Mod_Dosevasive in Apache

What Is Mod_Dosevasive?

Mod_Dosevasive is an evasive maneuvers module for Apache whose purpose is to react to HTTP DoS and/or Brute Force attacks.
An additional capability of the module is that it is also able to execute system commands when DoS attacks are identified. This provides an interface to send attacking IP addresses to other security applications such as local host-based firewalls to block the offending IP address. Mod_Dosevasive performs well in both single-server attacks, as well as distributed attacks; however, as with any DoS attack, the real concern is network bandwidth and processor/ RAM usage.

How Does Mod_Dosevasive Work?

Mod_Dosevasive identifies attacks by creating and using an internal dynamic hash table of IP Addresses to URIs pairs based on the requests received. When a new request comes into Apache, Mod_Dosevasive will perform the following tasks:

• The IP address of the client is checked in the temporary blacklist of the hash table. If the IP address is listed, then the client is denied access with a 403 Forbidden.
• If the client is not currently on the blacklist, then the IP address of the client and the Universal Resource Identifier (URI) being requested are hashed into a key. Mod_Dosevasive will then check the listener's hash table to verify if any of the same hashes exist. If it does, it will then evaluate the total number of matched hashes and the timeframe that they were requested in versus the thresholds specified in the httpd.conf file by the Mod_Dosevasive directives.
• If the request does not get denied by the preceding check, then just the IP address of the client is hashed into a key. The module will then check the hash table in the same fashion as above. The only difference with this check is that it doesn't factor in what URI the client is checking. It checks to see if the client request number has gone above the threshold set for the entire site per the time interval specified.

Configuration
you should add the following directives to your httpd.conf file

LoadModule dosevasive20_module modules/mod_dosevasive20.so

-IfModule mod_dosevasive20.c
-    DOSHashTableSize    3097
-    DOSPageCount        2
-    DOSSiteCount        50
-    DOSPageInterval     1
-    DOSSiteInterval     1
-    DOSBlockingPeriod   10
-/IfModule

RHEL 6 is built, and priced, for big shops

Latest iteration of Red Hat's iconic Linux distribution offers some shops a substantial upgrade and, for others, a fork in the road

There's always a sense of finally when a new version of  (RHEL) is released. We always know what's coming in the new OS, and generally we know when it'll be available, but we're still working with rapidly aging packages on the previous version and drumming our fingers for the next release.
With RHEL, the longer release cycle is the penalty to be paid for stability. When a new version of RHEL appears, it's been vetted for many moons through the cutting-edge Fedora Linux distribution. Presumably, most of the bugs have been worked out, but that doesn't help when you're busy shoehorning PHP 5.3 and MySQL 5.25 onto an RHEL 5.4 server.


The good news in RHEL 6 is a wealth of new features. These include very significant enhancements, long-awaited updates, and items that have been in place on other nominally less-stable distributions for months, if not years. After all, it's been nearly three years since RHEL 5.0 was released. The net result is that RHEL 6 is easily the best Red Hat Enterprise Linux release yet.

RHEL 6 hardware support


First up are the enhancements to the core system. RHEL 6 defaults to the CFS (Completely Fair Scheduler) process scheduler and the usual CFQ (Completely Fair Queueing) I/O scheduler.

For x86_64 CPUs, RHEL 6 can natively support up to 128 cores and 2TB of RAM. Using other kernel extensions, those limits can be stretched to 4,096 cores and 64TB of RAM, if you're really pushing big iron. Naturally, this is thanks to the Linux 2.6.32 kernel.

Red Hat has also done plenty of work in optimizing memory management with NUMA, which can produce significant performance increases on larger systems.

Virtualization performance is reaching impressive levels. Red Hat says that a virtualized guest environment offers between 85 percent and 95 percent of the performance that you would get by running on native hardware for CPU-intensive operations. It shows that the overhead of virtualization is decreasing and doesn't come with a serious performance penalty. The company also says that its virtualization technology is getting better at handling I/O-heavy workloads too, such as guest environments that run database software.

