mod_dosevasive is an evasive maneuvers module for Apache to provide evasive
action in the event of an HTTP DoS or DDoS attack or brute force attack.
It is also designed to be a detection and network management tool, and can be
easily configured to talk to ipchains, firewalls, routers, and etcetera.
mod_dosevasive presently reports abuses via email and syslog facilities.
Detection is performed by creating an internal dynamic hash table of IP
Addresses and URIs, and denying any single IP address from any of the
following:
* Requesting the same page more than a few times per second
* Making more than 50 concurrent requests on the same child per second
* Making any requests while temporarily blacklisted (on a blocking list)
This method has worked well in both single-server script attacks as well as
distributed attacks, but just like other evasive tools, is only as useful to
the point of bandwidth and processor consumption (e.g. the amount of bandwidth
and processor required to receive/process/respond to invalid requests), which
is why it's a good idea to integrate this with your firewalls and routers for
maximum protection.
This module instantiates for each listener individually, and therefore has a
built-in cleanup mechanism and scaling capabilities. Because of this per-child
design, legitimate requests are never compromised (even from proxies and NAT
addresses) but only scripted attacks. Even a user repeatedly clicking on
'reload' should not be affected unless they do it maliciously. mod_dosevasive
is fully tweakable through the Apache configuration file, easy to incorporate
into your web server, and easy to use.
From the tcpcat README:
Tcpcat is a simple program that is like `cat' but it works over TCP streams
to allow you to cat from one host to another.
The host common way to use this program whould be something like this:
on host a: $ tcpcat -l 93255 | gzip -dc | tar xvf -
on host b: $ tcpcat -h hosta:93255 file.tar.gz
Another good use for this program is debugging network stuff. When debugging
a newtork client or server you can pipe the output of tcpcat to a hex dump
(I recomend xxd which comes with vim). Also it can act as a crude telnet server
when invoded with --listen, --input, and --output, this mode is quite useful
for network program debugging as well.
This is python module for RFC 5451 Authentication-Results Headers
generation and parsing.
It also supports Authentication Results extensions:
RFC 5617 DKIM/ADSP
RFC 6008 DKIM signature identification (header.b)
RFC 6212 Vouch By Reference (VBR)
draft-kucherawy-dmarc-base-00 DMARC
Parser and printer for bencoded data. Bencode (pronounced like B encode)
is the encoding used by the peer-to-peer file sharing system BitTorrent
for storing and transmitting loosely structured data.
Plaso is the Python based back-end engine used by tools such as log2timeline
for automatic creation of a super timelines. The goal of log2timeline (and thus
plaso) is to provide a single tool that can parse various log files and
forensic artifacts from computer and related systems, such as network equipment
to produce a single correlated timeline. This timeline can then be easily
analysed by forensic investigators/analysts, speeding up investigations by
correlating the vast amount of information found on an average computer system.
Tarantool is an efficient NoSQL database and a Lua application server.
Key features of the Lua application server:
* 100% compatible drop-in replacement for Lua 5.1, based on LuaJIT 2.0.
Simply use #!/usr/bin/tarantool instead of #!/usr/bin/lua in your script.
* full support for Lua modules and a rich set of own modules, including
cooperative multitasking, non-blocking I/O, access to external databases,
etc.
Key features of the database:
* MsgPack data format and MsgPack based client-server protocol
* two data engines: 100% in-memory with optional persistence and a 2-level
disk-based B-tree, to use with large data sets
* multiple index types: HASH, TREE, BITSET
* asynchronous master-master replication
* authentication and access control
* the database is just a C extension to the app server and can be turned off
Xmcd is a program that allows the use of the CD-ROM drive as a
full-featured stereo compact-disc player for the X Window System.
Most of the features found on real CD players are available in
xmcd, such as shuffle and repeat, track programming functions, a
numeric keypad, and track warp slider for direct track access.
Additional functions include sample play, A to B segment play,
volume control, balance control, etc. Several automation options
are also available on CD load, eject, play completion, and program
exit. A Channel Routing feature allows you to select from several
stereo or mono routing options. The volume control slider taper
characteristics can also be altered.
JDBM is a transactional persistence engine for Java. It aims to be for Java
what GDBM is for other languages: a fast, simple persistence engine.
You can use it to store a mix of objects and BLOBs, and all updates are done
in a transactionally safe manner. JDBM also provides scalable data structures,
such as HTree and B+Tree, to support persistence of large object collections.
JDBM2 provides HashMap and TreeMap which are backed by disk storage.
It is very easy and fast way to persist your data.
JDBM2 also have minimal hardware requirements and is highly embeddable.
a package management framework for the Ruby programming language
An application or library is packaged into a gem, which is
a single installation unit.
RubyGems entirely manages its own filesystem space, rather
than installing files into the "usual" places. This enables
greater functionality and reliability.
Using RubyGems, you can:
- download and install Ruby libraries easily
- not worry about libraries A and B depending on
different versions of library C
- easily remove libraries you no longer use
- have power and control over your Ruby platform!
Vroom lets you create your slides in a single file using a Wiki-like
style, much like Spork and Sporx do. The difference is that your slides
don't compile to HTML or JavaScript or XUL. They get turned into a set
of files that begin with '0', like '03' or '07c' or '05b.pl'.
The slides are named in alphabetic order. That means you can bring them
all into a Vim session with the command: vim 0*. vroom --vroom does
exactly that.
Vroom takes advantage of Vim's syntax highlighting. It also lets you run
slides that contain code.
Since Vim is an editor, you can change your slides during the show.