December 10th, 2009 SkyHorse
ModSecurity 2.5 book cover
When I received ModSecurity 2.5 by Magnus Mischel through the post I was expecting a decent, thick and technically focused book on setting up and configuring obscure areas of ModSecurity.
On reading it I was pleasantly surprised to find how practical, direct and friendly it was (it even has its own section explaining what “Regular Expressions” are), so this is not just for the expert user, but beginner sys admin too.
The book guides you through all the steps to setting up ModSecurity 2.5 in your apache server, from installation to setting up basic and advanced rules. It also takes a look at real-life examples which is a definite must read as its the hardest part for anyone starting to use the tool.
At £30.99 (£21.99 for e-book version) its a good investment for everyone thinking about or already using ModSecurity to protect apache web servers.
Paperback 280 pages [191mm x 235mm]
Release date November 2009
ISBN 13 978-1-847194-74-9
Author(s) Magnus Mischel
Topics and Technologies Open Source, Linux Servers
Published by Packt Publishing
July 8th, 2008 SkyHorse
Conspiracy fans unite: the worlds major Internet vendors sent their engineers out for secret meetings at the microsoft campus for the past few months to tackle the biggest flaw on the internet’s architecture since it began.
The issue resides on the obiquituous DNS system responsible for directing applications to the right servers when they request a URL. Although there is yet no evidence of this flaw being exploited, it will not take long for black hat hackers to use it to direct you to their own servers when you try to open your online banking or check your emails.
All major vendors will be releasing fixes to their systems at the same time, as to minimise the chances of such rogue practicies happening, something unheard of which clearly shows the gravity of the situation.
More detail at http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/
Dan’s website where you can check for the vulnerability: http://www.doxpara.com
October 4th, 2006 SkyHorse
This has to be the most disgusting marketing strategy since the dawn of forehead tattoos:
Dedicated Hosting Companies Â» Blog Archive Â» Hacked by my host! Be Careful!
Who’s watching the watchers?
September 28th, 2006 SkyHorse
Ok, there seems to be a *lot* of posts and threads about this issue and I think a simple page is appropriate.
Lets start with the problem. Check the report for your domain here: http://www.dnsreport.com/tools/dnsreport.ch?domain=YOUR_DOMAIN_HERE.COM
An open DNS server is one that replies to a query about a domain it is not responsible for, to anyone who asks for it. For starters, that is just a waste of processing time, but it can be worse if it is used for flooding. See, since a DNS query is (much!) smaller in number of bytes than a DNS response, if it is spoofed it can be used to perform a DoS attack on a computer with several times the bandwidth of the perpretator.
I’ve posted a solution to my obscure cPanel guide, have a look if your interested:
Fixing Open DNS servers