Doing a complete research on its security and all the method of making apache more secure then its looks. though while doing a research I learned so many stuff, speacially modifying apache code for hidding some header send to clients. May be try to write an article on Apache's security soon.
For the first time in my life I studied/used OpenSSL for a project of creating a remote monitoring system. It really hard in the begining but after going through all the RFC and its main idea now implementing SSL or TLS is easy. But few of the command line tool of OpenSSL is still confusing :). I wish we can have more easy and well documented documentaion of OpenSSL in near future. Yes I wish I should have contributed my part to. But its hard for me to explain to document any topic fully with a huge amount of details.
Now OpenSSL is added in my power tool implementaion in my CV. Looking forward to implement some thing more advance using OpenSSL.
Time In Lahore
Living alone in lahore is hard as I have to do all of my work my self. But its a good experience though same hard as living alone in any place in the world alone. One thing which I realize while living alone is that for coders its best to live alone in a single room because no one will disturb you and thats what I want when I m busy in any research or any project. I usually go late in office about 12 pm aprox and prefer doing coding when no one in the office.
Linux New Worm
Another new worm but based on already exposed tricks. Linux worm My comments:
This worms is a wakeup call for the lazy administrator and Developers around us. Its been a long time since XMP-RPC,AWStat vulnerabilities discovered and still, If its the fast spreading and elegant worm then the problem is totally belong to Administrator and some how Developers too.Time to sleep now its 2:00 AM :: SP ::
According to Symantec Security Responce paper, It also opens a UDP port 7222 for an unauthorized acces which is only possible if any one of us is not even fit in the First Dumbest idea of Marcus Ranum. And YES you are right, The problem is totally in the awareness of update not the Worm itself.
Thanks Daniel Hanson.