Wednesday, November 18, 2009

OWASP Releases 2010 - Top 10 Web Application Security Risks

OWASP (Open Web Application Security Project) released the preliminary version of the Top 10 Web Application Security Risks in a Request for Comment format.

According to OWASP they plan "to release the final public release of the OWASP Top 10 -2010 during the first quarter of 2010 after a final, one-month public comment period ending December 31, 2009. This release of the OWASP Top 10 marks this project’s eighth year of raising awareness of the importance of application security risks. This release has been significantly revised to clarify the focus on risk. To do this, we’ve detailed the threats, attacks, weaknesses, security controls, technical impacts, and business impacts associated with each risk. By adopting this approach, we hope to provide a model for how organizations can think beyond the ten risks here and figure out the most important risks that their applications create for their business."

The full document can be found on the
OWASP web site.

The OWASP Top Ten has been a key driver in improving the security of Web applications across many industries. If you have any questions please ask Arthur, who is an active OWASP member.

Sunday, November 1, 2009

HP Laserjet 3100 on Vista or Windows 7

I have a wonderful HP Laserjet 3100 that is still working reliably after seven years of use. I recently added a new laptop that is running Vista Business (no choice in the matter) to my stable of machines. I still want to use this printer with the Vista machine, but HP has no drivers for the printer. What to do?

The printer is connected to a machine on my network running Windows XP Professional.

1) I added a new printer on the Windows XP machine without using Plug and Play. It was set up as an HP LaserJet II Series printer connected to LPT1 (The parallel port).
2) I shared out the printer as \\Machine\HPLJII
3) I went to the Vista laptop and added a network printer. Of course it didn't discover it so I clicked on the option "The printer I want isn't listed."
4) I manually entered the Share \\Machine\HPLJII, which the Vista machine recognized as a LaserJet II and bingo I was up and running.

This solution should work for a Windows 7 machine as well.