by Baptiste Assmann | Jan 30, 2014 | HAProxy, security, ssl
SSL offloading SSL offloading or acceleration is often seen as a huge benefit for applications. People usually forget that it may have impacts on the application itself. Some times ago, I wrote a blog article which lists these impacts and propose some solutions, using...
by Baptiste Assmann | May 8, 2013 | security
Apache Cdorked.A backdoor This is a pretty recent attack, using Cpanel to change the Apache httpd binary by a compromised one which embeds a backdoor. A few articles with more details are available here: *...
by Baptiste Assmann | Apr 26, 2013 | HAProxy, security
Brute force attacks Brute force is a pretty simple type of attacks: it consists of massively send requests to a URL with different parameter each time. The main purpose is to try to find the right parameter combination. Usually, brute force is used to discover...
by Baptiste Assmann | Apr 10, 2013 | Aloha, architecture, security, Virtual Desktop Infrastructure
RDS, RDP, TSE, remoteapp Whatever you call it, it’s the remote desktop protocol from Microsoft, which has been renamed during the product life. Basically, it allows users to get connected on remote server and run an application or a full desktop remotely....
by Baptiste Assmann | Mar 25, 2013 | Aloha, HAProxy, layer7, security
Synopsis You’re using HAProxy or the ALOHA Load-Balancer to load-balance IIS 6.0 web applications and you want them to pass successfully PCI compliance test. One of the pre-requisite is to force the cookie to be “HttpOnly”, in order to tell the...
by Baptiste Assmann | Jan 21, 2013 | Aloha, exchange 2010, Exchange 2013, HAProxy, security, ssl
The beast attack on SSL isn’t new, but we have not yet published an article to explain how to mitigate it with the ALOHA or HAProxy. First of all, to mitigate this attack, you must use the Load-Balancer as the SSL endpoint, then just append the following...
