Article on attacks against web servers (app level) and mitigations to stopping them, with full examples on the attacks. Some interesting things to try out someday would be mod_security and Tripwire-like programs to monitor file integrity. I would love to start getting alerts like these on my own systems whenever something changes, even if it is me updating a web page on my site. I also have a project to get some sort of centralized monitoring on my network to check for creation/changes to local user accounts and other things. I’d love to be able to centrally pull my firewall logs (Sygate), but I bet that will require my own scripting. At any rate, the paper is much of the same tried-and-true stuff with security, but the examples are pretty cool.