Как быстро установить и настроить Redis кластер
В данном случае подразумевается схема master > slave, как итог реализация позволяет восстанавливать ключи-значения, а с реплики читать точно такие-же данные, как на master:
https://sys-adm.in/systadm/980-kak-bystro-ustanovit-i-nastroit-redis-klaster.html
* How to install and configure Redis cluster
В данном случае подразумевается схема master > slave, как итог реализация позволяет восстанавливать ключи-значения, а с реплики читать точно такие-же данные, как на master:
https://sys-adm.in/systadm/980-kak-bystro-ustanovit-i-nastroit-redis-klaster.html
* How to install and configure Redis cluster
sys-adm.in
Как быстро установить и настроить Redis кластер - Для сисадминов и не только
Sys-Adm.in - Сайт для сисадминов и не только. Здесь собраны различные материалы основанные на личной практике. Блог Евгения Гончарова.
[RU] - Мониторинг сервисов при помощи Monit с алертингом в телеграм
Суть статьи: Установка и настройка monit на предмет мониторинга локального REDIS сервера и удаленных HTTPS серверов с отсылкой алертов в телеграм:
* Детали Здесь
[EN] - How to monitor services with Monit with Teleram alerting
Суть статьи: Установка и настройка monit на предмет мониторинга локального REDIS сервера и удаленных HTTPS серверов с отсылкой алертов в телеграм:
* Детали Здесь
[EN] - How to monitor services with Monit with Teleram alerting
sys-adm.in
Мониторинг сервисов при помощи Monit с алертингом в телеграм - Для сисадминов и не только
Sys-Adm.in - Сайт для сисадминов и не только. Здесь собраны различные материалы основанные на личной практике. Блог Евгения Гончарова.
Sys-Admin Up
v86 emulates an x86-compatible CPU and hardware. Machine code is translated to WebAssembly modules at runtime in order to achieve decent performance. https://github.com/copy/v86
Linux and Tiny C Compiler in the browser
https://ja.nsommer.dk/articles/linux-and-tiny-c-compiler-in-the-browser-part-one.html
https://ja.nsommer.dk/articles/linux-and-tiny-c-compiler-in-the-browser-part-one.html
ja.nsommer.dk
Linux and Tiny C Compiler in the browser, part one
Linux and Tiny C Compiler in the browser via v86
THIS CRAFTY TOOL CAN EAVESDROP ON 6G WIRELESS SIGNALS
https://www.futurity.org/metasurface-in-the-middle-6g-wireless-signals-2741042-2/
https://www.futurity.org/metasurface-in-the-middle-6g-wireless-signals-2741042-2/
Futurity
This crafty tool can eavesdrop on 6G wireless signals
Thanks to new findings, 6G wireless networks could be designed with built-in defenses against "metasurface in the middle" attacks.
Beware, here is how WhatsApp accounts are getting hacked..
https://www.linkedin.com/posts/fb1h2s_beware-here-is-how-whatsapp-accounts-are-activity-6934386561048264704-NnFf
https://www.linkedin.com/posts/fb1h2s_beware-here-is-how-whatsapp-accounts-are-activity-6934386561048264704-NnFf
Linkedin
Beware, here is how WhatsApp accounts are getting hacked. First, you receive a call from the attacker who will convince you to…
Beware, here is how WhatsApp accounts are getting hacked. First, you receive a call from the attacker who will convince you to make a call to the following number **67*<10 digit number> or *405*<10 digit number>. Within a few minutes, your WhatsApp would…
R4IoT: When Ransomware Meets IoT and OT
Next-generation ransomware report:
https://www.forescout.com/resources/r4iot-next-generation-ransomware-report
Next-generation ransomware report:
https://www.forescout.com/resources/r4iot-next-generation-ransomware-report
Forwarded from Sys-Admin InfoSec
Open BLD DNS Updating News: Pre-release BLD, Debian migration and Alerting infrastructure
I'm happy to present BLD DNS pre-release services already in production. What's new:
🚀 Speedup:
• Cache and updating process of additional blocking lists, was improved
• Improved memory handling. Redis cluster added.
• Improved DNS prefetching process
🛸 Security:
• Fully removed support olders TLS versions
• All code depenses (include vulnerabilities fixes) was updated
• Added cross check server availability with alerts
• All BLD servers has A statuses in SSLLABS
• All BLD servers divided to specified categories
• Added notifications (alerts) to Telegram Bot
🪚 Stability:
• Added additional systemd timers for watching BLD services statuses
• Added DNS tracking service and automatic restart of BLD services
🚜 Migration:
• All migration (from distro to distro) processes 90% automated
• All CentOS servers deprecated and changed to Debian 🎉
🛰 Today, the BLD infrastructure has 10 servers located around the world 🎈🎈🎉
BLD works without agents or any additional tools, but you can use secure and clean Internet in/on:
• Browsers (Chrome, Brave, Firefox, Edge and etc)
• Mobile devices (Android, iOS)
• Computers or networks (Primaty/Secondary DNS)
If you not tried BLD DNS - get more details on official BLD site:
• https://lab.sys-adm.in
#free #bld #sys-admin #sevices
I'm happy to present BLD DNS pre-release services already in production. What's new:
🚀 Speedup:
• Cache and updating process of additional blocking lists, was improved
• Improved memory handling. Redis cluster added.
