Monday, July 2, 2007

[BLUG] [Fwd: Job announcement: Linux System Admin]



-------- Original Message --------
Subject: Job announcement: Linux System Admin
Date: Mon, 2 Jul 2007 16:55:55 -0400
From: Flynn, Robert Edward <reflynn@INDIANA.EDU>
Reply-To: Flynn, Robert Edward <reflynn@INDIANA.EDU>
To: IUMMUGNEWS-L@LISTSERV.INDIANA.EDU


Here is a sysadmin job with the city of Bloomington for anyone interested.

 

~Bob

 

From: alan schertz [mailto:schertza@bloomington.in.gov]
Sent: Monday, July 02, 2007 2:50 PM

Application available here:

 

Full Position Description:

 

Analyzes user needs and works with users to design, implement and maintain server systems, including hardware and software.  Develop prototypes of server systems.  Test and evaluate server systems for effectiveness, efficiency, and user acceptability.  Evaluate deployed server systems and recommends modifications, upgrades, and replacements to improve their functioning.  Recommends appropriate, effective, efficient, and standards-compliant purchases of server systems.  Develop, document, and implement standard operating procedures for existing and new systems, in collaboration with the Technology Support group.  Monitor trends and product developments in information technology.

 

 

 

Alan Schertz

Systems and Applications Manager, ITS, City of Bloomington

(812) 349 3521

(812) 360 2909 cell

 

 



 


--  Joe Auty NetMusician: web publishing software for musicians http://www.netmusician.org joe@netmusician.org 

Re: [BLUG] mod_security help

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark Krenz wrote:
> I was having issues with a large botnet...

Hi Mark,

If you're interested, your logs could be useful in getting the botnet
dismantled or at least bots removed. Ping me off-list if you'd be willing
to share the data you have.

Cheers,
- -Dave
- --

| Dave Monnier - dmonnier@ren-isac.net |
|

http://nicholas.ren-isac.net/dmonnier/

|
| Principal Security Engineer, REN-ISAC http://www.ren-isac.net/ |
| 24x7 Watch Desk: +1(317)278-6630, ren-isac@ren-isac.net |

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGiU4TBIf6jlONJjIRAt5yAKCFRZLoOryxwvA5Ir+cXPP0OcSD7gCgkumI
LN504WULluEzbzTqcg+foJs=
=rSU6
-----END PGP SIGNATURE-----
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] mod_security help

As a follow up, I got it working and it works. I was having issues
with a large botnet hammering a website on Suso that is rather expensive
as far as page load time. Strangely enough, they were all using the
Referer: http://www.google.com/

as their referer spam. Why? I don't
know. Either way, I was able to put this line in the vhost container
itself so that the rule only applies to that website in a shared web
hosting environment:

SecRule REQUEST_HEADERS:Referer "^http://www.google.com/$" \
"log,deny,msg:'Google Referal Spammer',id:'910007',severity:'4'"

Works like a charm. Now I won't be woken up at 5am to restart Apache.
There are many many other things that mod_security can be used for. I
ran into a problem where another user was streaming music and that broke
after I turned it on because it can investigate the outgoing body of the
web server's response. Fortunately you can turn that off so streaming
works ok.

Mark

On Mon, Jun 25, 2007 at 03:19:41PM GMT, Steven Black [blacks@indiana.edu] said the following:
> On Sat, 2007-06-23 at 20:48 +0000, Mark Krenz wrote:
> > Is anyone here using mod_security to block referal spammers? I don't
> > need to just remove them from the logs, I need to block them so that
> > they don't make costly requests to pages that have databases queries,
> > etc.
>
> I have not started using it yet, but I have been convinced that using it
> is a good idea. It offers a lot of flexibility. I know it certainly
> offers this capability. It can also block SQL injection attempts, buffer
> over-run attempts, and a number of other potential problem scenarios.
>
> The documentation is supposed to be pretty good, and the community
> support is supposed to be good, too. (I've met the follow at Breach that
> deals with the community.)
>
> Cheers,
> Steven Black
>
>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug
>

--
Mark Krenz
Bloomington Linux Users Group
http://www.bloomingtonlinux.org/
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug