Webmin Installation

Webmin installation is quite straightforward. However, the webmin packages that most how-to articles are telling users to use are static versions that become outdated. This can throw errors of the following kind: A simple solution is to pull the latest mirror link and use apt to pick all dependencies (since …

Access Denied Information gathering thought

In today’s security aware age, it’s important to reflect on past mitigation’s and see if we can improve them.   Whilst doing recon on this WordPress install I realised that my nginx installation was returning very identifiable responses to directory traversal and directory fuzzing attack. In that it would respond …

Installing GoLang on Ubuntu 16+ LTS

Currently the APT Repository Sources for Ubuntu 16 force users to install GoLang.org’s “go-1.6” in order to obtain the executable “go” in /bin. The issue with this is that the “context” import changed from a host path to a local path due to the package being part of Golang since …

NEVER blind run MV, RM or SED on Linux

Today (Monday 13th) I had the heartbreaking experience of accidentally wiping the entirety of my now-gone free VPS that was hosting 5 active/live sites. I had backup files for 3 of those 5, one of which (http://stodps.com) is now completely lost. (I apologise to Alfie/Porch/others in the Star Trek Online …

ABS 2016 Australian Census Attack Problem

So when attempting to fill out the recent census this year, low and behold it’s non-responsive.   What was more aggravating was when checking social media sources, people were handing off the Bureau’s explanation, citing Abors LAYER 4 ATTACK MAP and criticising ABS for foul play…. Census is a layer …

Diagnosing and Mitigating Layer 7 (Application Layer) Distributed Denial of Service Attacks (Microcache/F2B/PHP5-FPM)

So, recently I began researching ways of hosting a CMS controlled site manually to cope with a high legitimate request load or a Layer 7 DDoS attack (Application Layer of the OSI Model). I have been the recipient of such attacks before which instantly gave out the “Resource Limit Exceeded” …