Seeing Past Trojan.Hydraq’s Obfuscation

While Trojan.Hydraq has been described as sophisticated, the methods used to obfuscate the code are relatively straight forward to deobfuscate.  Trojan.Hydraq has spaghetti code, which is a technique used to make analyzing the code of program more difficult.  The basic blocks of a function are identified, and then completely rearranged so one cannot easily follow the code in a linear fas
Read More


  • No Related Posts

Maximize SQE usage with DDS-created DB2 for i databases

Applications utilizing SQL experience the best performance when processed by
the DB2 for i SQL Query Engine (SQE).
However, your use of SQE
may be hampered if your database uses keyed logical files containing select/omit criteria.
This article describes how you can use the IGNORE_DERIVED_INDEX query options attribute to
maximize the use of the SQL Query Engine with databases that contain keyed logical files.


Scheduled Tasks w/ GUI issue

Are there issues running Scheduled Tasks in Windows 2003 when the task has a GUI? I have one that worked fine in Windows 2000 but won’t run on Windows 2003.


I have a .bat job that ran every hour throughout the day on an old Windows 2000 server for many years. I finally retired that server last week and moved the job (and associated programs and files) to a Windows 2003 server.

The .bat file calls a couple cmd line apps first, but the final step is a GUI based .NET app (it does some OCR on image files and then shuts itself down).

From the new server, logged on as the Scheduled Task owner I can run the .bat file from the command line successfully.

From the new server, again logged on as the Scheduled Task owner, I can right-click on the task in the Scheduler and run it successfully. This task simply runs that same .bat file.

If the Scheduled Task owner is logged on to the 2003 server and the task is started from a remote server (where the user started Scheduled Tasks and connected to this server) it’ll also run successfully.

If the scheduled task owner is not logged on to this server then the scheduled task fails at the step where the GUI app is launched. We can’t get any error messages. Running ProcMon from a different session/user account monitoring that user account didn’t turn up anything either.

For the moment, my horrible work-around is to leave the scheduled task owner logged on at the console with the screen locked. Of course, this becomes a pain each time that server is rebooted…

The scheduled task owner is our “domain service account” and is working with all other tasks on all other servers. It isn’t locked out or anything like that.

I even tried modifying the Task Scheduler to check the “Allow service to interact with desktop box” but that didn’t change anything. (Yes, I restarted the service after the change.)


Updated (1/19/2010)

I need to clarify a bit: The .NET app I mentioned does a bunch of stuff that works. It isn’t until it gets to the point where it needs to open a window that the app then hangs. We can see the progress of the app via the logging entries it leaves behind so we can see it working fine with the last log entry being “about to start OCR”… and that’s where she hangs.


Why poll is not replaced with epoll?

Level-triggered epoll is very similar to poll. Why isn’t poll just a wrapper for epoll on systems supporting the latter?

EDIT: I mean, are there any technical barriers against such decision? Implementing poll as epoll would dramatically boost performance of many network applications. There should be some technical issue that I fail to notice.


Customer Passenger Error Pages

How do you replace the Passenger Application failed to load error messages. They are lovely, but I’d rather not display them when we move our application to production. It’d be better to just show them on the dev box and maintenance page on the live site.

For clarification, this is the call stack page passenger displays when your rails app fails to load.

I’d rather not modify the passenger template files directly.

Passenger doesn’t seem to be respecting:

ErrorDocument 500 /500.html


How to migrate Samba User Accounts to a new linux server?

I have an Ubuntu 6.06 server that needs to be replaced by an Ubuntu 9.04 server clean setup, I already copied the entire samba file server directory to the new 9.04 server using rsync. I need to know how to migrate the existing user accounts (machine accounts) to the new server so as when I physically transfer the connections everything will be ok and I don’t have to manually enter smbpasswd -a <user> on the new server.

passdb backend = tdbsam

network workstations accessing the share are either vista or xp.


Ajax in a network: Security and topology challenges of aggregating content from multiple sites in an Ajax architecture

There can be challenges when introducing Asynchronous JavaScript and XML
(Ajax) programming techniques into a network environment. This article looks
at security and topology scenarios that you might be trying to solve when
creating Ajax style architectures that aggregate content from multiple sites.
This article explores these scenarios using the IBM Tivoli Access Manager
WebSEAL product in conjunction with the IBM WebSphere Application Server
Feature Pack for Web 2.0 for developing Ajax style architectures for WebSphere
Application Server.


How do you configure IIS 7 to use a subdirectory as the default document?

So I have a website running on a discount account, and I put an mvc app in a subdirectory. If my url is ‘’ and my app is in directory ‘sample’, then ‘’ will execute the mvc app.

My problem is that I want the app to be shown when you go to ‘’ not just ‘’. I have access to the IIS Manager, and I’m sure there are many ways to do this.

What’s the best way to do this?