Archive for the 'Security' Category

« Previous Page« Previous Entries
Next Entries »Next Page »

Red Hat / CentOS Install mod_security Apache Intrusion Detection And Prevention Engine

Friday, February 24th, 2012

# yum install mod_security — i.e. simple instruction how to install mod_security – an open source Web Application Firewall

Posted in centos, epel, firewall, mod_security, PCI-DSS, rhel, Security, WAP | Comments Off | permalink

Red Hat / CentOS Install mod_security Apache Intrusion Detection And Prevention Engine

Friday, February 24th, 2012

# yum install mod_security — i.e. simple instruction how to install mod_security – an open source Web Application Firewall

Posted in centos, epel, firewall, mod_security, PCI-DSS, rhel, Security, WAP | Comments Off | permalink

Gigabit_Networks_Linux – OpenVPN Community

Monday, October 31st, 2011

Notes about OpenVPN performance testing. Results, in short: easy to saturate 100Mbit network on common hardware. Possible to do a near wire-line speed on 1Gbit network (needs recent version of openssl-1.0a, fresh intel CPU that does AES in hardware …

Posted in 10G, AES, AES-NI, benchmark, intel, network, openvpn, performance, Security, shortcut:openvpn, testing, vpn | Comments Off | permalink

Reverse Proxy Bypass – Bug in Apache mod_proxy

Wednesday, October 5th, 2011

It is possible for an attacker to reach internal resources in a DMZ if RewriteRule or ProxyPassMatch directives are used in mod_proxy config

Posted in apache, bug, mod_proxy, rewrite, Security, vulnerability, vulns | Comments Off | permalink

Reverse Proxy Bypass – Bug in Apache mod_proxy

Wednesday, October 5th, 2011

It is possible for an attacker to reach internal resources in a DMZ if RewriteRule or ProxyPassMatch directives are used in mod_proxy config

Posted in apache, bug, mod_proxy, rewrite, Security, vulnerability, vulns | Comments Off | permalink

SSL termination: stunnel, nginx & stud | Vincent Bernat

Sunday, September 25th, 2011

Interesting test results comparing and analyzing SSL performance. Using right combination of software and proper tunning, you can get up to 14000 TPS (re-shake every 80 requests) on HP DL 380 G7, with two Xeon L5630 (running at 2.13GHz for a total of…

Posted in benchmark, comparison, Linux, networking, nginx, openssl, performance, Security, ssl, STUD, stunnel, sysadmin, tls | Comments Off | permalink

SSL termination: stunnel, nginx & stud | Vincent Bernat

Sunday, September 25th, 2011

Interesting test results comparing and analyzing SSL performance. Using right combination of software and proper tunning, you can get up to 14000 TPS (re-shake every 80 requests) on HP DL 380 G7, with two Xeon L5630 (running at 2.13GHz for a total of…

Posted in benchmark, comparison, Linux, networking, nginx, openssl, performance, Security, ssl, STUD, stunnel, sysadmin, tls | Comments Off | permalink

Gigabit_Networks_Linux – OpenVPN Community

Saturday, September 24th, 2011

Posted in 10G, AES, AES-NI, benchmark, for:@twitter, has:for, has:shortcut, intel, network, openvpn, performance, Security, shortcut:openvpn, testing, vpn | Comments Off | permalink

BlackHat USA 2011: SSL And The Future Of Authenticity – YouTube

Tuesday, September 13th, 2011

MOXIE MARLINSPIKE talk at BlackHat USA 2011 about current problems with SSL and CA sustem, and the feature of SSL w/out CAs.

Posted in authenticity, blackhat, CA, crypto, infosec, Security, ssl, trust, video | Comments Off | permalink

BlackHat USA 2011: SSL And The Future Of Authenticity – YouTube

Tuesday, September 13th, 2011

Posted in authenticity, blackhat, CA, crypto, for:@twitter, has:for, infosec, Security, ssl, trust, video | Comments Off | permalink

« Previous Page« Previous Entries
Next Entries »Next Page »