Seriti Consulting

I run a demo instance of Atomic Lab’s Pion at home that I use for customer demonstrations and generally playing around.

I have been looking recently at the visitor session replay functionality and it’s fascinating to see how many people are out there just randomly scanning for vulnerabilities.

If we drill down into the headers we can see that in many cases the requests have spoofed headers, IP addresses etc

GET http://www.eduju.com/proxyheader.php HTTP/1.1
Host: www.eduju.com
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive

The other common request string appears to be:

GET http://58.218.199.147:7182/judge.php HTTP/1.1

All of these requests use up your server resources, but standard analytics won’t show them up, so network-level analytics like Pion are the way to go!

Here is my 2009 presentation from the BCS Configuration Management Group in 2009.

Configuration Management – ensuring a consistent server configuration to improve confidentiality, security and availability – is a key part of day-to-day operations but is often a thorn in the Operation Manager’s side.

If you want to know why, read the presentation!

Since we are talking about presentations here is another one I did for the Load Testing Expo in 2009.

It’s a case study of how we did the performance testing for an internet-facing content/community/jobs site.

I gave my Web Performance 101 presentation at the London Web Performance Meetup on Tuesday and it appeared to go down well!

I have uploaded the presentation to Slideshare for future reference and it’s had > 500 views in 24 hours, so it goes to show that web performance is a hot topic!