Archive for the ‘Security’ Category

Java Denial Of Service Attack

Wednesday, March 30th, 2011

Just read a post in the Portland Java User Group mailing list about a Denial Of Service (DOS) attack that is pretty scary.  You don’t need a swarm of computers to bring down a server.  Just pass in a certain value and the system will enter an infinite loop and come to a grinding halt.  It appears update 24 has a fix.  If you haven’t run update 24 try executing the following code on your system and watch your CPU spike.

class InfiniteLoop {
public static void main(String[] args){
 double d=Double.parseDouble("2.2250738585072012e-308");

It always makes me wonder how someone found this bug.  Thank goodness for open source.  For more details see the Common Vulnerabilities and Exposures website.

SHODAN – Search Engine for Hackers

Thursday, September 9th, 2010

SHODAN is a project that continuously scans the internet for open ports and index’s their HTTP header.  It then allows anyone to search these HTTP headers for possible exploits.   Hackers are going to love this.  Read more here and learn how to secure your network: