Marcus Ranum applied the term
artificial ignorance to the process of
monitoring log files. You build a filter of events to ignore, and then
look at everything else. All the items that you consider normal get
filtered out. This reminds me of the Sherlock Holmes quote
“Once you
eliminate the impossible, whatever remains, no matter how improbable,
must be the truth.” - Arthur Conan Doyle. It’s impossible to
identify all the potential attacks that might be launched against a web
site. New attacks surface every day. While part of the strategy should
be to look for specific types of attacks, an equally important strategy
is to look for the unusual.
Continue reading "Artificial Ignorance - Elementary my dear Watson" »
The Apache web server is a versatile product with lots of options to
configure and support a wide variety of web applications. It can act
as a proxy server, directly run applications such as Perl and PHP,
front-end a Java application server, or just serve up content.
This reminds me of the all inclusive resorts like Club Med. All the
activities, food, and drink are available in one place. However, even
these resorts modify their model to appeal to specific clientele. The
resort locations and activities are designed to fit the groups they
cater to. You can go to a resort that is setup for families, for
couples, or for singles. While the overall experience is consistent
with the resort's philosophy, the activities available at individual
clubs can vary widely.
When you are configuring the web server to support applications are you
setting the options to cater to your clientele? This can improve the
overall security and performance of your site.
Continue reading "Is your web server an all inclusive resort?" »
The web server is a common infrastructure component supporting a wide
range of applications. If you manage the web server, then you are the
community manager, and you have a responsibility to maintain the
reputation of the community.
The weather has been very windy lately. Some people in the
neighborhood put out their garbage and don't put a tight lid on the
trash can. Of course, the trash blows down the street and into other
yards. Now a few of the people in the neighborhood do not see this as
a big problem. After all their yard looks fine, and their trash is
gone. The president of the homeowners association has been sending out
emails to remind people to put a tight lid on their trash cans.
Software vendors or application providers sometimes have the same
attitude when you report a cross site scripting or HTTP response
splitting issue. The reaction seems to be "How does this affect me"?
Continue reading "Keep a tight lid on HTTP headers" »
Taking a tour of the latest Oracle HTTP Server (OHS) 11.1.1.2
release from a security perspective. This uses a simple red, yellow,
green scale to assess how that configuration item was addressed in this
release.
Continue reading "Checking out Oracle OHS Apache 11.1.1.2" »
