PHP memory utilization is always an issue with web applications. As of version 5.2.0 there are two useful functions available to help determine application memory usage.
Continue reading…
PHP Memory Usage
Posted by Pizon
on December 21, 2010
Why Apache Is Affected By Slowloris
Posted by Pizon
on November 07, 2010
Patch to fix –textonly option to yaourt on Arch Linux
Posted by Pizon
on June 07, 2009
If you use the yaourt wrapper for pacman on Arch Linux you may have noticed that the --textonly option no longer works properly. After spending some time on various forums, wikis, bug trackers, and Google I was not able to find a solution to this problem. An inspection of the yaourt scripts reveals a stanza missing from a case block in the colors.sh include used to configure output colorization. I have created a patch to fix this minor annoyance:
The patch can be applied using standard patch syntax:
patch -p0 < yaourt_color_sh.patchShort Mail Names Vulnerability In Plesk 8.6.0
Posted by Pizon
on September 16, 2008
While troubleshooting a bizarre spam issue on a newly upgraded server I came across the following:
http://securitytracker.com/alerts/2008/Sep/1020801.html
The vulnerability can be exploited in one of two ways. The attacker can generate a base64 hash using a bogus username that begins with a valid short name on the server. The other option is to generate a base64 hash of a known valid password on the system. Using either method will cause qmail to successfully authenticate the attacker and allow them to use your Plesk server as a spam relay. The only fix at the time of this writing is to completely disable the use of short names for e-mail authentication.
Plesk PCI Compliance 1
Posted by Pizon
on April 25, 2008
PCI Compliance Scans are becoming more and more common as more credit card processors require them. Most of the scans use a tool like Nessus and the scan results often contain many false positives. For example, the scans do not take into account practices such as back porting security fixes. Distributions such as Red Hat Enterprise Linux have very clear policies regarding backports.
Dell Inspiron 1420N: No Sound On Fedora 8
Posted by Pizon
on April 15, 2008
Recently I decided to install Fedora 8 on my laptop. Originally the laptop came with Ubuntu but the hand holding that distro offers was starting to get in my way and it makes more sense for my job to have a Redhat-based distro on my laptop. The installation was quick and painless but the sound card did not work after applying updates. A lot of Googling turned up a lot of frustrated people. Apparently the Intel ICH8 chipset has some issues with the kernel drivers included with Fedora 8. I ended up having to break one of my cardinal rules of Linux to get sound working but the steps required to get the sound card working aren’t that involved.
BASH Functions To Manipulate selinux Policy
Posted by Pizon
on March 06, 2008
selinux is a great tool for keeping your server secure. The problem many people run into is properly configuring security policies to allow their services to run properly. Redhat-derived Linux distributions provide the audit2allow utility for easing the creation of selinux policy.
