Tag: development

Simple Denial of Service DOS attack mitigation using HAProxy

Denial of Service (DOS) attacks can be especially effective against certain types of web application. If the application is highly dynamic or database intensive it can be remarkably simple to degrade or cripple the functionality of a site. This blog article describes some simple methods to mitigate single source IP DOS attacks using HAProxy. I’ve described how you would implement the techniques using the Loadbalancer.org appliance but they are easily transferable to any HAProxy based cluster

Big Data in ITSM

When we talk about big data in the world of IT service management (ITSM), we’re talking about two very different things: ​ Big data tools/services that IT provides to business – to number crunch business operations data. Big data within IT operations – to handle and leverage complex IT operations data. Big data services for business operations In an increasingly competitive, data-driven world, business managers are looking for effective ways to manage and interpret business data, especially big data.​ Digitalized business operations, such as e-commerce websites and mobile banking apps, produce huge amounts of data, which makes managing them close to impossible by using traditional computational models.

Shell-shocked by shell shock? I give you “CMD Caret” ^&

There seems to have been so much hype over the recent bash bug, shell shock! And there were all the people  in the Microsoft world thinking YES we are so cool we are NOT affected by it! Yea right I knew it, there had to be something much the same as the bash bug available in CMD.exe It affects the Windows CMD.exe Shell and I will provide a working example of how it can be exploited. It does show the whole hype of the bash bug bearing in mind you need access to the machines shell in the first place

Cloud Security Alliance (CSA) says Data Breach, Loss Top Cloud Threat List

A new survey of industry experts from the Cloud Security Alliance (CSA) finds data breach and data loss at the top of nine critical threats to cloud security. Cloud computing is more mainstream among businesses and government now than ever before. CSA’s “The Notorious Nine: Cloud Computing Top Threats in 2013” report details the development of the cloud service model and how it delivers business-supporting technology more efficiently.

Cloud Performance Monitor Free Tool for Public & Private Cloud

Learn more about the cloud server capabilities of SolarWinds Cloud Performance Monitor by visiting: www.solarwinds.com Mike Raab introduces you to the SolarWinds Cloud Performance Monitor Powered by Copper Egg! With this free tool, you can get real-time insight into the speed and availability of applications and services deployed on cloud, virtual and physical servers.

Performance based IT Shop Part 2

Not all IT problems come under the domain of the network engineer. In my previous Blog , I talked about IT shops having a hodge-podge set of tools. There are various reasons, but the real inefficiency is when these tools perform the same functions. There becomes a time and need to look at the IT problems from different perspectives. A few examples below: Kenn Nied, Senior Network Engineer at WA State Board for Community and Technical Colleges, illustrates this encounter. While looking at OpManager from a networking point of view, the operator sees alerts that a few switches and a firewall are unresponsive. Is it faulty equipment or an attack? Then turning to a Security mindset, he looks at ManageEngine Device Expert to see real time and historical configuration changes. In one case, it was identified that there was a Firewall rule change made and realized it was a misconfiguration that caused the switch unresponsive. Diagnostic time was minimal. Albert E.