• Improved DNS prefetching process
🛸 Security:
• Fully removed support olders TLS versions
• All code depenses (include vulnerabilities fixes) was updated
• Added cross check server availability with alerts
• All BLD servers has A statuses in SSLLABS
• All BLD servers divided to specified categories
• Added notifications (alerts) to Telegram Bot
🪚 Stability:
• Added additional systemd timers for watching BLD services statuses
• Added DNS tracking service and automatic restart of BLD services
🚜 Migration:
• All migration (from distro to distro) processes 90% automated
• All CentOS servers deprecated and changed to Debian 🎉
🛰 Today, the BLD infrastructure has 10 servers located around the world 🎈🎈🎉
BLD works without agents or any additional tools, but you can use secure and clean Internet in/on:
• Browsers (Chrome, Brave, Firefox, Edge and etc)
• Mobile devices (Android, iOS)
• Computers or networks (Primaty/Secondary DNS)
If you not tried BLD DNS - get more details on official BLD site:
• https://lab.sys-adm.in
#free #bld #sys-admin #sevices
Sys-Admin Up pinned «Open BLD DNS Updating News: Pre-release BLD, Debian migration and Alerting infrastructure I'm happy to present BLD DNS pre-release services already in production. What's new: 🚀 Speedup: • Cache and updating process of additional blocking lists, was improved…»
Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
Forwarded from Sys-Admin InfoSec
2022-MS-Vulnerability-Report.pdf
1.3 MB
/ Microsoft Vulnerabilities Report 2022
Historically, the report has delivered a holistic annual view of the vulnerabilities within Microsoft’s platforms and products, and has established an
undeniable business case for the importance of removing admin rights to reduce risk…
Historically, the report has delivered a holistic annual view of the vulnerabilities within Microsoft’s platforms and products, and has established an
undeniable business case for the importance of removing admin rights to reduce risk…
NodeJS Security Recommendation Links
- ESLint Plugin Security - https://github.com/nodesecurity/eslint-plugin-security
- Express App Secure with Helmet - https://www.npmjs.com/package/helmet
- 6 Tools for checking vulnerabilitues in Node - https://www.freecodecamp.org/news/6-tools-you-can-use-to-check-for-vulnerabilities-in-node-js/
- Secure coding practices for NodeJS Web Applications - https://auto1.tech/securing-nodejs-applications/
- Top 11 Node.js security best practices - https://blog.sqreen.com/nodejs-security-best-practices/
#node
- ESLint Plugin Security - https://github.com/nodesecurity/eslint-plugin-security
- Express App Secure with Helmet - https://www.npmjs.com/package/helmet
- 6 Tools for checking vulnerabilitues in Node - https://www.freecodecamp.org/news/6-tools-you-can-use-to-check-for-vulnerabilities-in-node-js/
- Secure coding practices for NodeJS Web Applications - https://auto1.tech/securing-nodejs-applications/
- Top 11 Node.js security best practices - https://blog.sqreen.com/nodejs-security-best-practices/
#node
GitHub
GitHub - eslint-community/eslint-plugin-security: ESLint rules for Node Security
ESLint rules for Node Security. Contribute to eslint-community/eslint-plugin-security development by creating an account on GitHub.
