http://www.randombugs.com Just another Bastard Operator From Hell. Everything from *nix to programming Thu, 05 Jan 2012 11:44:55 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 http://www.randombugs.com/java/glassfish/glassfish-311-workaround-denial-service-hash-table-multicollisions.html http://www.randombugs.com/java/glassfish/glassfish-311-workaround-denial-service-hash-table-multicollisions.html#comments Thu, 05 Jan 2012 11:42:48 +0000 admin http://www.randombugs.com/?p=783
This is an old bug, first discovered in 2003, but now was applied to the hash table functions from the new programming languages. The main idea behind this bug is to create hashes which collide, because collision will eat a lot more cpu cycles on your server. For a post of 2 MB is resulting in a 44 minutes of CPU time which will results in a DOS. As suggested in advisory released by nruns.com we can limit the maximum post size from several 10′s of KB. In Glassfish 3.1.1 ...]]> http://www.randombugs.com/java/glassfish/glassfish-311-workaround-denial-service-hash-table-multicollisions.html/feed 0 http://www.randombugs.com/php/apache-dynamic-virtual-hosting-php-security.html http://www.randombugs.com/php/apache-dynamic-virtual-hosting-php-security.html#comments Mon, 06 Jun 2011 10:35:21 +0000 admin http://www.randombugs.com/?p=739
It’s been a while since I configured the latest Dynamic Mass Virtual Hosting Server. Last time I used mod_vhost_alias to create a dynamic virtual hosting and it worked without any problem for what we need in that time. Then we didn’t care about the ftp and virtual users, the sites was updated from web pages and security was pretty much handled by upload application who managed the virtual hosting. Now, the problem is a little bit changed: We need a secure sever which should support ftp virtual users with quota ...]]> http://www.randombugs.com/php/apache-dynamic-virtual-hosting-php-security.html/feed 1 http://www.randombugs.com/java/glassfish/installing-glassfish-31-cluster-debian-60-command-line.html http://www.randombugs.com/java/glassfish/installing-glassfish-31-cluster-debian-60-command-line.html#comments Wed, 04 May 2011 12:48:05 +0000 admin http://www.randombugs.com/?p=729
Finlay is here. For me, Glassfish 3.1, was one of most awaited piece of software, for all it’s new features and clustering support. Glassfish 3.1 slightly changed the way to install cluster, in a much better and integrated way. This version come with a lot of new functionality, but also with improved parts related to Glassfish 2.1. The most interesting features of Glassfish 3.1 are: Clustering (100 instances per domain), SSH provisioning, Centralized management (with the help of ssh), High Availability Session Persistence, High Availability Java Message Service, RMI-IIOP Load ...]]> http://www.randombugs.com/java/glassfish/installing-glassfish-31-cluster-debian-60-command-line.html/feed 1 http://www.randombugs.com/java/glassfish/glassfish-enhanced-broker-cluster-failed-load-jdbc-driver.html http://www.randombugs.com/java/glassfish/glassfish-enhanced-broker-cluster-failed-load-jdbc-driver.html#comments Thu, 14 Apr 2011 10:44:11 +0000 admin http://www.randombugs.com/?p=721
Is not a bug, but a pretty annoying configuration thing which appear when you try to configure Enhanced Broker Cluster in Glassfish. I configured my persistent store, for Enhanced Broker Cluster, as jdbc / MySQL: [...] imq.persist.jdbc.dbVendor=mysql imq.persist.jdbc.mysql.driver=com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource imq.persist.jdbc.mysql.property.url=jdbc\:mysql\://sqlserver\:3306/jms imq.persist.jdbc.mysql.needpassword=true imq.persist.jdbc.mysql.user=jms [...] and after at restart I got the following error: [13/Apr/2011:12:12:30 CEST] [B1060]: Loading persistent data… [13/Apr/2011:12:12:30 CEST] ERROR [B3198]: Error initializing cluster manager: com.sun.messaging.jmq.jmsserver.util.BrokerException: [B3024]: Failed to load JDBC driver: com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource at com.sun.messaging.jmq.jmsserver.persist.jdbc.DBManager.(DBManager.java:428) at com.sun.messaging.jmq.jmsserver.persist.jdbc.DBManager.getDBManager(DBManager.java:219) at com.sun.messaging.jmq.jmsserver.persist.jdbc.JDBCStore.(JDBCStore.java:98) ...]]> http://www.randombugs.com/java/glassfish/glassfish-enhanced-broker-cluster-failed-load-jdbc-driver.html/feed 0 http://www.randombugs.com/java/glassfish/snmp-support-glassfish-211-cluster-support.html http://www.randombugs.com/java/glassfish/snmp-support-glassfish-211-cluster-support.html#comments Mon, 14 Mar 2011 11:57:21 +0000 admin http://www.randombugs.com/?p=701
