Research Archives - Go Direct -> CompSec Direct

Apache brute: A simple brute force deterrent for Linux
Gallery
Apache brute: A simple brute force deterrent for Linux

Defensive Methodology

Apache brute: A simple brute force deterrent for Linux

By CompSec Direct|2022-06-15T00:39:43-04:00May 31st, 2017|Categories: Defensive Methodology|Tags: apache, brute force, Research, scripts|

We published a simple script to help identify and block possible brute-force attempts on a Linux web-server. The script counts the amount of “bad-actions” an ip has logged in the Apache logs and blocks the ip on port 443. This script also displays top 20 visitor information using geoiplookup (which should be installed) and performs a [...]

Comments Off

Judicial branch of Puerto Rico exposes sensitive court documents
Gallery
Judicial branch of Puerto Rico exposes sensitive court documents

Hacking, Laws, Reports

Judicial branch of Puerto Rico exposes sensitive court documents

By CompSec Direct|2022-06-15T00:43:34-04:00May 31st, 2017|Categories: Hacking, Laws, Reports|Tags: Data Leak, Disclosure, Government, Puerto Rico, Rama Judicial, Research|

Problem CompSec Direct recently became aware of an information disclosure problem with the https://unired.ramajudicial.pr/lawyernotificationauthentication/ application used by the judicial branch of the Puerto Rico government. The application uses a weak sequential ID string that is provided to attorneys and clients in order to view sensitive legal documents. Manipulating the ID string with simple math, similar to the overturned [...]

Comments Off