.  Whitelists the scripts and objects that are allowed to load for a domain, amongst other protection features against other nasties out there.  Remember to disable for penetration testing engagements.
• People Search and Public Record Toolbar: Great tool for information gathering, pity I never had the chance to really use it
• ScrapBook: Aids in archiving and organizing pages.  I use it to profile a site’s workflow.
• SwitchProxy / FoxyProxy: A must-have for changing between the many proxy tools that I use.
• Tamper Data: I use this to grab extra timeline information about the loading of pages.  Also allows you to do request/response editing.
• User Agent Switcher: Self explanatory.  Useful for certain situations only.
• View Dependencies: A must-have for organizing image/JavaScript/CSS resources for a page in a tidy manner.
• View formatted source: Formats HTML source neatly for viewing.
• View Source Chart: Formats final document DOM (after all the loading/JavaScript events have finished firing) for easy viewing.  Also for when View formatted source isn’t available for the version of Firefox that you’re using.
• Web Developer: Great for manipulating the forms/cookies/JavaScript/whatnot on a page.  A definite must-have for penetration testing.