Category Archives: Servers

News and issues relating to server side technology.

HealthCare.gov deferred final security check, could leak personal data

Posted on by

HealthCare.gov sends data to analytics providers such as Google’s DoubleClick and Pingdom. As Simo reviewed the Web requests being made as part of his movement through the HealthCare.gov site, he found requests sent to these two providers that included his visit to the password reset page—and all of the user data that was generated by the page. That runs counter to the privacy policy on HealthCare.gov, which states that no personally identifiable information will be collected by site analytics tools. This is the same sort of behavior that the Federal Trade Commission has fined social networks such as Facebook and MySpace for in the past.

via HealthCare.gov deferred final security check, could leak personal data | Ars Technica.

Jekyll

Posted on by

Jekyll is a simple, blog-aware, static site generator. It takes a template directory containing raw text files in various formats, runs it through Markdown (or Textile) and Liquid converters, and spits out a complete, ready-to-publish static website suitable for serving with your favorite web server. Jekyll also happens to be the engine behind GitHub Pages, which means you can use Jekyll to host your project’s page, blog, or website from GitHub’s servers for free.

via Welcome.

IPv6 To Complicate Threat-Intelligence Landscape

Posted on by

Yet with the gradual — some would say “glacial” — move to the Internet Protocol Version 6 (IPv6) address scheme, the Internet’s address space will grow from merely big to nearly infinite. The vastness of the address space will cause problems for many threat-intelligence firms, from allowing attackers to use a new address for every attack to causing a rapid expansion in the size of the database needed to track the data on various sources, says Tommy Stiansen, chief technology officer for Norse, a real-time threat intelligence provider.

via IPv6 To Complicate Threat-Intelligence Landscape — Dark Reading.

What is XaaS (anything as a service)?

Posted on by

XaaS is a collective term said to stand for a number of things including “X as a service,” “anything as a service” or “everything as a service.” The acronym refers to an increasing number of services that are delivered over the Internet rather than provided locally or on-site. XaaS is the essence of cloud computing.

via What is XaaS (anything as a service)? – Definition from WhatIs.com.

How Do You Hijack a Popular Streaming Movie Site? With Ease, Apparently

Posted on by

“You don’t have to have access to any emails, passwords, or any other credentials. You simply grab the information from the WHOIS, write a letter with an attached photo-shopped ID with the same name, send it from a random email address, and the domain will be handed to you fairly quickly.”

via How Do You Hijack a Popular Streaming Movie Site? With Ease, Apparently | TorrentFreak.

Microsoft to Squeeze Datacenters on Price of WinServer 2012 R2

Posted on by

Microsoft Corp. plans to raise the price of the Datacenter edition of the upcoming R2 release of Windows Server 2012 by 28 percent, adding to what analysts call a record number of price increases for enterprise software products from Redmond.

According to licensing data sheets available for download from the Windows Server 2012 R2 Website (PDF), the price of a single license of Windows Server 2012 R2 Datacenter will be $6,155, compared to $4,809 today—plus the cost of a Client Access Licenses (CAL) for every user or device connecting to the server.

via Microsoft to Squeeze Datacenters on Price of WinServer 2012 R2.

‘Fort Disco’ Botnet Behind Attack Campaign Against Thousands Of Sites

Posted on by

“The number of weak passwords is not surprising, as this campaign is clearly a target of opportunity and not focused on a specific target,” Bing says. “This is interesting as it marks a sea change in the tactics of attackers. In addition to drive-by exploits of unpatched Windows machines being the low-hanging fruit, attackers are learning that these blog and content management systems are often vulnerable to trivial attacks.”

via ‘Fort Disco’ Botnet Behind Attack Campaign Against Thousands Of Sites.

A Storm of Servers: How the Leap Second Led Facebook to DCIM

Posted on by

Last July 1, that scenario became real as the “Leap Second” bug caused many Linux servers to get stuck in a loop, endlessly checking the date and time. At the Internet’s busiest data centers, power usage almost instantly spiked by megawatts, stress-testing the facility’s power load and the user’s capacity planning.

via A Storm of Servers: How the Leap Second Led Facebook to DCIM.

What was happening? The additional second caused particular problems for Linux systems that use the Network Time Protocol (NTP) to synchronize their systems with atomic clocks. The leap second caused these systems to believe that time had “expired,” triggering a loop condition in which the system endlessly sought to check the date, spiking CPU usage and power draw.

Web Ads Used to Launch Online Attacks

Posted on by

It didn’t take long for the victimized test server to begin struggling under the sudden load. In the first hour of the test, during which only $2 was spent on ads, more than 130,000 connections from browsers swamped the server. It wasn’t much longer until the server began falling offline under the growing load.

via Web Ads Used to Launch Online Attacks | MIT Technology Review.