mod_dosevasive是Apache的一个规避策略模块,它为Apache在遭受一个HTTP DoS或DDoS攻击或者强制
攻击事件时提供规避行动。
它也是一个检测和管理网络的工具,可以方便地配置以便与ipchains、网络防火墙、路由器等进行交互。
mod_dosevasive目前可以通过电子邮件和syslog等设施来报告滥用行为。
检测是通过创建一个IP地址和URI的内部动态哈希表,并拒绝任何单一的IP地址的以下行为:
* 每秒多次请求同一个页面
* 在同一个Apache Child上,每秒发起超过50个并发请求
* 在临时黑名单上(在阻止列表上)的IP,发起任意请求
这个方法对于单一服务器脚本攻击和分布式攻击同样行之有效,但是和其它规避工具一样,仅仅对保护带宽和
处理器消耗起作用(如,带宽总量和接收/处理/响应无效请求所需的处理器),因此,把它和你的网络防火
墙与路由器集成起来以达到最大保护,是个好主意。
这个模块为每个监听器单独地初始化一个实例,因此它有内建的清理机制和缩放功能。由于这种针对每个
Apache Child的设计,合法的请求从来不受影响(甚至是从代理和NAT地址),而仅仅针对脚本攻击。即使用户
重复地点击“刷新”也应该不受影响,除非他们不怀好意。mod_dosevasive完全通过Apache配置文件来配置,
很容易集成到你的web服务器上。
From the tcpcat README:
Tcpcat is a simple program that is like `cat' but it works over TCP streams
to allow you to cat from one host to another.
The host common way to use this program whould be something like this:
on host a: $ tcpcat -l 93255 | gzip -dc | tar xvf -
on host b: $ tcpcat -h hosta:93255 file.tar.gz
Another good use for this program is debugging network stuff. When debugging
a newtork client or server you can pipe the output of tcpcat to a hex dump
(I recomend xxd which comes with vim). Also it can act as a crude telnet server
when invoded with --listen, --input, and --output, this mode is quite useful
for network program debugging as well.
This is python module for RFC 5451 Authentication-Results Headers
generation and parsing.
It also supports Authentication Results extensions:
RFC 5617 DKIM/ADSP
RFC 6008 DKIM signature identification (header.b)
RFC 6212 Vouch By Reference (VBR)
draft-kucherawy-dmarc-base-00 DMARC
Parser and printer for bencoded data. Bencode (pronounced like B encode)
is the encoding used by the peer-to-peer file sharing system BitTorrent
for storing and transmitting loosely structured data.
Plaso is the Python based back-end engine used by tools such as log2timeline
for automatic creation of a super timelines. The goal of log2timeline (and thus
plaso) is to provide a single tool that can parse various log files and
forensic artifacts from computer and related systems, such as network equipment
to produce a single correlated timeline. This timeline can then be easily
analysed by forensic investigators/analysts, speeding up investigations by
correlating the vast amount of information found on an average computer system.
Tarantool is an efficient NoSQL database and a Lua application server.
Key features of the Lua application server:
* 100% compatible drop-in replacement for Lua 5.1, based on LuaJIT 2.0.
Simply use #!/usr/bin/tarantool instead of #!/usr/bin/lua in your script.
* full support for Lua modules and a rich set of own modules, including
cooperative multitasking, non-blocking I/O, access to external databases,
etc.
Key features of the database:
* MsgPack data format and MsgPack based client-server protocol
* two data engines: 100% in-memory with optional persistence and a 2-level
disk-based B-tree, to use with large data sets
* multiple index types: HASH, TREE, BITSET
* asynchronous master-master replication
* authentication and access control
* the database is just a C extension to the app server and can be turned off
Xmcd is a program that allows the use of the CD-ROM drive as a
full-featured stereo compact-disc player for the X Window System.
Most of the features found on real CD players are available in
xmcd, such as shuffle and repeat, track programming functions, a
numeric keypad, and track warp slider for direct track access.
Additional functions include sample play, A to B segment play,
volume control, balance control, etc. Several automation options
are also available on CD load, eject, play completion, and program
exit. A Channel Routing feature allows you to select from several
stereo or mono routing options. The volume control slider taper
characteristics can also be altered.
JDBM is a transactional persistence engine for Java. It aims to be for Java
what GDBM is for other languages: a fast, simple persistence engine.
You can use it to store a mix of objects and BLOBs, and all updates are done
in a transactionally safe manner. JDBM also provides scalable data structures,
such as HTree and B+Tree, to support persistence of large object collections.
JDBM2 provides HashMap and TreeMap which are backed by disk storage.
It is very easy and fast way to persist your data.
JDBM2 also have minimal hardware requirements and is highly embeddable.
a package management framework for the Ruby programming language
An application or library is packaged into a gem, which is
a single installation unit.
RubyGems entirely manages its own filesystem space, rather
than installing files into the "usual" places. This enables
greater functionality and reliability.
Using RubyGems, you can:
- download and install Ruby libraries easily
- not worry about libraries A and B depending on
different versions of library C
- easily remove libraries you no longer use
- have power and control over your Ruby platform!
Vroom lets you create your slides in a single file using a Wiki-like
style, much like Spork and Sporx do. The difference is that your slides
don't compile to HTML or JavaScript or XUL. They get turned into a set
of files that begin with '0', like '03' or '07c' or '05b.pl'.
The slides are named in alphabetic order. That means you can bring them
all into a Vim session with the command: vim 0*. vroom --vroom does
exactly that.
Vroom takes advantage of Vim's syntax highlighting. It also lets you run
slides that contain code.
Since Vim is an editor, you can change your slides during the show.