Interesting article on the latest Apache and ModSecurity techniques to prevent DoS HTTP attacks. The attacks are well explained. I personally knew about Slowloris but didn’t about RUDY and post attacks.
I finished reading the ModSecurity 2.5 book, written by Magnus Mischell and published by Packt Publishing. I found a lot of interest reading it as I was already using ModSecurity – and I think anyone exposing an Apache web server should. I was actually using it partially. It is not trivial to secure a web [...]
There will be a new book about mod-security coming out : ModSecurity 2.5. ModSecurity is essential when it comes to secure any web site. It will make the work of the attacker much harder and it may save you even if your favorite dynamic pages have a security hole. However, it must be configured wisely [...]
As I just finished setting TLS and SASL to secure the access to my Postfix server, I realized that it was working only from inside my network. What I got from my lan : I shows well that the TLS handshake is initiated. But from this outside, I just got this weired thing : Of [...]
Using the serial port is still necessary to manage some devices, when it is reseted to factory defaults. It could be also a security choice… Nowadays many computers – and especially laptops don’t have anymore a built-in serial port. Not a problem, there are many cheap serial-usb converters like this. As an alternative to the [...]
I found that it was a real mess to set up a FTP server in a DMZ, behind a firewall Cisco Asa (501 model with IOS version 7.0). The FTP server is on the DMZ area, and therefore I natted a public IP to the private IP in the DMZ subnet of this server. Doing [...]
