There seems to have been so much hype over the recent bash bug, shell shock! And there were all the people in the Microsoft world thinking YES we are so cool we are NOT affected by it! Yea right I knew it, there had to be something much the same as the bash bug available in CMD.exe It affects the Windows CMD.exe Shell and I will provide a working example of how it can be exploited. It does show the whole hype of the bash bug bearing in mind you need access to the machines shell in the first place
Loadbalancer.org product roadmap (as always a work in progress)
Understandably we get quite a few requests for a product road map. We’ve had a chat about this internally and thought that it would be nice to have a permanent post on the blog that we change on the fly as customer requirements change
How do you keep your development team happy?
Well its easy really, you let them buy some new toys to play with like 10Gb Switches and fiber cards which is our current little project (10Gb to our desktop workstations should be nice).
Shell-shocked by shell shock? Bash vulnerability explained.
Having recovered from the recent Heartbleed vulnerabilities we now have another headline grabbing vulnerability to keep us all busy. First let me say that our product should be perfectly safe and secure unless you’ve already shared your passwords or forgotten to run “lbsecure”
A10 Networks’ Advanced Core Operating Systems (ACOS)
Discover how A10 Networks ACOS is increasingly the platform of choice for enterprises, service providers, Web giants and government organizations seeking to optimize the performance and security…
A10 Networks accepts ALS Ice Bucket Challenge
Several members of the A10 Networks finance team were called out for the ALS Ice Bucket Challenge and they’ve responded as a group to that worthy challenge. A10 is passing along the challenge…
Enhanced Microsoft IIS health checks using VBscript
By default, the load balancer uses a TCP connect to the port defined in the Virtual Service to verify the health of the real (backend) servers. For IIS this would typically be port 80. In many cases this kind of health check is adequate but for IIS this if often not the case.
Windows NLB (WNLB) and its disadvantages
Whilst Windows Network Load Balancing (WNLB) has been constantly improved in each version of Windows since it’s introduction in Windows 2000, it still has a fairly extensive list of disadvantages when compared to a hardware or virtual based loadbalancer.
Source IP Addresses, STunnel, Haproxy and Server Logs
When using proxies such as STunnel and HAProxy it’s easy to loose track of the client source IP address. This occurs for example when HAProxy is used in it’s default configuration to load balance a number of back-end web servers. By default, the source IP address of the packet reaching the web servers is the IP address of the load balancer and not the IP address of the client
Heartbleed 2.0? Not exactly but more OpenSSL issues have been found
In the wake of the recent Heartbleed Bug another series of OpenSSL vulnerabilities have been found. Whilst the Heartbleed bug was relatively easy to exploit, the latest batch of bugs are not. However if successfully exploited, there is potential for eavesdropping and traffic manipulation (CVE-2014-0224) as well as running arbitrary code on the vulnerable client or server (CVE-2014-0195)