Archive for the ‘Security’ Category

Denial of Service

Thursday, April 2nd, 2015

Denial of Service attacks is a very vague term for a group of attacks that causes a service to be denied to legitimate users. Obviously when you host your website publicly you want it to be available – so having it taken down by some hacker is highly annoying. And I’m not referring to only websites, there are many other types of applications and services out there that can be “taken down”, or to which “service can be denied”.

Using php-fpm and mod_proxy_fcgi to optimize and secure LAMP servers

Wednesday, January 16th, 2013

So up until now I’ve been using mpm_itk or mpm_peruser – both with advantages and disadvantages in an attempt to secure web content. Both of these is essentially a forking mpm, kills Keepalive to a greater or lesser extent, and almost as important – neither is supported by mainline apache (so you’re on you own). Personally I prefer mpm_worker (or more recently mpm_event) since it’s threaded, and I find that it uses less resources (in terms of memory mostly). A lot of movement has also been happening with respect to FastCGI and the advantages are very good, both in terms of security and reliability (in theory).

Cell C following in the footsteps of Vodacom?

Sunday, July 4th, 2010

Most people that know me well will know that I really don’t like the way Vodacom runs their firewalls for their 3G consumers. In fact, they’ve managed to make it onto my blog no less than 3 times now – and not once for anything they’ve done right. And now Cell C have decided to join the crowd of braindead arseholes who can’t run firewalls. I present to you the man-in-the-middle TCP connection reset. As it stands right now I can’t ssh. I can’t connect to my jabber server. I can’t even browse. At least, not using my Cell C internet connection.

The Great Wall of Vodacom – FAIL

Tuesday, May 25th, 2010

Right, so Kevin (one of my staff) had the savvy to take a few tcpdump traces on both the client and the server side of a failed PPtP VPN connection over the weekend. The result? It seems the great firewall of Vodacom has yet again taken another victem. (more…)