December 10th, 2009 SkyHorse
ModSecurity 2.5 book cover
When I received ModSecurity 2.5 by Magnus Mischel through the post I was expecting a decent, thick and technically focused book on setting up and configuring obscure areas of ModSecurity.
On reading it I was pleasantly surprised to find how practical, direct and friendly it was (it even has its own section explaining what “Regular Expressions” are), so this is not just for the expert user, but beginner sys admin too.
The book guides you through all the steps to setting up ModSecurity 2.5 in your apache server, from installation to setting up basic and advanced rules. It also takes a look at real-life examples which is a definite must read as its the hardest part for anyone starting to use the tool.
At £30.99 (£21.99 for e-book version) its a good investment for everyone thinking about or already using ModSecurity to protect apache web servers.
Paperback 280 pages [191mm x 235mm]
Release date November 2009
ISBN 13 978-1-847194-74-9
Author(s) Magnus Mischel
Topics and Technologies Open Source, Linux Servers
Published by Packt Publishing
July 8th, 2008 SkyHorse
Conspiracy fans unite: the worlds major Internet vendors sent their engineers out for secret meetings at the microsoft campus for the past few months to tackle the biggest flaw on the internet’s architecture since it began.
The issue resides on the obiquituous DNS system responsible for directing applications to the right servers when they request a URL. Although there is yet no evidence of this flaw being exploited, it will not take long for black hat hackers to use it to direct you to their own servers when you try to open your online banking or check your emails.
All major vendors will be releasing fixes to their systems at the same time, as to minimise the chances of such rogue practicies happening, something unheard of which clearly shows the gravity of the situation.
More detail at http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/
Dan’s website where you can check for the vulnerability: http://www.doxpara.com
March 4th, 2007 SkyHorse
WordPress, the software powering thousands of weblogs on the web, has recently seen it’s download files modified by an unknown “cracker” who changed the code to include code enabling those in the know to gain access to the websites running such software.
Only version 2.1.1 was affected.
WordPress â€º Blog Â» WordPress 2.1.1 dangerous, Upgrade to 2.1.2
January 7th, 2007 SkyHorse
Sooner or later if you live in a country with the visa-waiver program with the US (i.e. most EU countries and a few more) your passport will be issued with a always-on radio frequency identification chips, making it easy for officials â€“ and hackers â€“ to grab your personal stats. Getting paranoid about strangers slurping up your identity? Hereâ€™s what you can do about it. But be careful â€“ tampering with a passport is punishable by 25 years in prison. Not to mention the â€œspecialâ€ customs search, with rubber gloves. Bon voyage!
1) RFID-tagged passports have a distinctive logo on the front cover; the chip is embedded in the back.
2) Sorry, â€œaccidentallyâ€ leaving your passport in the jeans you just put in the washer wonâ€™t work. Youâ€™re more likely to ruin the passport itself than the chip.
3) Forget about nuking it in the microwave â€“ the chip could burst into flames, leaving telltale scorch marks. Besides, have you ever smelled burnt passport?
4) The best approach? Hammer time! Hitting the chip with a blunt, hard object should disable it. A nonworking RFID doesnâ€™t invalidate the passport, so you can still use it.
Based on http://www.wired.com/wired/archive/15.01/start.html?pg=9
November 17th, 2006 SkyHorse
The Hacker’s life philosophy is finally understood and explained. Interestingly, she, the writer, isn’t a techie nor a sociologist, but a common 25 year old female. Did I say common? Maybe that’s only at first sight, there’s nothing “common” about *this* philosopher…
not quite there yetâ€¦ Â» realizingâ€¦
Loved the reading sis ;)