It’s Official Apache now controls Open Office..

That’s right it’s finally offical.  The Apache Foundation are now the proud maintainers of OpenOffice.  The question we are asking is whether there are really enough developers to maintain two complete but office suites?  Since the LibreOffice group split off their copy of Open Office they have been strong and viberant.  They have released no les than 4 versions since the split.  OpenOffice by comparison has not had a release since the split.  Only time will tell if the Apache Foundation can revieve what was the strongest competitor to MS Office.  For more details check out the write up here at

59 Open Source Security Tools…

While the title doesn’t lie, “59 Open Source Tools That Can Replace Popular Security Software”.  It probably should have been trimmed to 50.  Several of the packages are no longer being supported so be sure to go to the links and check the activity on the projects before committing.

This doesn’t meant that like most articles like this there aren’t a few new gems you may not of heard about before.  For me with this one it was the modsecurity package.  This pacakge is a plugin for Apache that aloow you to set up Web Server Firewall like functionality.  As I just had a friend get hacked becuase of a bug in PHP this seems like a great idea to me.  I am now going to look into whether we shouldn’t be investigating.

A lot of my favorite security tools are on this list.  Things like SpamBayes, Spamassisin and Bacula just to name a few.  It’s 4 pages but broken down in to nice list groupings.


Check your Apache server status remotely…

Don’t want to login via SSH to check on an Apache Web Server?  This article explains how to setup the server status page.  One word of warning though.  This page is turned off by default for a reason.  It can be used by bad guys to determine all kinds of things about your server and makes you more vulnerable.  If as the article suggests you restrict the IP addresses you can partially mitigate it.  The best way to handle it is not to expose it to the internet at all.  Unfortunately if you are hosting remotely, like at Amazon Ec3 or Server Beach, you may have to use an SSH tunnel to secure it.  You could restrict it to an IP Address but remember that IP Addresses can be spoofed.