<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 5.50.4616.200" name=GENERATOR></HEAD>
<BODY style="MARGIN-TOP: 2px; FONT: 8pt MS Sans Serif; MARGIN-LEFT: 2px">
<DIV>I prefer php for web scripting lately, though I'm sure it has it's own set
of security vulnerabilities. I still use perl for it's rich set of modules
and SNMP support, but limit my development to command line scripts that run as
cron jobs. Those jobs update MySQL databases and my php scripts act as a
front end for users who want to search the database. </DIV>
<DIV> </DIV>
<DIV>I couldn't get to Phrack.org, my company proxy classifies it as a
"criminal skills" site! (Or should that be skillz?) Have to check it from
home.</DIV>
<DIV> </DIV>
<DIV>Ron Lussier<BR>L.L. Bean, Inc.<BR>Network Management Analyst<BR>(207)
552-5152<BR></DIV>
<DIV><BR>>>> <maine-pm@mail.pm.org> 08/20/03 06:25AM
>>><BR></DIV>
<DIV class=Section1>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">I was reading Phrack the other day
and came across this old, but interesting article that details some potential
problems in scripts: <A
href="http://www.phrack.org/show.php?p=55&a=7">http://www.phrack.org/show.php?p=55&a=7</A></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">I was curious if anyone had any
experiences with sloppy/vulnerable Perl scripts (written by others, of course)
or tips on writing secure scripts.</SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Thanks</SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">------------------------------------------------</SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt">Joe Minieri, CISSP</SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=2><SPAN
style="FONT-SIZE: 10pt">Director of Application Engineering</SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=2><SPAN
style="FONT-SIZE: 10pt">OpenService</SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=2><SPAN
style="FONT-SIZE: 10pt">110 Turnpike Road, Suite 308</SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=2><SPAN
style="FONT-SIZE: 10pt">Westborough</SPAN></FONT><FONT size=2><SPAN
style="FONT-SIZE: 10pt">, </SPAN></FONT><FONT size=2><SPAN
style="FONT-SIZE: 10pt">MA</SPAN></FONT><FONT size=2><SPAN
style="FONT-SIZE: 10pt"> </SPAN></FONT><FONT size=2><SPAN
style="FONT-SIZE: 10pt">01581</SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face="Times New Roman" size=2><SPAN
style="FONT-SIZE: 10pt">Phone: 508-380-6372</SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=2><SPAN
style="FONT-SIZE: 10pt">AIM: minieri</SPAN></FONT></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt"></SPAN></FONT> </P></DIV></BODY></HTML>