SkyHorse.Org

ModSecurity 2.5 : a book by Magnus Mischel

December 10th, 2009 SkyHorse

When I received ModSecurity 2.5 by Magnus Mischel through the post I was expecting a decent, thick and technically focused book on setting up and configuring obscure areas of ModSecurity.
On reading it I was pleasantly surprised to find how practical, direct and friendly it was (it even has its own section explaining what “Regular Expressions” are), so this is not just for the expert user, but beginner sys admin too.
The book guides you through all the steps to setting up ModSecurity 2.5 in your apache server, from installation to setting up basic and advanced rules. It also takes a look at real-life examples which is a definite must read as its the hardest part for anyone starting to use the tool.
At £30.99 (£21.99 for e-book version) its a good investment for everyone thinking about or already using ModSecurity to protect apache web servers.

Language English
Paperback 280 pages [191mm x 235mm]
Release date November 2009
ISBN 1847194745
ISBN 13 978-1-847194-74-9
Author(s) Magnus Mischel
Topics and Technologies Open Source, Linux Servers
Published by Packt Publishing

Tags: apache, book, hacking, mod-security, modsecurity, Security

Related posts:

• Fixing open DNS servers
• Major flaw on the DNS Internet architecture discovered
• modsec.sh updated

Posted in Uncategorized | No Comments »

Major flaw on the DNS Internet architecture discovered

July 8th, 2008 SkyHorse

Conspiracy fans unite: the worlds major Internet vendors sent their engineers out for secret meetings at the microsoft campus for the past few months to tackle the biggest flaw on the internet’s architecture since it began.

The issue resides on the obiquituous DNS system responsible for directing applications to the right servers when they request a URL. Although there is yet no evidence of this flaw being exploited, it will not take long for black hat hackers to use it to direct you to their own servers when you try to open your online banking or check your emails.

All major vendors will be releasing fixes to their systems at the same time, as to minimise the chances of such rogue practicies happening, something unheard of which clearly shows the gravity of the situation.

More detail at http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/
Dan’s website where you can check for the vulnerability: http://www.doxpara.com

Tags: DNS, hacking, Security

Related posts:

• Fixing open DNS servers
• ModSecurity 2.5 : a book by Magnus Mischel
• modsec.sh updated

Posted in Computing | No Comments »

WordPress is hacked: All Upgrade to 2.1.2

March 4th, 2007 SkyHorse

WordPress, the software powering thousands of weblogs on the web, has recently seen it’s download files modified by an unknown “cracker” who changed the code to include code enabling those in the know to gain access to the websites running such software.

Only version 2.1.1 was affected.

WordPress › Blog » WordPress 2.1.1 dangerous, Upgrade to 2.1.2

Tags: hacking, hacking, hosting, wordpress

Related posts:

• Web Host Company hacks into their own client’s accounts
• The Definite Guide of Obscure Tweaks to Install and Maintain cPanel / WHM (version 10)
• Auto update modsecurity rules – modsec.sh

Posted in hacking, hosting | No Comments »

Simple remedy for a big problem: how to disable the RFID on your passport

January 7th, 2007 SkyHorse

Sooner or later if you live in a country with the visa-waiver program with the US (i.e. most EU countries and a few more) your passport will be issued with a always-on radio frequency identification chips, making it easy for officials – and hackers – to grab your personal stats. Getting paranoid about strangers slurping up your identity? Here’s what you can do about it. But be careful – tampering with a passport is punishable by 25 years in prison. Not to mention the “special” customs search, with rubber gloves. Bon voyage!

1) RFID-tagged passports have a distinctive logo on the front cover; the chip is embedded in the back.

2) Sorry, “accidentally” leaving your passport in the jeans you just put in the washer won’t work. You’re more likely to ruin the passport itself than the chip.

3) Forget about nuking it in the microwave – the chip could burst into flames, leaving telltale scorch marks. Besides, have you ever smelled burnt passport?

4) The best approach? Hammer time! Hitting the chip with a blunt, hard object should disable it. A nonworking RFID doesn’t invalidate the passport, so you can still use it.

Based on http://www.wired.com/wired/archive/15.01/start.html?pg=9

Tags: hacking, Hardware, passport, RFID, Travel

Related posts:

• GNU Radio: hacking the last frontier
• Turning a camera phone with bluetooth into a mouse (HID for you and me)
• Top tips for flying in comfort and style

Posted in Hardware, Travel, hacking | No Comments »

not quite there yet… » realizing…

November 17th, 2006 SkyHorse

The Hacker’s life philosophy is finally understood and explained. Interestingly, she, the writer, isn’t a techie nor a sociologist, but a common 25 year old female. Did I say common? Maybe that’s only at first sight, there’s nothing “common” about *this* philosopher…

not quite there yet… » realizing…

Loved the reading sis ;)

Tags: hacking, personality, Philosophy, sociology

Related posts:

• Hacking the mind
• Banksy: The Hacker of the Art world
• Things you should read before you comment: The entire Pope’s speach on 12th September in Germany

Posted in Philosophy | No Comments »