[ru] Мои "Flex" факторы работы с инфраструктурой, про 12 факторов Heroku и не только
В Августе 2021 года, когда я запускал OPEN BLD DNS и по сегодняшний день - слыхом не слыхивал про методологию THE TWELVE-FACTOR APP, но когда прочитал, понял - у меня все так и было +- на интуитивном уровне, сегодня хочу рассказать свою версию факторов подхода к разработке, деплою, использованию и отслеживанию работоспособности проектов.
Далее о 12 факторах, моей "Flex" методологии и о том, как это все можно применять на практике:
* Статья о 12 факторах Heroku и моего “Flex” взгляда
~~~
[en] My "Flex" factors working with infrastructure and about of 12-factors app from Heroku
Try to use Google Translator, but I created repo and site for my “Flex” concept:
* Repo: https://github.com/m0zgen/flex-doc
* Site: https://flex-doc.pages.dev
В Августе 2021 года, когда я запускал OPEN BLD DNS и по сегодняшний день - слыхом не слыхивал про методологию THE TWELVE-FACTOR APP, но когда прочитал, понял - у меня все так и было +- на интуитивном уровне, сегодня хочу рассказать свою версию факторов подхода к разработке, деплою, использованию и отслеживанию работоспособности проектов.
Далее о 12 факторах, моей "Flex" методологии и о том, как это все можно применять на практике:
* Статья о 12 факторах Heroku и моего “Flex” взгляда
~~~
[en] My "Flex" factors working with infrastructure and about of 12-factors app from Heroku
Try to use Google Translator, but I created repo and site for my “Flex” concept:
* Repo: https://github.com/m0zgen/flex-doc
* Site: https://flex-doc.pages.dev
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
CyrilEx Regex Tester
One of the best regex tester:
* https://extendsclass.com/regex-tester.html
#regex #test
One of the best regex tester:
* https://extendsclass.com/regex-tester.html
#regex #test
Extendsclass
Online Regex tester and visualizer - Python, PHP, Ruby, JavaScript, Java, MySQL
Online regular expression tester for Python, PHP, Ruby, JS, Java and MySQL. Regex visualizer. Syntax highlighting. Cheatsheet. Generate string corresponding to a regex.
macOS Security and Privacy Guide
highly hardenning configarions and examples:
* https://github.com/drduh/macOS-Security-and-Privacy-Guide
highly hardenning configarions and examples:
* https://github.com/drduh/macOS-Security-and-Privacy-Guide
GitHub
GitHub - drduh/macOS-Security-and-Privacy-Guide: Community guide to securing and improving privacy on macOS.
Community guide to securing and improving privacy on macOS. - drduh/macOS-Security-and-Privacy-Guide
Simple Knot Resolver installation and configuration example article (ru)
* Install
* Logging
* DNS, DoT, DoH example config
* DNS Forwarding
* RPZ example section
* DNS Application Firewall
* Caching
- https://sys-adm.in/systadm/986-prostoj-primer-ustanovki-i-nastrojki-knot-resolver.html
* Install
* Logging
* DNS, DoT, DoH example config
* DNS Forwarding
* RPZ example section
* DNS Application Firewall
* Caching
- https://sys-adm.in/systadm/986-prostoj-primer-ustanovki-i-nastrojki-knot-resolver.html
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
IP Reflector - simple Open IP API gateway
Many IP detection service, such as detection: County, ISP, Lat/Lon and etc has limited access.
This services has some limitations, like as requests limitations and HTTP mode only, this limitation may be cause some problems, as example:
- you have service which works on HTTPS, some security limitations will prohibit create requests from HTTPS to HTTP...
IP Reflector it is a simple Open IP API gateway for http://ip-api.com, after run reflector locally / remote, you can use this more or less like this:
You will recieve JSON response:
Link to repo:
* https://github.com/m0zgen/ip-reflector
Many IP detection service, such as detection: County, ISP, Lat/Lon and etc has limited access.
This services has some limitations, like as requests limitations and HTTP mode only, this limitation may be cause some problems, as example:
- you have service which works on HTTPS, some security limitations will prohibit create requests from HTTPS to HTTP...
