Shadow Daemon and Client Headers
It is now recommended to disable whitelist checks of client HTTP headers in Shadow Daemon to prevent false-positives.
It is now recommended to disable whitelist checks of client HTTP headers in Shadow Daemon to prevent false-positives.
In this blog post I will explain how to turn a Raspberry Pi into a home alarm system that detects movements, records them, and sends the images to your phone. Additionally, the alarm system will turn on and off automatically based on the location of your phone.
TL;DR: There was a bug in the library jsoncpp regarding null-bytes. It was fixed a year ago, but most packet managers still ship affected versions. If a vulnerable version of the library is used it is possible to bypass shadowd 2.0.0 or earlier.
At the next OWASP Ruhrpott meeting I will present the current state of the web application firewall Shadow Daemon. The main topics of my talk will be the architecture and attack detection of the system, but you can also expect comparisons with other free web application firewalls like mod_security and naxsi.
It is my pleasure to announce the release of shadowd 1.1.0 as well as shadowd_ui 1.1.0 of the Shadow Daemon web application firewall. This update improves the performance, attack detection and ease of use. There are five major changes:
There are no new major additions, but this update does improve the overall experience a lot, so I highly recommend to apply it. Most changes are based on feedback, so keep it coming :)