Comments for Jonathan Zdziarski's Domain

Comment on mod_evasive by p1c0

p1c0 — Wed, 18 Apr 2012 14:50:03 +0000

Hello,

is there any way to configure mod_evasive to count http sessions instead of single IP address?

I’ve a lot of clients coming from enterprise’s LAN behind a single NAT, and they get blacklisted.

Thank you

Comment on Ballistic: iPhone’s Favorite Ballistics Computer by Homepage

Homepage — Wed, 11 Apr 2012 06:26:49 +0000

… [Trackback]…

[...] Read More here: zdziarski.com/blog/?p=23 [...]…

Comment on mod_evasive by amersaeed

amersaeed — Tue, 10 Apr 2012 18:04:10 +0000

i am new to linux server, please guide me how i can edit and save httpd.conf file to add configuration into it.

Comment on On Christianity by mc25a

mc25a — Fri, 06 Apr 2012 15:32:19 +0000

Jonathan,
I enjoyed reading this post a great deal. In many ways I have been along the same spiritual path.

I think that the greatest challenge for the atheist is that he must ultimately accept a supernatural explanation for the origins of the universe. There was something at the beginning. Whatever preceded, fueled, or triggered the moment (big bang?) of creation was either (a) always there, infinitely in existence, or (b) created. I look forward to hearing more about your thoughts on evolution as well. .

Comment on Jailbreaking a Security Threat? Really? by MW

MW — Fri, 06 Apr 2012 09:58:10 +0000

I fully agree with you, that i jailbreaking doesn’t pose a security threat. As you, i believe, that jailbreaking has a lot of benefits (also for security).

But there is one thing, that sould be said:
An average, nontech user, will jailbreak its iphone to install some costly apps for free. And that’s where the main security treath comes from: cracked apps bundled with malware.

Comment on mod_evasive by pontikis

pontikis — Wed, 28 Mar 2012 19:16:15 +0000

mod_evasive is very useful. But ajax calls or common urls (e.g. something like /common/show_image/ ) may cause false positives.

I tried


DOSPageCount 50

but id does not work. I get:
DOSPageCount not allowed here Action 'configtest' failed. The Apache error log may have more information. failed!
Any ideas?

Thank you

Comment on mod_evasive by http dos attack

http dos attack — Wed, 07 Mar 2012 13:44:28 +0000

[...] It looks like from your iptables entries you are using two methods: connection rate limit and syn packet limits. You really should try to find evidence of the exact mechanism being applied so that you can tailor your solution. Based on the idea that these are full fledged GET requests, you might want to consider adding mod_evasive. See the following for a little more information: http://www.zdziarski.com/blog/?page_id=442 [...]

Comment on Plugging the iPhone Screenshot Leak by Carrier IQ software: A big risk to enterprise mobile security? | RemoveCarrierIQ.net

Thu, 01 Mar 2012 17:28:15 +0000

[...] action for aesthetic purposes. Noted mobile device forensics expert Jonathan Zdziarski also posted two steps that can be taken on jailbroken iPhones to disable this functionality. There is a more general [...]

Comment on Your True Identity by Jsophrin

Jsophrin — Thu, 02 Feb 2012 00:17:16 +0000

I perceived this post to be written in the same manner of C. S Lewis’ “The Weight of Glory”

http://www.verber.com/mark/xian/weight-of-glory.pdf

Comment on mod_evasive by :: b l a c k o n s o l e :: » :: Install mod_evasive on cPanel

:: b l a c k o n s o l e :: » :: Install mod_evasive on cPanel — Tue, 10 Jan 2012 03:41:59 +0000

[...] to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. – zdziarski :: How to install mod_evasive on cPanel / WHM + download and [...]