It’s been talked about a lot on mailing lists and forums. Recommendations are often made to use nginx, lighttpd, or varnish in front of your web servers to protect Apache but little is said about why Apache is vulnerable to slowloris.
Short Mail Names Vulnerability In Plesk 8.6.0
Posted by Pizon
on September 16, 2008
While troubleshooting a bizarre spam issue on a newly upgraded server I came across the following:
http://securitytracker.com/alerts/2008/Sep/1020801.html
The vulnerability can be exploited in one of two ways. The attacker can generate a base64 hash using a bogus username that begins with a valid short name on the server. The other option is to generate a base64 hash of a known valid password on the system. Using either method will cause qmail to successfully authenticate the attacker and allow them to use your Plesk server as a spam relay. The only fix at the time of this writing is to completely disable the use of short names for e-mail authentication.
Plesk PCI Compliance 1
Posted by Pizon
on April 25, 2008
PCI Compliance Scans are becoming more and more common as more credit card processors require them. Most of the scans use a tool like Nessus and the scan results often contain many false positives. For example, the scans do not take into account practices such as back porting security fixes. Distributions such as Red Hat Enterprise Linux have very clear policies regarding backports.
BASH Functions To Manipulate selinux Policy
Posted by Pizon
on March 06, 2008
selinux is a great tool for keeping your server secure. The problem many people run into is properly configuring security policies to allow their services to run properly. Redhat-derived Linux distributions provide the audit2allow utility for easing the creation of selinux policy.