Wireless Ethernet PTP Bridge Solution

Wireless outdoor bridging solutions using 2.4Ghz, 5.4Ghz, 5.8Ghz, 24Ghz and 80Ghz frequency's with data rates up to 1.25Gbps full duplex!
	Are you looking to connect two or more of your buildings together? Would you like blistering performance from 22mbps to 1.25Gbps full duplex? Do you want availability of 99.999%? Are you in a NON line of sight situation (NLOS)? Are you looking for a faster + Cheaper leased line replacement? Here are variety of wireless bridging solutions for the Point to point (PtP) and point to multi point (PtMP) situation. You no longer have to pay for expensive leased line charges between your buildings, or put up with the slow speeds associated with leased lines. One can deliver blistering speeds of up to 1.25Gbps to ensure that your network is not the slowest link in your companies performance! Wireless Bridge Solutions Comparison   Manurfacturer Throughput Ubiquiti PowerBridge 150Mbps LigoWave PTP 180Mbps InfiLink PTP 260mbps Motorola PTP 280mbps BridgeWave GE80X 1.25Gbps Full Duplex BridgeWave GE80 1.25Gbps Full Duplex Point to Point Solution Connect two locations together with a dedicated link with up to a 1.25Gbps full duplex connection. BridgeWave is the leading supplier of gigabit RF connectivity solutions for service provider, government, military and enterprise applications. BridgeWave Gigabit Ethernet links extend network operator fiber to provide high-capacity access and backhaul, as well as extending enterprise LANs between buildings and sites. Motorola PtP Point to Point 21mbps to 300mbps Solution  Connect two locations together with a dedicated link with up to a 300Mbps connection. With aggregate throughput up to 300Mbps (25, 52, 105, 150 and 300) on a 30 MHz channel, our solutions deliver 300% greater spectral efficiency than our nearest competitor. Bridging two buildings together can be a difficult and technical exercise with many obstacles to overcome. Busy 2.4Ghz environments can often prove impossible to operate in with obstacles in your LOS (line of sight) or fresnel zone blockage that need to be removed. InFiNet InFiLINK Wireless 2x2 Wireless Bridge InfiLINK 2x2 is a brand new high-performance broadband wireless backhaul solution with greater effective throughput, increased link availability and operating distances in both LOS and NLOS conditions. The InfiLINK 2x2 is a superior wireless system that combines not only high-speed capability (up to 260Mbps throughput) but also best-in-class set of networking features all aimed at ensuring a seamless integration with existing wireless or wired network without any third party equipment required. InfiLINK offers wide range of licensed and unlicensed frequency band and software-upgradeable capacity options, in modular, single and dual-radio split system design, connectorized or with integrated antennas, for a broad array of applications including: WISP infrastructure, matching today’s capacity of remote base station, Enterprise or campus, building-to-building connectivity at FastEthernet speeds, Redundant Cellular backhaul, multiple E1/T1 TDM and Ethernet/IP transport, Long-range backhauls reaching distances of more than 60 km,Reliable backup for high-speed FSO and millimeter-wave links or fiber lines, NLOS backhauls using lower frequency bands LigoWave 180Mbps Wireless Bridges LigoWave unleashes its highest capacity, license-free PTP device with the release of the LIGOPTP 5 MIMO series product line. Making use of ground breaking 2x2 MIMO technology, the LigoPTP 5-23/5-N MIMO delivers aggregate TCP throughput capability of up to 180 Mbps (90 Mbps full-duplex) combined with high packets-per-second performance. This product enables carrier-class point-to-point capability, ideal for dedicated access or backhaul applications (including VOIP or other small packet applications). The LigoWave PTP product family couples flexible channel width capability (20 or 40 MHz) and industry-leading proprietary software mechanisms to set the utmost standard in spectral efficiency. The LigoPTP 5-23/5-N MIMO product features an integrated dual-polarized antenna (or 2 N-type connectors for the 5-N product) and is housed in a rugged, cast aluminum enclosure. PtMP Point to Multi Point Solutions:  Do you have multiple locations to connect together? Connect several locations together with a point to multi point bridge. Our choice of bridges come in integrated antenna's for ease of installation and configuration, Wireless Bridges for redundancy  One can also install a cost efficient wireless bridge to provide redundancy for your leased line, laser link or high-speed wireless bridge. Our bridges have built in antenna and are powered by PoE so no complicated installation is needed. If the bridge link is to be established on top of two buildings then a PoE bridge solution with external directional antennas will be used. All bridge links can use the 2.4Ghz 5.4Ghz or 5.8Ghz frequency's depending on the RF environment. Connection data rates of up to 10Gbps can be achieved with today's wireless equipment, which means that no longer do you have to reply on slow connections to your connected office! Wireless Bridge Survey's Before implementing a wireless bridge it is essential to perform a wireless bridge survey. The survey will calculate that the link is viable for the distance intended, that there is enough RF spectrum available and that no other RF bridge will interfere with your intended installation.   One should calculate the following items: RF Interference Fresnel Zone Link budget SOM (system operating margin) Free space path loss RSSI (Received signal strength indication)

Earth quake in karachi

Its very minor but its scary .

