Protecting Apache2 Against Slowloris DoS

Protecting Apache2 Against Slowloris DoS

Slowloris is a tool to DoS an HTTP(S) web server without performing a traditional high-bandwidth “flood” approach. I’ll give you some background on how Slowloris is so effective, even today, and how to protect your Apache servers from this type of attack.

The FIDO Alliance’s “Second Factor Experience” In A Nutshell

The FIDO Alliance’s “Second Factor Experience” In A Nutshell

The FIDO Alliance is a conglomerate of top technology corporations (Microsoft, Google, Oberthur, NXP, Paypal, etc…) aiming to create standardized enhanced authentication with specific goals of “Passwordless Authentication” (UAF) and “Second Factor Authentication” (U2F). Essentially, they want to be able to framework how companies provide secure access to their web resources as well as how users prove their identity to the companies. Here’s my take on the effort.

Authentication solutions comparison

Authentication solutions comparison

There’s a lot of debate in the information security industry about what the next-gen solution will be for authenticating users into services (websites, applications, etc…). I’ve collected a list of suggested authentication solutions (both hardware and software mechanisms) and will try to shed some light on their pros and cons.

LogMeIn Rescue SAML 2.0 Authentication Tips

LogMeIn Rescue SAML 2.0 Authentication Tips

I’ve dealt with a lot of integration projects involving Single Sign-On using SAML2.0 but LogMeIn Rescue’s process for achieving this threw me for a loop initially. I’d like to share a little insight to hopefully help others achieve SSO using LMI Rescue with minimal pain.

Pin It on Pinterest