by Peter Connolly | Feb 6, 2013 | Management, technology
Let’s start at the beginning; why sftp? Well, would you transmit your private details (including your password) in plain text? No? Well, FTP does. FTP is one of several protocols on a computer that transmits usernames and passwords in plain text across the...				
					
			
					
											
								 
							
					
															
					
					 by Peter Connolly | Sep 20, 2011 | technology
If you don’t understand the title of this post, it’s probably not of relevance to you! In August 2011, a vulnerability was discovered in Apache which would allow a DoS attack to succeed. Full details here (Summary: It’s bad. Really bad.) We’re...				
					
			
					
											
								 
							
					
															
					
					 by Peter Connolly | Jun 14, 2011 | featured, MySQL
One of a short series of posts listing useful MySQL commands that I use frequently when managing servers and databases. These come in useful when I don’t have access to Navicat, my favored tool for working with client databases. The assumption I make is that you...				
					
			
					
											
								 
							
					
															
					
					 by Peter Connolly | Jun 10, 2011 | featured, Ruby on Rails
When playing with Thinking Sphinx (the Ruby on Rails wrapper for the open source Sphinx search server), I decided to try to see if I could perform an injection attack on the server. Here’s the bad news: Yes, I could modify searches by changing the parameters...				
					
			
					
											
								 
							
					
															
					
					 by Peter Connolly | May 11, 2011 | featured, technology
Today our server was the target of a dictionary attack from a bot in Vietnam. Our csf/lfd install was up to the job, and swatted every attempt to login (see http://www.kpdirection.com/technology/using-csf-and-lfd/ for details of how we do that). The downside was that...