Mobile Broadcast Message Center can text all cell users in a given geo-location

Original Post here

With two thirds of the world population now carrying a mobile phone, we are in the position for the first time to enable a new form of broadcasting. Alcatel-Lucent has announced a new Broadcast Message Center (BMC) which enables targeted government text alerts to be sent to mobile users based on their location – from a small local area to nationwide. The flexibility and scalability of the BMC will save lives in the event of a gas leak, chemical spillage or natural disaster, as it leverages cell broadcast technology to bypass the network congestion that invariably hampers emergencies. The BMC will also be deployed as a commercial broadcast solution, enabling enterprises to communicate with a mobile workforce, or service providers to offer opt-in subscriber services that generate new sources of revenue.
It’s an amazing new world that we are seeing unfold as mobile handsets head towards ubiquity and every person becomes a node on the global wirless network, and one of the biggest immediate opportunities is to be able to notify millions of mobile users within seconds when there is a national, state or local emergency.
Alcatel-Lucent’s BMC extends emergency alerting to mobile users within a geographic area as large as a nation or as small as a few city blocks. Hence, the platform ensures critical warnings and information reach the right people at the right time.
Trials have already been held and the BMC will allow mobile carriers to comply with emergency alerting standards in both the United States and Europe, enabling them to rapidly disseminate warnings and safety information to citizens in an emergency.
Acting as secure interface between an emergency management agency and the service provider’s network, the Broadcast Message Center receives emergency alerts and broadcasts them to cell sites serving mobile customers in a specific geographic area.
For instance, targeted text alerts can be sent to:

• Residents threatened by tsunamis, wildfire, tornadoes, floods, etc.
• Students, faculty and parents to inform them of a school or campus emergency
• Consumers and office workers at an airport, shopping mall or business complex to evacuate the location due to a gas leak or suspicious package
• Citizens informing them of an Amber Alert
• Commuters to avoid a chemical spill, highway accident or road closure

Text alerts include a dedicated vibration cadence and audio attention signal for wireless customers with hearing or vision disabilities. The Broadcast Message Center enables service providers to easily manage message and delivery priorities, scheduling and re-transmission needs, which is key in crisis situations.
The flexibility and scalability of the Broadcast Message Center enables service providers to use it beyond emergency alerting for commercial broadcast services. It provides advertisers and interest groups alternative targeted marketing channels, offers enterprises and municipalities an effective means to communicate with their mobile workforce, while also helping service providers offer opt-in subscriber services that generate new sources of revenue.

Redhat 6 Released

More reliable. More open. More comprehensive.

With Red Hat Enterprise Linux, you can do more, today.

Red Hat Enterprise Linux is an Enterprise platform well-suited for a broad range of applications across the IT infrastructure. The latest release, Red Hat Enterprise Linux 6, represents a new standard for Red Hat by offering greater flexibility, efficiency, and control. It works across a broad range of hardware architectures, hypervisors, and clouds. Corporations and agencies that standardize on Red Hat Enterprise Linux are free to focus on building their businesses, knowing they have a platform that delivers more of what they need.

More reliable. Worry less when you choose Red Hat over Microsoft Windows.

Senior IT managers rank the quality of Red Hat's technology in the top tier of the software vendors list, as the CIO Insight Magazine Vendor Value survey has reported for the past seven years running. Red Hat Enterprise Linux delivers superior uptime to Microsoft, and your ability to install patches faster than for Microsoft Windows Server 2003 or Windows Server 2008 reduces downtime, freeing your time for more strategic IT tasks. Our global team and innovative engineering approach results in a stable operating system platform in which each release is supported for up to 10 years.

More Reliable than Microsoft

You can look to Red Hat to offer and track some of the latest innovations in the industry.
In the same vendor value survey, those same senior managers also rate Red Hat as a company that is one of the most reliable software vendors. We deliver high quality products, meet our commitments, and are responsive to our customers' needs. Red Hat consistently delivers a superior experience.
Companies that build their business on technology rely on Red Hat Enterprise Linux. NYSE Euronext, DreamWorks Animation, Salesforce.com, and other diverse companies around the world trust Red Hat Enterprise Linux to minimize downtime, provide sound security, run their largest workloads, and drive their businesses with assurance.

