An Illustrated Guide to the Kaminsky DNS Vulnerability
Monday, August 11th, 2008exellent explanation for the much-hyped Dan Kaminsky DNS vuln. This is for people for whom word “DNS” sounds like it’s in elvish
Archive for the 'Security' Category
Not a Guessing Game — Paul Vixie [from ISC/Bind] on recenet DNS hole
Tuesday, July 15th, 2008do a ‘dig TXT porttest.dns-oarc.net’ . || w.out disclosing details Pau confirms that the hole exists, and that !IMPORTANT! NAT/PAT effectively netrualize UDP port randomization fix
Leisink Projects – Hiawatha [simple small secure web server ]
Thursday, July 3rd, 2008Hiawatha is a webserver for Unix. It has been writting with ‘being secure’ as its main goal.
[Russian] Andrey’s Blog: Некоторые новшества в Fedora 9 с точки зрения SELinux | Fedora 9 – new SELinux features
Tuesday, June 17th, 2008notes bout new SELinux user role types available in Fedora 9 and how they can be useful
[russian] DDOS – что делать. Если сервер только один – Linux с Apache. | DDoS – what to do? if you have 1 server linux+apache
Friday, June 6th, 2008article describes some recipes to counter DDoS using iptables limit and string matching filters. Useful
James Henstridge » OpenID Attribute Exchange
Tuesday, May 27th, 2008notes about what is Attribute Exchange (ax) in OpenID
Plaxo » A Recipe for OpenID-Enabling Your Site
Tuesday, May 27th, 2008notes about implementing OpenID
research!rsc: Lessons from the Debian/OpenSSL Fiasco
Friday, May 23rd, 2008good explanation of debian openssl bug. worth reading if programming is what u do for a living
protocols08cookies.pdf (application/pdf Object)
Thursday, May 22nd, 2008[yet another one] proposal for secure session cookies
SourceForge.net: PIX Logging Architecture
Tuesday, May 20th, 2008oss pix log analyzer