Why you choose SNMP when Glassfish have strong JMX support? I presume, the answer for all who use SNMP is (almost) the same: Because the architecture of current monitoring solution is not scalable enough, and I cannot load my monitoring servers with supplementary JAVA processes. Before starting using SNMP I tried to see what solutions I have: 1. Re-design entire monitoring solution 2. Use SNMP I’m a lazy person, so I choose to add SNMP support for all our clusters . To do that you should do 3 easy steps: 1. Upload the ...]]> http://www.randombugs.com/java/glassfish/snmp-support-glassfish-211-cluster-support.html/feed 0 http://www.randombugs.com/headline/reading-list-read-future.html http://www.randombugs.com/headline/reading-list-read-future.html#comments Fri, 25 Feb 2011 11:58:48 +0000 admin http://www.randombugs.com/?p=682 Howdy everyone! Because I travel a lot, I build a list of books which I should buy and read next in the airports, bus stations etc or everywhere I should wait some amount of time. This list contain everything what an System / Application Administrator should know. I’m usually dealing with Java/Tomcat/Glassfish/Jboss under Linux, but also I have a strong background of networking, security and cloud computing. This books are my choice and I think is a good choice for everyone who want to learn or improve your skills as ...]]> http://www.randombugs.com/headline/reading-list-read-future.html/feed 2 http://www.randombugs.com/linux/atomic-modsecurity-rules-debian-lenny-50.html http://www.randombugs.com/linux/atomic-modsecurity-rules-debian-lenny-50.html#comments Thu, 30 Dec 2010 11:26:26 +0000 admin http://www.randombugs.com/?p=666
Everyone, with a decent Linux security knowledge, should know about ModSecurity – Open Source Web Application Firewall. Personally, I know this mod from 2004 and it help me a lot in detecting and/or preventing malicious attacks before reaching my customers applications.]]> http://www.randombugs.com/linux/atomic-modsecurity-rules-debian-lenny-50.html/feed 0 http://www.randombugs.com/linux/crash-innodb-table.html http://www.randombugs.com/linux/crash-innodb-table.html#comments Thu, 06 May 2010 14:16:10 +0000 admin http://www.randombugs.com/?p=658
I searched over internet, on several tens of posts, to find how to delete a crashed Innodb table. Short story: I tried to import a big table but it crashed in the middle of the process (power failure). The table was not very important so I didn’t care about the table, I just want to delete it and start from the scratch, but surprise! The table cannot be deleted! I use the latest MySQL Innodb plugin from Debian backports repository (is coming with Debian 5.1.xx) with file per table ...]]> http://www.randombugs.com/linux/crash-innodb-table.html/feed 1 http://www.randombugs.com/linux/compile-configure-modqos-prevent-slowloris-ddos-apache-2-debian-lenny-distribution.html http://www.randombugs.com/linux/compile-configure-modqos-prevent-slowloris-ddos-apache-2-debian-lenny-distribution.html#comments Tue, 04 May 2010 20:00:13 +0000 admin http://www.randombugs.com/?p=650
mod_qos is becoming a very popular module for Apache, from the discover of Slowloris DDoS Attack. It seems, mod_qos is the best solution for Slowloris attack on Apache 2, but you can also check mod_evasive, mod_security or http accelerator “Varnish”. In this post I will try to present a step by step tutorial how to install mod_qos and configure to prevent Slowloris DDoS attack. This post is just a compendium of other good posts: How To Defend slowloris DDoS With mod_qos (Apache2 On Debian [Lenny]) DDoS, Apache2 and mod_qos How to best defend ...]]> http://www.randombugs.com/linux/compile-configure-modqos-prevent-slowloris-ddos-apache-2-debian-lenny-distribution.html/feed 4 http://www.randombugs.com/linux/contentfilter-unsolicited-bulk-email.html http://www.randombugs.com/linux/contentfilter-unsolicited-bulk-email.html#comments Tue, 16 Mar 2010 14:07:18 +0000 admin http://www.randombugs.com/?p=643
After an Amavis upgraded my e-mail system started to have a strange behavior. A lot of emails sent internally from one user to another stopped with the following message: ——– Original Message ——– Subject: Considered UNSOLICITED BULK EMAIL, apparently from youis considered local. Date: Tue, 13 Mar 2010 00:13:39 +0200 (EET) From: Content-filter at xxx13.randombugs.com To: A message from to: -> yyy@randombugs.com was considered unsolicited bulk e-mail (UBE). Our internal reference code for your message is 00311-13/npX-RCahiLdc The message carried your return address, so it was either a genuine mail from you, or a sender address was faked and ...]]> http://www.randombugs.com/linux/contentfilter-unsolicited-bulk-email.html/feed 1