markoshust's blog

Mon, 01/18/2010 - 00:00

How to beat Slowloris HTTP DoS attacks

Submitted by markoshust Mon, 01/18/2010 - 00:00

I’ve recently been involved with a site that was experiencing a heavy level of Slowloris attacks. Slowloris is a DoS (Denial of Service) attack that was made with a very simple agenda – to shutdown websites with a very low-level attacking client. It seems to mainly affect Apache, the most popular web server in the world (newer web servers such as Lighttpd and nginx are unaffected).


Thu, 11/19/2009 - 00:00

Backup an Amazon Web Services (AWS) EC2 instance to S3 and register it as an AMI

Submitted by markoshust Thu, 11/19/2009 - 00:00

Here is another hot topic that seems extremely confusing from the start, but is actually very easy to implement. Amazon Web Services EC2 seems to be the most fully-featured cloud-based web services on the internet. Amazon was the first major party to rollout a massive network of VM’s in the ‘cloud’ and remains to be the highest-respected service out there for Linux computing.


Fri, 11/13/2009 - 00:00

The absolutely quickest and simplest way to upgrade Drupal

Submitted by markoshust Fri, 11/13/2009 - 00:00

On the initial surface, upgrading Drupal appears complex, when in actuality it’s very rudimentary. A lot of the tutorials and resources on how to upgrade are just plain confusing and not to the point.

The following is a list of command lines and steps in order to upgrade Drupal quickly and easily in 3 EASY STEPS! It just can’t get easier, and I have yet to see one posting that includes this way of doing it, which is really just the quickest/easier/cleanest/simplest way to get it done.


Mon, 09/21/2009 - 00:00

Preventing injection attacks and securing your website

Submitted by markoshust Mon, 09/21/2009 - 00:00

Injection attacks and vulnerabilities are extremely common, and can be prevented in just about any case with proper coding and setting permissions correctly. There are a vast array of cross-site scripting (XSS) attacks and worms out there (I’m sure you’ve stumbled on a site with the words ‘viagra’ or ‘xanax’ in the page, and it looks very out-of-place and not consistent with the site’s content). These are usually caused by bots searching the web for securities vulnerabilities.