• Apache mod_security on CentOS 5 x86_64

    Thursday, April 30th, 2009

    In the journey of rebuilding my dedicated server to create a  secured cloud server, I was trying to find out what are the potential issues, besides network intrusion through various ports, and services on my server. I found numbers ranging from 70% to 85% of all intrusions actually occur by way of applications. Specifically, I [...]

  • Issue with libxml2 and lua 5 on i386 verse x86_64

    Thursday, April 30th, 2009

    while I was trying to get the Apache mod_security plugin working, I starting having issue with Including 2 different libraries.
    The examples required me to include libxml2 and lua 5
    LoadFile /usr/lib/libxml2.so
    LoadFile /usr/lib/liblua.so.5.0
    Now when I ran a configcheck on Apache after this declaration alone, I kept getting the following error:
    /usr/lib/libxml2.so: wrong ELF class: ELFCLASS32
    So I started googling [...]

  • from Developer to System Admin in 60 seconds…

    Thursday, April 30th, 2009

    In a post I made a few months ago: http://baselogic.com/blog/archives/252
    I talked about an issue with a RootKit that I had. Well, the truth is, that was just a symptom to an issue. The reality was, I was hacked pretty bad, and really forced to completely start fresh with a complete OS reload, and getting fresh [...]

  • Invasion from a RootKit

    Wednesday, March 18th, 2009

    Yesterday, I was invaded by a RootKit.
    It seems there where some stealth application added to my /tmp directory, and seems to be stealing bandwidth from my server.
    I was given this URL as to a fix to secure my /tmp directory, and I am still trying to get through this tutorial:
    http://sysadmingear.blogspot.com/2007/10/how-to-secure-tmp-and-devshm-partition.html
    I wanted to make some notes, [...]