R-fx Networks
Linux Software & Blog
LMD Signatures: RSS Feed & XML
May 12th
While I was making some signature updates this afternoon, It occurred to me that it might be useful if the signatures were available through an RSS feed for update tracking or should anyone want to serialize the importing of my signature data into other applications.
The signatures can be access in two data formats, the first is an RSS feed that presents the 50 most recent signatures published. The second is an XML element tree that can be queried by signature ID or for all/recent signatures. There is nothing fancy about either of these data sources, information is presented clean and More >
Better Late Than Never: Linux Malware Detect 1.3
May 12th
Today I have released Linux Malware Detect (LMD) 1.3, the first public stable release of my malware detection tool. The documentation is a little thin but the details are on the project page and the README file should fill you in on anything you need to know, otherwise you can post a comment on the bottom of the project page and I will assist where possible. Input on feature ideas, bugs and malware data is always welcome, see the –help options on LMD for the checkout feature to upload malware data to rfxn.com.
In October I detailed the concepts behind the More >
BFD 1.4: Important Security Fix
May 8th
Today I have put up a new release of BFD, version 1.4, that addresses an unsanitized variable issue that is used on the command line. This is a serious issue and should be treated as such, if you currently have BFD installed I would encourage you to update it immediately, the install.sh script in the BFD package will retain all your options and tracking data so the update process is painless.
Current Release: http://www.rfxn.com/downloads/bfd-current.tar.gz
Change Log: [Fix] properly sanitized vars passed to the command line [Fix] ignore.hosts is now updated with system addresses on each bfd run [Note] thanks to jpetersen@webhostsecurity.com for invaluable input and More >
Nginx: Caching Proxy
May 6th
Recently I started to tackle a load problem on one of my personal sites, the issue was that of a poorly written but exceedingly MySQL heavy application and the load it would induce on the SQL server when 400-500 people were hammering the site at once. Further compounding this was Apache’s horrible ability to gracefully handle excessive requests on object heavy pages (i.e: images). This left me with a site that was almost unusable during peak hours — or worse — would crash the MySQL server and take Apache with it by frenzied F5ing from users.
I went through all the More >
IRSYNC & Limiting Passwordless SSH Keys
May 4th
Anyone who has ever used SSH key-pairs to access more than a couple of servers (or hundreds in my case), will tell you they are an invaluable convenience. It is a natural progression and very common usage that SSH key-pairs are coupled with other common tasks or tools, where having a pass phrase attached to the key would be counter-intuitive to the task automation. So, what do we do despite our better judgment? We create key-pairs with absolutely no pass phrase. The implications are abundantly obvious, if the private key ever gets lost or stolen, any accounts that have the More >
