http://www.randombugs.com Just another Bastard Operator From Hell. Everything from *nix to programming Thu, 06 May 2010 14:21:46 +0000 en hourly 1 http://wordpress.org/?v=3.0 http://www.randombugs.com/linux/compile-configure-modqos-prevent-slowloris-ddos-apache-2-debian-lenny-distribution.html http://www.randombugs.com/linux/compile-configure-modqos-prevent-slowloris-ddos-apache-2-debian-lenny-distribution.html#comments Tue, 04 May 2010 20:00:13 +0000 admin http://www.randombugs.com/?p=650
mod_qos is becoming a very popular module for Apache, from the discover of Slowloris DDoS Attack. It seems, mod_qos is the best solution for Slowloris attack on Apache 2, but you can also check mod_evasive, mod_security or http accelerator “Varnish”. In this post I will try to present a step by step tutorial how to install mod_qos and configure to prevent Slowloris DDoS attack. This post is just a compendium of other good posts: How To Defend slowloris DDoS With mod_qos (Apache2 On Debian [Lenny]) DDoS, Apache2 and mod_qos How to best defend ...]]> http://www.randombugs.com/linux/compile-configure-modqos-prevent-slowloris-ddos-apache-2-debian-lenny-distribution.html/feed 0 http://www.randombugs.com/java/javalangsecurityexception-jce-authenticate-provider-bc.html http://www.randombugs.com/java/javalangsecurityexception-jce-authenticate-provider-bc.html#comments Mon, 10 Aug 2009 09:57:57 +0000 admin http://www.randombugs.com/?p=577
Trying to integrate BouncyCastle Cryptography provider in Java can be a nightmare. I read a lot of forums messages about “JCE cannot authenticate the provider BC” and I didn’t find any clear response. After several hours of tweaking and digging I found the main reason of the problem. If you want to use BouncyCastle as Security provider then install it directly on your Java Virtual Machine and remove any library of bc from your application. How to install correctly Bouncy Castle on your JVM: First for Ubuntu/Debian users you should look ...]]> http://www.randombugs.com/java/javalangsecurityexception-jce-authenticate-provider-bc.html/feed 3 http://www.randombugs.com/linux/gpg-ubuntu-debian.html http://www.randombugs.com/linux/gpg-ubuntu-debian.html#comments Wed, 13 May 2009 12:40:28 +0000 admin http://www.randombugs.com/?p=443
Gpg is stands for Gnu Privacy Guard and is a free alternative to the PGP cryptographic software. GnuPG (or GPG) follows the RFC 4880 which is the standard specification of OpenPGP. The most important thing GPG is interoperable with PGP. GPG is build as a command line utility but also have several front-ends for KDE, Gnome and other Linux desktops, but also is directly integrated in other software like: Email Clients as Mozilla Thunderbird, Evolution, Kmail, Instant Messaging as PSI, Fire, Browsers as Mozilla Firefox etc. GnuPG encrypts messages using ...]]> http://www.randombugs.com/linux/gpg-ubuntu-debian.html/feed 2 http://www.randombugs.com/linux/encrypting-decrypting-files-ubuntu.html http://www.randombugs.com/linux/encrypting-decrypting-files-ubuntu.html#comments Tue, 05 May 2009 12:27:27 +0000 admin http://www.randombugs.com/?p=434
This days we shouldn’t trust in anything. The Internet is full of worms, trojans, viruses and they are spreading more and more. Even if you have a firewall is not enough. The best security for your computer is to have it unplugged from power and network … and even then you cannot be 100% about security of your stored data. So today we will talk about encryption under Linux. I will show you how to do it from console and from KDE Windows manager. We have several possibilities to encrypt ...]]> http://www.randombugs.com/linux/encrypting-decrypting-files-ubuntu.html/feed 0 http://www.randombugs.com/linux/howto-work-ssh-keys-agents-usefull-stuff.html http://www.randombugs.com/linux/howto-work-ssh-keys-agents-usefull-stuff.html#comments Tue, 17 Mar 2009 13:54:45 +0000 admin http://www.randombugs.com/?p=314
Managing more than 80 Linux servers is not an easy job, but with the help of ssh I can distribute a command to all servers without typing, retyping the password every time for that. Don’t understand me wrong, you will need to type a password for accessing this servers, but just one time. If you manage correctly your keys you will don’t need to have any fear in heavy exploiting the ssh keys. What is SSH ? SSH stands for Secure Shell and is a protocol that allows secure data exchange ...]]> http://www.randombugs.com/linux/howto-work-ssh-keys-agents-usefull-stuff.html/feed 0 http://www.randombugs.com/hacker/chkrootkit-debian-ubuntu.html http://www.randombugs.com/hacker/chkrootkit-debian-ubuntu.html#comments Mon, 09 Mar 2009 13:32:09 +0000 admin http://www.randombugs.com/?p=244
When we auditing a Linux system we have a lot of good tools to monitor unexpected changes and unexpected behaviour of a system. Earlier we talked about rkhunter as a system check for rootkits and now, as an alternative, we will talk about chkrootkit (Determine whether the system is infected with a rootkit). If you want to know a definition of what is a rootkit please read the first article about rkhunter. chkrootkit is a freesoftware what is work with Linux, FreeBSD, OpenBSD, NetBSD, Solaris, HP-UX 11, Tru64, BSDI and Mac ...]]> http://www.randombugs.com/hacker/chkrootkit-debian-ubuntu.html/feed 0 http://www.randombugs.com/hacker/scan-rootkits-ubuntu-debian.html http://www.randombugs.com/hacker/scan-rootkits-ubuntu-debian.html#comments Sat, 07 Mar 2009 16:44:25 +0000 admin http://www.randombugs.com/?p=230
GNU/Linux and other unix operating systems are a very hostile environments for viruses, but they are still in the front of other malware / exploits. The most dangerous malware under GNU/Linux are the rootkits. What is a rootkit? Is a program (or a set of programs or scripts) designed to hide the fact a system was compromised. Also a rootkit can leave a backdoor entrance for a malicious person and can modify your system (hiding files, process, network connections, blocks of memory) to don’t detect that person when is on ...]]> http://www.randombugs.com/hacker/scan-rootkits-ubuntu-debian.html/feed 3