Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #5462 > unrolled thread
| Started by | Daniel Kluev <dan.kluev@gmail.com> |
|---|---|
| First post | 2011-05-16 13:21 +1100 |
| Last post | 2011-05-18 14:47 -0700 |
| Articles | 2 on this page of 42 — 11 participants |
Back to article view | Back to comp.lang.python
This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by
below is the oldest one visible, not the original post.
Re: obviscating python code for distribution Daniel Kluev <dan.kluev@gmail.com> - 2011-05-16 13:21 +1100
Re: obviscating python code for distribution "Rhodri James" <rhodri@wildebst.demon.co.uk> - 2011-05-16 23:42 +0100
Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 08:36 +0100
Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 17:42 +0300
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 09:54 -0700
Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 18:33 +0100
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 12:07 -0700
Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 20:56 +0100
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 14:34 -0700
Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 06:21 +0100
Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-19 08:47 +0000
Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 10:16 +0100
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 10:23 -0700
Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 19:23 +0100
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 17:56 -0700
Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-20 05:48 +0100
Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-20 07:04 +0000
Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-20 09:54 +0100
Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 15:24 -0500
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-20 15:45 -0700
Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-21 00:54 +0000
Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 23:26 -0500
Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-20 07:10 +0000
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-20 09:26 -0700
Re: obviscating python code for distribution Nobody <nobody@nowhere.com> - 2011-05-20 18:48 +0100
Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-20 11:33 +1000
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 19:30 -0700
Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-20 12:35 +1000
Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 03:24 +1000
Re: obviscating python code for distribution John Bokma <john@castleamber.com> - 2011-05-18 12:31 -0500
Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 03:52 +1000
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 10:40 -0700
Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:07 +1000
Re: obviscating python code for distribution "Littlefield, Tyler" <tyler@tysdomain.com> - 2011-05-18 12:26 -0600
Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-18 21:54 -0500
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 10:50 -0700
Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 01:17 -0500
Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 21:30 +0300
Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 21:31 +0300
Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:37 +1000
Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:49 +1000
Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 14:47 -0700
Page 3 of 3 — ← Prev page 1 2 [3]
| From | Chris Angelico <rosuav@gmail.com> |
|---|---|
| Date | 2011-05-19 04:49 +1000 |
| Message-ID | <mailman.1768.1305744573.9059.python-list@python.org> |
| In reply to | #5668 |
On Thu, May 19, 2011 at 4:26 AM, Littlefield, Tyler <tyler@tysdomain.com> wrote: >>might be secure as long as attackers cannot, say: > You forgot UFOs. > Anyway, again, thanks to everyone for the advice, this is good reading. > Incidentally, I don't know to much about security. I know about rate > limiting and dos attacks, as well as some others, but I think there's a lot > more that I don't know--can someone kind of aim me in the right direction > for some of this? I want to be able to take techniques, break my server and > then fix it so that can't be done before I head to public with this. Your last sentence IS the right direction. The two easiest ways to find out if your system is secure are (1) try to break it, and (2) pore over the code and see what can be broken. When you start testing things, try doing things in the wrong order. Your server should either cope with it fine, or throw back an error to that client, but should never allow any action that that client hasn't already proven he's allowed to do. There's plenty of people here who know what they're talking about when it comes to security (just skim over this thread for a few good names!), so if you have specific questions regarding your Python code, do ask. Alternatively, if it's not particularly Python-related, I would be happy for you to email me privately; I'm a gamer, and run an online game, so I'd be quite willing to have a bit of a poke at your code. Chris Angelico
[toc] | [prev] | [next] | [standalone]
| From | geremy condra <debatem1@gmail.com> |
|---|---|
| Date | 2011-05-18 14:47 -0700 |
| Message-ID | <mailman.1774.1305755275.9059.python-list@python.org> |
| In reply to | #5668 |
On Wed, May 18, 2011 at 11:26 AM, Littlefield, Tyler <tyler@tysdomain.com> wrote: >>might be secure as long as attackers cannot, say: > You forgot UFOs. > Anyway, again, thanks to everyone for the advice, this is good reading. > Incidentally, I don't know to much about security. I know about rate > limiting and dos attacks, as well as some others, but I think there's a lot > more that I don't know--can someone kind of aim me in the right direction > for some of this? I want to be able to take techniques, break my server and > then fix it so that can't be done before I head to public with this. One good thing to do is to just read some of the black hat papers. They're pretty accessible and even if you don't know everything they're saying you should be able to get a general feel for things that way. You might also try working through things like Damn Vulnerable Web App, if you have the time. Geremy Condra
[toc] | [prev] | [standalone]
Page 3 of 3 — ← Prev page 1 2 [3]
Back to top | Article view | comp.lang.python
csiph-web