Collaborate Disseminate
I am trying to reproduce HTTP request smuggling using an Apache HTTP Server as a reverse proxy (using mod_proxy) and a Tomcat Server in the back-end.
Is it possible to force either Apache Server or Tomcat to ignore Transfer-Encoding in req… Continue reading Force Apache Server/Tomcat to ignore Transfer-Encoding
I use an Apache proxy to funnel traffic to an IIS server. The IIS server sends me emails if some bad actor attacks my site with an sql injection attack. It captures their IP address, and sends me the URL that was used.
The other day I got … Continue reading How to best limit SQL injection attacks that are being funneled through an Apache proxy I control
There is an existing client configured and running (SshClient) using apache mina to ssh to one of our internal jump boxes. It currently uses PEM based authentication. Due to compliance we have to switch to using internally signed certifica… Continue reading Using apache mina for ssh using signed ssh-rsa-cert-01 from Certification Authority
By Johanna Amann, Software Engineer, Corelight CVE-2020-13777 is a high severity issue in GnuTLS. In a nutshell, GnuTLS versions between 3.6.4 (released 2018-09-24) and 3.6.14 (2020-06-03) have a serious bug in their session resumption code, which lets… Continue reading Detecting GnuTLS CVE-2020-13777 using Zeek
I have a VPS. There is a web-application running on this VPS.
A user can log into his account, create a project (the system automatically creates a folder for this project) and then, he can create and edit PHP files via the file manager wi… Continue reading How to secure user folders on the server from the scripts running in other user folder on the same server?
On my Debian web server running Tomcat with an Apache proxy, there was a sudden increase in CPU usage and disk operations. The resource overload caused the website to be very slow and eventually Tomcat automatically restarted to recover fr… Continue reading Sudden increase in resources, no heavy network traffic. What type of attack?
DataStax announced the general availability of DataStax Astra, a database-as-a-service (DBaaS) for Apache Cassandra applications, simplifying cloud-native Cassandra application development. The DBaaS reduces deployment time from weeks to minutes, remov… Continue reading DataStax Astra: A DBaaS that simplifies cloud-native Apache Cassandra application development
Confluent, the event streaming platform pioneer, announced the launch of elastic scaling for Apache Kafka. The company unveils the first of this series of new innovations that accelerate how companies can harness the full power of event streaming at an… Continue reading Confluent launches elastic scaling for Apache Kafka, bringing cloud capabilities to event streaming
A friend of mine works for a company which owns a 15-ish years old website written in PHP using Apache/MySQL/home brew CMS and outdated hosting on OS Debian 8 “jessie”. SSH allows passwords (with no fail2ban or similar) plus both their “ad… Continue reading Prevent SQL injections on the old PHP website using software
Lately I am seeing multiple daily 404s for variations of “license.txt”, e.g., “wordpress/license.txt”, “blog/license.txt”, “old/license.txt”, “new/license.txt”. Here’s a little snippet of slightly redacted logfile to illustrate:
5.189.164… Continue reading Why is my web site being scanned for license.txt, and should I be worried?