Slowloris DoS Tool: It Can Bring Down Apache 1.x/2.x

in Categories Apache, Networking, News, PF Firewall, RedHat/Fedora Linux, Security Alert, UNIX, Windows server last updated June 19, 2009

Apache Security Update – a flaw In Apache can be used to carry out DoS. Slowloris is a new Apache DoS tool which can use slow Internet links to bring down Apache servers, rather than flooding networks. Most D/DoS tool requires faster net connections but this tool works with minimal bandwidth. This tool can lead to a DoS attack on Apache 1.x, 2.x, dhttpd, GoAhead WebServer, and Squid, while MS IIS6.0, IIS7.0, and lighttpd are confirmed not vulnerable to this attack.

Happy 40th Birthday UNIX!

in Categories UNIX last updated June 7, 2009

UNIX turns 40 – in 1969 group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Douglas McIlroy, and Joe Ossanna developed UNIX. Today Unix offered in many flavors and developed over time by AT&T as well as various commercial vendors (such as IBM, HP, Sun, Apple etc) and non-profit organizations. CW article concluded that after four decades, the future of the operating system is clouded, but its legacy will endure in form of Linux and Microsoft NT operating system.

OpenOffice.org Quick Introduction For New User

in Categories GNU/Open source, Howto, Linux desktop, OpenOffice.Org, Troubleshooting, Ubuntu Linux, UNIX, Windows, windows vista last updated June 3, 2009

OpenOffice.org (OOo) is a freely available, full-featured office suite. OOo is both a software product and a community of volunteers that produces and supports the software. However, new users may get lost while finding help, support and productivity enhancing extensions. This blog post covers OOo new user orientation to to discover support, tutorials, community insights, templates, clip art, extensions, and blogs for OOo.

Poll: Common Causes Of Downtime In Your Data Center

in Categories Business, data center, Hardware, High performance computing, Linux, Poll, Storage, UNIX last updated May 27, 2009

Unplanned downtime may be the result of a software bug, human error, equipment failure, power failure, and much more. Last week was a bad one. We faced three different downtime:

  • First, there was a fiber cut for one of our data center resulting into routing anomalies due BGP reroute. Traffic was rerouted but updating those BGP tables took some time to update.
  • Someone from networking team failed to follow proper maintenance procedures for network device resulted into 55 minutes downtime.
  • One of our SAN hardware failure – Many internal UNIX / Linux web applications use SAN to store data including file server, tracking apps, R&D apps, IT help desk, LAN and WAN servers failed. This one lasted for 12 hrs. It was stared around midnight. The vendor replaced entire SAN hardware. Now we have dual stacked SAN as a backup device for internal usage.

Note: There is a poll embedded within this post, please visit the site to participate in this post’s poll.

Book: iPhone Hacks

in Categories Book Review, OS X, UNIX last updated April 7, 2009
iPhone Hacks

The iPhone is an internet-connected multimedia smartphone. Chances are if you own an iPhone (or iPod) , you long to discover its hackability. And a new book from O’Reilly iPhone Hacks can help you do just that. This book covers over 100 tips & tools for unlocking the power of your iPhone / iPod touch. With this book you can pushing the iPhone and iPod touch beyond their limits.

Lighttpd Install mod_geoip For Country / City Level Geo Targeting

in Categories CentOS, Debian Linux, FreeBSD, Gentoo Linux, Howto, lighttpd, Linux, Networking, package management, RedHat/Fedora Linux, Suse Linux, Ubuntu Linux, UNIX last updated March 29, 2009

Geolocation software is used to get the geographic location of visitor using IP address. You can determine country, organization and guess visitors location. This is useful for:

a] Fraud detection.

b] Geo marketing and ad serving.

c] Target content.

d] Spam fighting.

e] And much more.

mod_geoip is a Lighttpd module for fast ip/location lookups. In this tutorial you will learn about mod_geoip installation and php server side examples to determine visitors country.

Poll: Your Favorite Scripting Language?

in Categories Ask nixCraft, C Programming, Linux, Perl, php, Poll, programming, python, Shell scripting, Sys admin, UNIX last updated March 17, 2009

Like most sys admin, I’m lazy. I try to automate almost all things in order to save time. Inexperienced sys admin and help desk staff working under me finds all these tools useful. It saves their time and avoids security issues. Automation allows help desk staff to do things that they don’t have enough direct system knowledge to do themselves. However, selecting correct tool and applying correct methodology is very important.

Note: There is a poll embedded within this post, please visit the site to participate in this post’s poll.

Missing Memory

in Categories Howto, Linux, RedHat/Fedora Linux, Sys admin, Troubleshooting, UNIX, Windows server last updated March 13, 2009

Today, I’ve upgraded total 8 servers from 4GiB to 8GiB to improve performance of system by inserting additional memory modules. We started each server and checked for memory count at console. All severs booted normally after the upgrade and services such as SMTP, NFS, CIFS, HTTP started as expected. Shortly, afterwords I got a call from help desk about pop3 server for slow performance.

Do You Blame Users For IT Security?

in Categories Linux, Linux desktop, Security, Sys admin, UNIX, Windows, windows vista last updated March 12, 2009

An interesting article published by security guru Bruce Schneier:

Blaming the victim is common in IT: users are to blame because they don’t patch their systems, choose lousy passwords, fall for phishing attacks, and so on. But, while users are, and will continue to be, a major source of security problems, focusing on them is an unhelpful way to think.

=> Blaming the user is easy – but it’s better to bypass them altogether