API Gateway in NodeJS
- Create an API Gateway Using NodeJS and Express - https://medium.com/geekculture/create-an-api-gateway-using-nodejs-and-express-933d1ca23322
- How to build your first RESTful API in Node.js - https://medium.com/@jlrosenberg/how-to-build-a-node-rest-service-a3f280b99c7d
#node
- Create an API Gateway Using NodeJS and Express - https://medium.com/geekculture/create-an-api-gateway-using-nodejs-and-express-933d1ca23322
- How to build your first RESTful API in Node.js - https://medium.com/@jlrosenberg/how-to-build-a-node-rest-service-a3f280b99c7d
#node
Medium
Create an API Gateway Using NodeJS and Express
Let's say that you have a bunch of API endpoints that you are currently managing, such as a large collection of micro services. Maybe at…
⚙️ Monitor.sh - Script for checking systemd unit status
monitor.sh can run custom noscript / action if unit has stopped or running statuses, examples:
or
or just:
add this noscript to cron and if your systemd unit will be stopped or disabled, monitor.sh will enable and will try tu restart targeted systemd unit…
* https://github.com/m0zgen/monitor
monitor.sh can run custom noscript / action if unit has stopped or running statuses, examples:
./monitor.sh -u sshd -a "/path/to/action-noscript/action.sh"or
./monitor.sh -u multipathd -r -a "/usr/local/sbin/test.sh"or just:
./monitor.sh -u multipathd -radd this noscript to cron and if your systemd unit will be stopped or disabled, monitor.sh will enable and will try tu restart targeted systemd unit…
* https://github.com/m0zgen/monitor
GitHub
GitHub - m0zgen/monitor: ⚙️ Monitor.sh - Script for checking systemd unit status
⚙️ Monitor.sh - Script for checking systemd unit status - m0zgen/monitor
knot-resolver-readthedocs-io-en-stable.pdf
918.1 KB
Knot Resolver - Official Manual (Mar 15, 2022)
Knot Resolver is a minimalistic implementation of a caching validating DNS resolver. Modular architecture keeps the core tiny and efficient, and it provides a state-machine like API for extensions
Knot Resolver is a minimalistic implementation of a caching validating DNS resolver. Modular architecture keeps the core tiny and efficient, and it provides a state-machine like API for extensions
Этика и психология индивидуума айтишного и не только. Риторика.
- В начале было слово. Слово - это поступок. Говоря слова и собирая их в предложения, абзацы - следи за собой ибо ты совершаешь поступки.
- Воля, дух - их как бы нет как органов, но их можно тренировать, развивать и использовать это в своей жизни.
- Совокупность разных качеств образует образ - личность, эксперта или тряпку и болтуна.
Нравственность и мораль, а так же жизненный опыт, аспекты слова и духа и много чего еще образуют еще одну сущность, дисциплину - этика…
Далее о наборе различных компетенций формирующих поведение и отношение к жизни, самому себе и окружающим:
- https://sys-adm.in/live/983-etika-i-psikhologiya-individuuma-ajtishnogo-i-ne-tolko-ritorika.html
- В начале было слово. Слово - это поступок. Говоря слова и собирая их в предложения, абзацы - следи за собой ибо ты совершаешь поступки.
- Воля, дух - их как бы нет как органов, но их можно тренировать, развивать и использовать это в своей жизни.
- Совокупность разных качеств образует образ - личность, эксперта или тряпку и болтуна.
Нравственность и мораль, а так же жизненный опыт, аспекты слова и духа и много чего еще образуют еще одну сущность, дисциплину - этика…
Далее о наборе различных компетенций формирующих поведение и отношение к жизни, самому себе и окружающим:
- https://sys-adm.in/live/983-etika-i-psikhologiya-individuuma-ajtishnogo-i-ne-tolko-ritorika.html
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
Probing for Passwords –
Privacy Implications of SSIDs in Probe Requests
https://arxiv.org/pdf/2206.03745.pdf
Privacy Implications of SSIDs in Probe Requests
https://arxiv.org/pdf/2206.03745.pdf
Top 5 Free Kubernetes Certifications
The purpose of this post is to share 5 free self-paced certifications that everyone interested in the Kubernetes ecosystem should know:
https://medium.com/geekculture/top-5-free-kubernetes-certifications-8c86b2c5b590
The purpose of this post is to share 5 free self-paced certifications that everyone interested in the Kubernetes ecosystem should know:
https://medium.com/geekculture/top-5-free-kubernetes-certifications-8c86b2c5b590
Medium
Top 5 Free Kubernetes Certifications
Today, Kubernetes is the most adopted open-source platform to orchestrate containers. Research proves IT teams are thinking about…
Forwarded from Sys-Admin InfoSec
Открытый курс по этичному хакингу. Формат: 10% теория / 90% практика.
Это то, что доктор прописал, курс от практикующего Этичного Хакера, Master of Computer Science, OSCP, eWPTXv2, eCPTXv2
Исследователь множественных CVE, автор блога: murat.one, канала: @onebrick, хорошего человека и моего друга, по окончанию курса слушатели будут на уровне junior penetration tester, в общем 10 недель:
• Неделя 1. Введение в коммерческий пентест. Создание рабочей среды
• Неделя 2. Сбор информации. OSINT
• Неделя 3. Техники социальной инженерии
• Неделя 4. Безопасность web-приложений
• Неделя 5. Атака на web-приложения. Автоматические инструменты
• Неделя 6. Безопасность инфраструктуры. Разведка
• Неделя 7. Атаки на инфраструктуру. Metasploit Framework
• Неделя 8. Основы Android приложений и атаки на WiFi
• Неделя 9. Платформы для обучения кибербезопасности
• Неделя 10. Написание коммерческого отчета
Со слов автора - не диктор и возможно придется поставить скорость на 1.5, но лично мне все в самый раз:
• https://youtu.be/oRflkcjm08U
Спасибо @manfromkz за проделанный труд и за открытый awareness паблику 🤝