Savannah W-ITS

My first skipfish test (on a local server) ended almost as soon as it was started (probably less than a minute.) My first test on a live, Internet resident server lasted about 2+ hours…   Big diff! From the Skipfish Readme:  Normal dictionary fuzzing. In this mode, every ${filename}.${extension} pair will be attempted. This mode is Continue reading →

I previously posted about using the mod_geoip Apache module to control web access via .htaccess files or server configuration adjustments (i.e. editing httpd.conf.)   Here we are adding the mod_security Apache module into the mix. Wait!  if we can control access via mod_geoip why do we need mod_security? The simple answer is….  you don’t need it Continue reading →

The GOOD news – using the GeoIP module (mod_geoip.c.) can be quite simple.  The module provides much more than simply a relatively easy means to manage web server access – it opens up some opportunities for data mining. The BAD news – when limiting access make sure that this is what you really want/need to Continue reading →