IP Reflector it is a simple Open IP API gateway for http://ip-api.com, after run reflector locally / remote, you can use this more or less like this:
curl http://127.0.0.1:8000/\?ip=1.1.1.1
You will recieve JSON response:
{"status":"success","country":"Australia","countryCode":"AU","region":"QLD","regionName":"Queensland","city":"South Brisbane","zip":"4101","lat":-27.4766,"lon":153.0166,"timezone":"Australia/Brisbane","isp":"Cloudflare, Inc","org":"APNIC and Cloudflare DNS Resolver project","as":"AS13335 Cloudflare, Inc.","query":"1.1.1.1"}
Link to repo:
* https://github.com/m0zgen/ip-reflector
Ip-Api
IP-API.com - Geolocation API
Free IP Geolocation API - lookup any IP address
Forwarded from Sys-Admin InfoSec
Open BLD DNS Updating News: New BLD release, New tools and more
I'm happy to present new Open BLD release which is already in production 🎉
🌴 Stabilities and Updates:
• Atomizing/Micro-servicing: Different server BLD infrastructure roles
• Alerting coverage: Local and remote BLD services
• Caching: Redis to KeyDB partially changes/migrations
• Caching: Sync caching between different BLD role servers
• Configurable: Minimum TLS version can be setup through config file
• Configurable: Multiple configations supporting
• Configurable: Custom HTTP User Agent for DoH upstreams
• Configurable: Updated conditional Bootstrap and Upstream functionality
• Stability: Auto-recovering and Self-checking mechanisms
🧩 Tools:
• IP Reflector. IP Reflection API Service.
• Monitor.sh. Script for checking systemd unit status
• Self-cert-gen. Simple self signed certificate generator
• monit2telegram. A simple noscript to send Monit alerts using Telegram bot.
• Flex App Additions Methodology. Flow for Engineers, this methodology can be used as additional helper for 12-Factor app or can be used separetely, as standalone practice.
🦚 Agentless BLD:
BLD works without agents or any additional tools and allow to use secure and clean Internet:
• In: Browsers (Chrome, Brave, Firefox, Edge and etc)
• On: Mobile devices (Android, iOS)
• In/On: Computers or networks (Primaty/Secondary DNS)
📟 More details on official BLD site:
• https://lab.sys-adm.in
#free #bld #dns
I'm happy to present new Open BLD release which is already in production 🎉
🌴 Stabilities and Updates:
• Atomizing/Micro-servicing: Different server BLD infrastructure roles
• Alerting coverage: Local and remote BLD services
• Caching: Redis to KeyDB partially changes/migrations
• Caching: Sync caching between different BLD role servers
• Configurable: Minimum TLS version can be setup through config file
• Configurable: Multiple configations supporting
• Configurable: Custom HTTP User Agent for DoH upstreams
• Configurable: Updated conditional Bootstrap and Upstream functionality
• Stability: Auto-recovering and Self-checking mechanisms
🧩 Tools:
• IP Reflector. IP Reflection API Service.
• Monitor.sh. Script for checking systemd unit status
• Self-cert-gen. Simple self signed certificate generator
• monit2telegram. A simple noscript to send Monit alerts using Telegram bot.
• Flex App Additions Methodology. Flow for Engineers, this methodology can be used as additional helper for 12-Factor app or can be used separetely, as standalone practice.
🦚 Agentless BLD:
BLD works without agents or any additional tools and allow to use secure and clean Internet:
• In: Browsers (Chrome, Brave, Firefox, Edge and etc)
• On: Mobile devices (Android, iOS)
• In/On: Computers or networks (Primaty/Secondary DNS)
📟 More details on official BLD site:
• https://lab.sys-adm.in
#free #bld #dns
Mozilla HTTP Observatory
The Mozilla HTTP Observatory is a set of tools to analyze your website and inform you if you are utilizing the many available methods to secure it.
https://github.com/mozilla/http-observatory
#tool
The Mozilla HTTP Observatory is a set of tools to analyze your website and inform you if you are utilizing the many available methods to secure it.
https://github.com/mozilla/http-observatory
#tool
GitHub
GitHub - mozilla/http-observatory: Mozilla HTTP Observatory
Mozilla HTTP Observatory. Contribute to mozilla/http-observatory development by creating an account on GitHub.
