Get a continuously updating display of client IP addresses on a web server using X-Forwarded-For

Sometimes it’s desirable to have a continuously updating display of the IP addresses which are hitting a web server, with an indication of how many times each IP address has made a request. This may be because you suspect a DoS or DDoS attack, or there may appear to be some other odd activity, or you may simply be curious. If a web server is sitting directly on the Internet then it’s possible to do this fairly easily with a tool such as netstat. Often, however, a web server is behind an ELB or another type of load balancer, which means that if you try to use netstat then you’ll just see the load balancer’s IP address, not the address of the client which made the request. But if your load balancer is passing the X-Forwarded-For header (as it really ought to be) then you can use this header instead of the client IP to get a continuously updating display. read more

Python script to convert ICS-exported List from Reminders app to plaintext

I make extensive use of the Reminders app* in OS X to keep track of tasks and to-do items, and I wanted a way to export a list of reminders to plaintext, so I knocked up a quick Python script to take an ICS file exported from a List in Reminders (which you can do from the File menu) and output it in plaintext. If this is something you find yourself needing to do then this might work for you. read more

HttpOnly flag for persistence cookies in HAProxy

A client arranged penetration testing in order to achieve PCI compliance and it was found that not all cookies contained the HttpOnly flag, which is an automatic fail because apparently you are more vulnerable to XSS attacks if you don’t set your cookies to use HttpOnly. read more

Virtualisation with KVM and LVM on CentOS 6 via the command line

I’ve found plenty of articles out there explaining how to use KVM with graphical GUI tools. On most of the CentOS servers I administer, however, I use Kickstart to create a customised and minimal GUI-free install to keep things as simple and efficient as possible. Here, therefore, are some guidelines for how to set up a virtualisation environment and virtual machines using KVM on CentOS 6 via the CLI. read more

iPhoneography: where photography, art and technology truly meet

Photographers are increasingly embracing smartphones, and Apple’s iPhone in particular, as valid alternatives to their SLRs. Adopting the philosophy that ‘the best camera is the one that’s with you’, photographers find with iPhones that they can simply point and shoot in situations where photography would not be an option with a larger camera. For many, this embodies the true essence of photography, in which making a timely visual capture of a particular moment is more important than painstakingly changing lenses and altering aperture settings. More and more photographers are questioning the assumption that bulky, costly photographic equipment is necessary for taking worthwhile photographs. Instead, they are realising that you can never tell when inspiration is going to strike, and being able to take photographs instantly at any time is incredibly advantageous. read more