More open. Run the applications your business needs on the platforms you choose.

Today's IT infrastructures are multi-vendor and multi-platform. When you select software for your datacenter, you must consider how well it will operate in that heterogeneous environment. Created with a truly open process, Red Hat Enterprise Linux is an open platform that gives you flexibility, choice, and access to a broad range of innovations to help you control your costs and your future.

More Open than Oracle

A subscription to Red Hat Enterprise Linux provides access to any currently-supported version that covers your deployment, whether directly on a server, as a virtualization host, as a guest on the major hypervisors, or in clouds. You can upgrade, migrate, or re-architect without having to renegotiate your agreement.* Moreover, the open source licenses that are delivered through our subscription model give you the right to adapt the system to your needs, on your schedule.
Red Hat collaborates closely with leading independent software vendors (ISVs) and independent hardware vendors (IHVs) to produce an open Enterprise operating system that runs well for all users. Red Hat Enterprise Linux is designed to deliver the latest hardware innovations from many vendors, and is optimized to provide a high-performance and stable platform for a broad portfolio of enterprise and leading-edge applications, including SAP, IBM Lotus Domino, Oracle, SAS, and IBM WebSphere, database, and middleware software.
And all this is supported by Red Hat's global support and engineering teams that work alongside our partners every day.

More comprehensive. Standardize on the platform that covers it all.

Virtualization is a native feature of Red Hat Enterprise Linux 6, allowing your applications to have a consistent environment across physical, virtual, and cloud environments. All the work that you do to set up your applications – configuration, creating security policies, defining policy-driven resource allocation, ensuring regulatory compliance, and optimizing performance through system tuning and application diagnostics – is transportable across all of your deployments. And because Red Hat Enterprise Linux itself is independent of and portable across networks, hardware, and hypervisors – including Hyper-V and VMware – your operations are consistent and efficient wherever you choose to run them.

More Comprehensive than VMware

Red Hat Enterprise Linux provides support for your new and existing applications, the latest middleware products, modern cloud software architectures, and new runtime frameworks. But Red Hat provides much more than just a universal interface for applications. Red Hat Enterprise Linux offers a pervasive foundational environment for developing datacenter policies, procedures, and services. From identity management and governance, to a responsive, flexible, and complete Web applications stack, to effective management of scores of servers and massive storage, Red Hat Enterprise Linux should be a critical part of your datacenter infrastructure.

Load testing and performance measuring

Apache JMeter

is open source software, a 100% pure Java desktop application designed to load test functional behavior and measure performance. It was originally designed for testing Web Applications but has since expanded to other test functions.
What can I do with it?

Apache JMeter may be used to test performance both on static and dynamic resources (files, Servlets, Perl scripts, Java Objects, Data Bases and Queries, FTP Servers and more). It can be used to simulate a heavy load on a server, network or object to test its strength or to analyze overall performance under different load types. You can use it to make a graphical analysis of performance or to test your server/script/object behavior under heavy concurrent load.
What does it do?


Apache JMeter features include:

* Can load and performance test many different server types:
o Web - HTTP, HTTPS
o SOAP
o Database via JDBC
o LDAP
o JMS
o Mail - POP3(S) and IMAP(S)
* Complete portability and 100% Java purity .
* Full multithreading framework allows concurrent sampling by many threads and simultaneous sampling of different functions by seperate thread groups.
* Careful GUI design allows faster operation and more precise timings.
* Caching and offline analysis/replaying of test results.
* Highly Extensible:
o Pluggable Samplers allow unlimited testing capabilities.
o Several load statistics may be choosen with pluggable timers .
o Data analysis and visualization plugins allow great extendibility as well as personalization.
o Functions can be used to provide dynamic input to a test or provide data manipulation.
o Scriptable Samplers (BeanShell is fully supported; and there is a sampler which supports BSF-compatible languages)

JMeter is not a browser

JMeter is not a browser. As far as web-services and remote services are concerned, JMeter looks like a browser (or rather, multiple browsers); however JMeter does not perform all the actions supported by browsers. In particular, JMeter does not execute the Javascript found in HTML pages. Nor does it render the HTML pages as a browser does (it's possible to view the response as HTML etc, but the timings are not included in any samples, and only one sample in one thread is ever viewed at a time).

Download Apache Jmeter