Security

http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html exellent explanation for the much-hyped Dan Kaminsky DNS vuln. This is for people for whom word “DNS” sounds like it’s in elvish

http://www.circleid.com/posts/87143_dns_not_a_guessing_game/ do a ‘dig TXT porttest.dns-oarc.net’ . || w.out disclosing details Pau confirms that the hole exists, and that !IMPORTANT! NAT/PAT effectively netrualize UDP port randomization fix

http://projects.leisink.org/hiawatha Hiawatha is a webserver for Unix. It has been writting with ‘being secure’ as its main goal.

http://markelov.blogspot.com/2008/06/fedora-9-selinux.html notes bout new SELinux user role types available in Fedora 9 and how they can be useful

http://hostinghelp.biz/content/ddos-%D1%87%D1%82%D0%BE-%D0%B4%D0%B5%D0%BB%D0%B0%D1%82%D1%8C-%D0%B5%D1%81%D0%BB%D0%B8-%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80-%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE-%D0%BE%D0%B4%D0%B8%D0%BD-linux-%D1%81-apache article describes some recipes to counter DDoS using iptables limit and string matching filters. Useful

http://blogs.gnome.org/jamesh/2007/11/26/openid-ax/ notes about what is Attribute Exchange (ax) in OpenID

http://www.plaxo.com/api/openid_recipe notes about implementing OpenID

http://research.swtch.com/2008/05/lessons-from-debianopenssl-fiasco.html good explanation of debian openssl bug. worth reading if programming is what u do for a living

http://www.cl.cam.ac.uk/~sjm217/papers/protocols08cookies.pdf [yet another one] proposal for secure session cookies

http://sourceforge.net/projects/pixla/ oss pix log analyzer