Howto: XCache in a Lighttpd Chroot on Debian
Posted April 12, 2010 – 05:20 in: Nullamatix, syndicatedWhether you’re pressed for resources on a virtual/dedicated server, or simply looking for ways to improve web application performance, XCache is guaranteed to produce the desired result. Within minutes of installing XCache: page load times were cut in half, PHP/MySQL RAM consumption was under control, and overall PHP rendering/output performance dramatically improved. In this [...]
No Comments | Tags:DWM on Wikipedia Marked For Deletion
Posted February 25, 2010 – 12:20 in: Nullamatix, syndicatedAnselm, the “inventor of dwm” shared this information with the suckless mailing list yesterday. Apparently, Wikipedia has flagged the dwm (dynamic window manager from suckless.org) article for deletion. Anselm says he’s neutral and shared his thoughts on the Wikipedia Page, but what does this say about Wikipedia? A community built on free and open source [...]
No Comments | Tags:Discontinued Security Support for Debian 4.0
Posted January 22, 2010 – 01:00 in: Nullamatix, syndicatedOne year after the release of Debian GNU/Linux 5.0 alias ‘lenny’ and nearly three years after the release of Debian GNU/Linux 4.0 alias ‘etch’ the security support for the old distribution (4.0 alias ‘etch’) is coming to an end next month. The Debian project is proud to be able to support its old distribution [...]
No Comments | Tags:New Tool: IP Range to CIDR
Posted January 17, 2010 – 23:40 in: Nullamatix, syndicatedAt least twice a week I find myself visiting ip2cidr.com, the IP to CIDR converter. Since the owner/author of the site hasn’t release the source code, and I love a challenge, I developed my own version. The guys at the job find the tool useful, and after a few minor bug fixes, I’ve made [...]
No Comments | Tags:Solution: chown: invalid user: www-data:www-data
Posted January 10, 2010 – 21:20 in: Nullamatix, syndicatedRan into this issue after getting rid of the www-data user and group. The solution is simple and doesn’t involve adding the account/group, assuming the objective is to run Lighttpd as a different user (not www-data). If the intention is to run Lighttpd with the www-data account, simply add the account. Otherwise, keep reading… [...]
No Comments | Tags:Hide WordPress Update Nag Without a Plugin
Posted January 7, 2010 – 20:20 in: Nullamatix, syndicatedFor those who don’t know, WordPress 2.9.1 was released a couple days ago. As a result, the “WordPress 2.9.1 is available! Please update now.” nag is plastered at the top of the admin interface. Since installing yet another unnecessary WordPress plug-in for something so simple seems pointless, I came up with a quick and easy [...]
No Comments | Tags:Subject: ShmooCon Slugs – Ride Sharing
Posted December 29, 2009 – 17:00 in: Nullamatix, syndicatedFrom: Rob Fuller
To: pen-…@securityfocus.com
Date: Sun, 27 Dec 2009 20:29:11 -0500
Subject: ShmooCon Slugs – Ride Sharing
ShmooCon Slugs was created to help facilitate people getting together
for rides to ShmooCon 2010. http://shmooslugs.pbworks.com/
We already have two on the board, one from Atlanta and one from Toronto.
Please tweet, email, blog this, since it only works if everyone knows about [...]
Invalid Packets From the DoD
Posted December 28, 2009 – 16:40 in: Nullamatix, syndicatedThe firewall policies on Nullamatix.com DROP invalid connection attempts. Specifically, if an attempt to start a new tcp connection is not a syn packet, the packet is rejected. This morning I noticed a few dropped connection attempts from an unusual source, The U.S. Department of Defense. Here are the logs:
Dec 27 05:00:38: SRC=140.32.107.150 PROTO=TCP SPT=53175 [...]
No Comments | Tags:WordPress Hacks Worth Implementing
Posted December 28, 2009 – 16:40 in: Nullamatix, syndicatedCombat Comment Spam
Most spammers aren’t clever enough to populate the REFERER header. This code snippet is not only extremely easy to implement, but pretty effective, too. Open up your themes functions.php and drop in the following:
function wp_check_referrer() {
if (empty($_SERVER['HTTP_REFERER']) || (!isset($_SERVER['HTTP_REFERER'])) {
wp_die( __(‘Undefined HTTP_REFERER.’) ); }
}
add_action(‘check_comment_flood’, ‘wp_check_referrer’);
Now, unless the REFERER field is set, they won’t [...]
No Comments | Tags:New Tool: Daily [Mod] Security Reports
Posted December 25, 2009 – 15:40 in: Nullamatix, syndicatedAfter the Lighttpd mod security post and the DDoS attack that followed, I began working on a script that parses the Lighttpd server-error.log and inserts matched records into MySQL. The result? Check it out here: security.nullamatix.com Daily Security Reports. With the abundance of ideas I have for the project, it’s far from complete, but definitely [...]
No Comments | Tags:
