Security

Creating strong captcha with PHP

Posted Sun, 10/18/2009 - 13:21 by ma

While was looking for a captcha class for PHP, I found securimage. It's great but not very strong "out of the box".

With some modifications, I came up with a very strong way to create captcha directly with PHP. It use a variety of fonts, backgrounds and a dictionnary of words from a random book on Gutenberg. To make sure the captcha is readable, a function calculate the luminosity difference between the text and 2 colors in the background.

Howto block DDOS attacks with PSAD and simple iptables rules

Posted Fri, 05/08/2009 - 12:19 by ma

I will show you howto install PSAD to block DDOS attacks (distributed denial of service) and port scan on a webserver. Here I will use Ubuntu 8.04 LTS server but it should be very similar on other distro.

PSAD scan iptables log file to generate the attack block. The problem is that when you log ALL packets as shown in other PSAD tutorials, it will slow down considerably your server if it's busy and generate huge huge log files (growing at a rate of 1meg per second or more). With simple iptables rules, we will only log traffic that look suspicious (5 new connections in 5 seconds for example).

Online fraud detection API

Posted Wed, 04/08/2009 - 10:54 by ma

I created a small API for an e-store I manage (Portafixe.com) that calculate the distance between the shipping/billing location and the IP location for fraud prevention. Now i'm making it available to the public for free.

Howto block DDOS attacks on Ubuntu

Posted Thu, 02/26/2009 - 18:38 by ma

I will show you howto install PSAD on Ubuntu 8.04 LTS server to block DDOS attacks (distributed denial of service) and port scan.

PSAD scan iptables log file to generate the attack block. The problem is that when you log ALL packets as shown in other PSAD tutorials, it will slow down considerably your server if it's busy and generate huge huge log files (growing at a rate of 1meg per second or more). With simple iptables rules, we will only log traffic that look suspicious (5 new connection in 5 second for example).

Deny or allow countries with Apache htaccess

Posted Sun, 02/15/2009 - 21:52 by ma

The following script is using blogama.org IP geolocation API to automatically generate Apache htaccess file to deny or allow specific countries. You can put this script under crontab and the htaccess rules will be automatically updated. Also, it can update multiple htaccess files.

Blocking IP address of any country with iptables

Posted Wed, 02/11/2009 - 00:01 by ma

In this howto, I will show you how to automatically create iptables rules to block all connection from one country or more. The blocklist is created with an API I wrote and you can use wget to update the blocklist monthly.

Creating SSL key with CSR file for https

Posted Sun, 11/30/2008 - 08:12 by ma

Creating SSL keys is pretty basic but I wrote it here not to forget it :)

Blocking DDOS attack with PSAD

Posted Wed, 10/08/2008 - 00:22 by ma

Updated howto available here : http://blogama.org/node/98

Blocking IPs with iptables

Posted Tue, 09/16/2008 - 00:00 by ma

Howto block IP address with iptables and simple usage.