Tag: Security

  • DDOS Against 10MinuteMail

    You may have noticed 10MinuteMail was unavailable for a few minutes over the last couple of days. 10MinuteMail recently came under a DDOS attack which locked up the site a few times. Most of the malicious traffic came from the Netherlands, Germany, and to a lesser extend other European countries and the USA. Initially I […]

  • Automated ClamAV Virus Scanning

    Automating Linux Anti-Virus Using ClamAV and Cron Thankfully Linux isn’t a platform which has a significant problem with Viruses, however it is always better to be safe than sorry. Luckily ClamAV is an excellent free anti-virus solution for Linux servers. However, at least on RedHat Enterprise 5 (RHEL5) the default install doesn’t offer any automated […]

  • Monster.com Security Breach

    The Monster.com job board database was illegally accessed and large amounts of user data were stolen. As is the case with many companies that maintain large databases of information, Monster is the target of illegal attempts to access and extract information from its database. We recently learned our database was illegally accessed and certain contact […]

  • AT&T DNS Cache Poisoning

    Recently there has been a lot of press about AT&T DNS servers being hit with a DNS Cache Poisoning attack. Some new easier exploits were recently published, and many DNS servers are still vulnerable. And up until the new exploits were published publicly, the majority of DNS servers were vulnerable. This situation is worse once […]

  • Using IPTables to Prevent SSH Brute Force Attacks

    If you have a server with a world facing ssh server, you’ve probably seen brute force attacks in your logs. Some machine starts hammering your ssh server, trying all sorts of logins (staff, root, a, admin, etc…) over and over and over again. This is bad on a lot of fronts. I use two simple […]

  • Getting the Real IP Address from a Proxied Request in ATG

    Many things can obscure the real IP address of the end user when they visit your site: a load balancer in front of your ATG cluster, Akamai, the user’s ISP or office network, and more. This makes correlating logging events, or using the ATG session IP validation security option, and more, very difficult. In light […]