14th November 2009
fail2ban has a php-url-fopen rule.
WordPress has a Global Translator plugin, which – among others – uses Google Translate service.
If someone uses Google Translate (e.g. using Global Translate’s mini-language-flags), and goes back to your blog – that someone might get banned by fail2ban (especially if you have set maxretry to 1), as the referrer will contain the php-URL-fopen attack signature. The bad thing is that you will not realize that until after you check one or several translations yourself, as a random site visitor experiencing the problem is highly unlikely to bother reporting this problem – especially when your blog’s Contact page is also inaccessible.
Clearly, Google Translate is not the only legitimate service which will trigger that rule.
Solution: The only solution I have found is to specify the whitelist regex for the php-URL-fopen rule.
Posted in *nix, Software, Web, WP PlugIns | No Comments »
13th November 2009
A nice report on the cost of bruteforcing variable-length and variable-complexity passwords using cloud computing services (e.g. Amazon’s EC). There’s a kind of a tutorial in their previous post.
Slow DoS attack with just 1 computer against a number of web servers, including Apache: slowloris. There is a solution for Apache, packaged for RedHat and also available for Debian.
Finally, there’s Go programming language. The most inspiring promise to me personally is the ease of execution parallelization with language’s built-in syntactic constructs. That is something highly desired. Also, I like that it is a compiled language. However, it might be 10%-20% slower than pure C. Let’s see how it grows.
Posted in Links, Misc, Programming, Security, Web | No Comments »
5th November 2009
ocrodjvu = OCRopus (tesseract) + DJVU
It is a small command-line tool to easily convert your image-only DJVU files into image+text DJVU files. In Debian testing, there are language packages for (in no specific order) German, English, French, Spanish, Vietnamese, Brasilian Portuguese, Dutch, and Italian. The original tesseract-ocr software includes training data & code, so it should be (at least in theory) easy to add more recognition languages.
Posted in Links, Software, Technologies | No Comments »