Denial of Service (DOS) attacks can be especially effective against certain types of web application. If the application is highly dynamic or database intensive it can be remarkably simple to degrade or cripple the functionality of a site. This blog article describes some simple methods to mitigate single source IP DOS attacks using HAProxy. I’ve described how you would implement the techniques using the Loadbalancer.org appliance but they are easily transferable to any HAProxy based cluster
STunnel Cipher List and Qualys SSL Labs Testing
In the wake of all the recent vulnerabilities we have been working hard to make sure that we give the correct information to our customers. So we decided to setup our latest version of STunnel on our support server (https://support.loadbalancer.org) and test our Cipher Lists with the Qualys SSL Labs site (https://www.ssllabs.com/ssltest)
The Poodle SSLv3
So here we go again! SSL is broken once more and this one now leaves us with no SSL Ciphers that we can reliably use in a live production site so I guess this now forces us to use the TLS suite of ciphers which in the past have also had problems. Lets put it this way – if you use any form of SSL ciphers your vulnerable! Qualys have again been quick to update the Qualys SSL Labs Test tool that they provide which is free to use. This will test your SSL Certificate and all the currently usable Ciphers for your site
Loadbalancer.org product roadmap (as always a work in progress)
Understandably we get quite a few requests for a product road map. We’ve had a chat about this internally and thought that it would be nice to have a permanent post on the blog that we change on the fly as customer requirements change
Sophos ASG 8.310 Up2Date Released
We have released an update for those running Astaro Security Gateway V8. Version 8.310 is a bugfix release that stabilizes your installation and improves the Web Filtering and RED along with some other fixes.. For more information, read on! ASG 8.310 Up2Date Details News  -Bugfix release -Stability improvements for Web Filter -Stability improvements for RED -Bug fixes in mail proxies for mails with mixed Japanses charsets -Update timezone definitions Remarks -System will be rebooted -Configuration will be Upgraded Bugfixes [22922] Loadbar hangs while scrolling on dashboard Download: Link: ftp.astaro.com/ASG/v8/up2date/u2d-sys-8.310.tgz.gpg MD5Sum: ftp://ftp.astaro.com/ASG/v8/up2date/u2d-sys-8.310.tgz.gpg.md5 Size: ~123MB Up2Date Installation: Sophos Up2Date technology makes it easy to update your Astaro Security Gateway.
June’s Patch Tuesday – On the Way!
It’s time for another episode of Microsoft Patch Tuesday! Tell ‘em what they’ve won, Bob! A new caaaarrrrr! Wait. That’s not right. Sorry.
Microsoft Hits Citadel Hard
Late last week, Microsoft’s Digital Crimes Unit, working with the FBI and the U.S. courts, took a huge chunk out of the capabilities of the Citadel botnet. Citadel is a ZeuS variant that is responsible for infecting what is believed to be millions of computers across the globe in the hopes of stealing financial information through key logging and form grabbing and using that information to steal money from the bank accounts of infected victims.
Phishing – Alive and Well
Last week I was getting caught up on the usual deluge of emails, and one caught my eye. I’ll admit, at first glance, I almost clicked without thinking.
Google and the Zero-Day Conundrum
Last week Google announced a significant change to the way they disclose vulnerabilities. In cases where a zero-day vulnerability has made it into the wild and is being actively exploited, Google will now give a scant 7 days to the software vendor whose product is being exploited before ”…support(ing) researchers (by) making details available so that users can take steps to protect themselves.” We hope that the details Google will make available do not include full disclosu…
Dr.Jekyll or Mr.Hyde?
We recently had a company contact us regarding an email they received from their bank. The company’s access to their online banking account was blocked by its bank due to fraudulent activity observed through its account