Posted by joseph on November 21, 2013 ·
Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a specially crafted request (CVE-2013-4547). This problem affects nginx from 0.8.41 to 1.5.6, and has fixed in 1.5.7, 1.4.4.
Posted by joseph on August 25, 2013 ·
As reported by DNSPod, One of China’s largest free DNS service providers, root name server of dotCN got attacked 5 hours ago, and lasted for 2 hours. During that time, most of the dotCN websites are unavailable. .com.cn was also attacked.
Posted by joseph on July 22, 2013 ·
There are two critical security vulnerabilities of struts 2 revealed earlier last week, which shook the IT companies that have dependency with this framework, and lots of websites in China were reported having this security issues.
Posted by joseph on June 27, 2013 ·
Linux Malware Detect (LMD) is an open source and free malware scanner and detector for Unix/Linux based operating systems, released under GNU GPLv2. It is designed to figure out threats faced by shared hosting environments.
Posted by joseph on March 19, 2013 ·
Rails has announced the availability of 3 news versions today, 3.2.13, 3.1.12, and 2.3.18, these releases contain important security fixes. It is recommended users upgrade as soon as possible.
Posted by joseph on January 13, 2013 ·
I had occasion recently to try and figure out how to use the builtin firewall to prevent some “bot” from hitting the services running on a Macbook. Mac OS X comes with the FreeBSD firewall program that called IPFW. It’s a very powerful tool and gives you good abilities to manage your [...]
Posted by joseph on February 23, 2011 ·
Public key authentication is very common way when we have to access remote Linux/UNIX servers. Normally, we add the public keys to the authentication agent on local side (e.g. by ssh-add), to simply the login process.
Posted by joseph on December 5, 2009 ·
Email is an extremely powerful and valuable tool for netizen, but only when used in the right way. As such we fully support measures that aim to defend users from unwanted emails.
One way to do this is by participating in the Sender Policy Framework (SPF), which is an open standard method of allowing [...]
Posted by joseph on November 9, 2009 ·
Some days ago, I posted some examples on the common usage of RPM. Now, this post describes a manual preparation of a RPM building environment. With the help of this environment, you can generate upated RPM packages and patch your RPM-based system from source code.
Posted by joseph on October 30, 2009 ·
This new release comes with GIMP 2.6, GNOME 2.28/KDE 4.3.2, Mozilla Firefox 3.5, OpenOffice.org 3.1, Linux kernel 2.6.31, X.Org 7.5, and the Empathy Instant Messenger instead of Pidgin. The Ubuntu One client, which interfaces with Canonical’s new online storage system, is installed by default. [...]