John Adams’ views on emerging technologies, software engineering, and various hacks
I’m announcing the release of mod_memcache_block, a distributed IP blocking system for Apache, with rate limiting based on HTTP request code.
For many years I’ve had a need for a module like this — A distributed blocking system which could operate across large web serving clusters and register hits in a central store. With rate limiting, [...]
My discoveries with the Wall of Sheep at Defcon 16 and it’s application to Twitter security were mentioned on the August 12, 2008 Data Security Podcast.
They called me one of the “good guys”. Heh!
You can listen to it here:
http://datasecurityblog.wordpress.com/2008/08/11/data-security-podcast-episode-13-aug-11-2008/
If you’re responsible for DNS at your organization, I urge you to immediately download updates for your DNS servers and patch them, today. Dan Kaminsky and other members of the DNS community announce that they are releasing patches for an extremely serious cache resolver issue impacting many vendors of DNS software, including ISC BIND and [...]
Over at Chris Shiflett’s blog (he’s the author of Essential PHP Security) he’s got a nice writeup on foiling cross-site scripting attacks on web sites.
While this is an older article ( from 2004 ), it still addresses many dangerous issues that developers continue to create in production code.
One of our developers here recently wrote a [...]