How to reset Linux user password with Ansible
* [en] - Read
Как сменить пароль Linux пользователя при помощи Ansible
* [ru] - Читать
* [en] - Read
Как сменить пароль Linux пользователя при помощи Ansible
* [ru] - Читать
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
GitHub Copilot
GitHub Copilot uses the OpenAI Codex to suggest code and entire functions in real-time, right from your editor..
https://github.com/features/copilot
GitHub Copilot uses the OpenAI Codex to suggest code and entire functions in real-time, right from your editor..
https://github.com/features/copilot
GitHub
GitHub Copilot · Your AI pair programmer
GitHub Copilot works alongside you directly in your editor, suggesting whole lines or entire functions for you.
Targeted Deanonymization via the Cache Side Channel: Attacks and Defenses
https://github.com/leakuidatorplusteam/artifacts
https://github.com/leakuidatorplusteam/artifacts
GitHub
GitHub - leakuidatorplusteam/artifacts: The Paper Artifact Availability
The Paper Artifact Availability. Contribute to leakuidatorplusteam/artifacts development by creating an account on GitHub.
AppFlowy.IO - The Open Source Alternative To Notion
You are in charge of your data and customizations.
Documentation:
* https://appflowy.gitbook.io/docs/essential-documentation/contribute-to-appflowy
Official site:
* https://www.appflowy.io
GitHub:
* https://github.com/AppFlowy-IO/appflowy
#need_ro_research
You are in charge of your data and customizations.
Documentation:
* https://appflowy.gitbook.io/docs/essential-documentation/contribute-to-appflowy
Official site:
* https://www.appflowy.io
GitHub:
* https://github.com/AppFlowy-IO/appflowy
#need_ro_research
AppFlowy
AppFlowy is the AI collaborative workspace where you achieve more without losing control of your data
Forwarded from Sys-Admin InfoSec
Open BLD DNS: Our supporter is UptimeRobot
Hey, UptimeRobot it is a very good solution for on-line monitoring tasks. I'm using UptimeRobot over than 10 years for monitoring tasks by:
- Ping availability my Blog and Forum
- HTTP(S) availability and SSL expiry reminders
- Port(s) availability for Open BLD services
- Keyword checking on web-pages
Free plan allow using UptimeRobot with 5 min. interval with notifications to email.
Now, UptimeRobot helps to Open BLD Project to reduce checking intervals to 1 min and now you can checking Open BLD status on:
• https://bld-status.sys-adm.in page.
On my own behalf, I express my deep gratitude to the UptimeRobot service, now the availability and stability of the Open BLD service has more monitoring than it was.
Hey, UptimeRobot it is a very good solution for on-line monitoring tasks. I'm using UptimeRobot over than 10 years for monitoring tasks by:
- Ping availability my Blog and Forum
- HTTP(S) availability and SSL expiry reminders
- Port(s) availability for Open BLD services
- Keyword checking on web-pages
Free plan allow using UptimeRobot with 5 min. interval with notifications to email.
Now, UptimeRobot helps to Open BLD Project to reduce checking intervals to 1 min and now you can checking Open BLD status on:
• https://bld-status.sys-adm.in page.
On my own behalf, I express my deep gratitude to the UptimeRobot service, now the availability and stability of the Open BLD service has more monitoring than it was.
What is CoreDNS?
Short concept presentation from CNCF:
https://www.cncf.io/wp-content/uploads/2020/08/Introduction-to-CoreDNS-1.pdf
Short concept presentation from CNCF:
https://www.cncf.io/wp-content/uploads/2020/08/Introduction-to-CoreDNS-1.pdf
Using Hermes’s Quicksort to run Doom: A tale of JavaScript exploitation
https://engineering.fb.com/2022/07/20/security/hermes-quicksort-to-run-doom/
https://engineering.fb.com/2022/07/20/security/hermes-quicksort-to-run-doom/
Engineering at Meta
Using Hermes’s Quicksort to run Doom: A tale of JavaScript exploitation
At Meta, our Bug Bounty program is an important element of our “defense-in-depth” approach to security. Our internal product security teams investigate every bug submission to assess its maximum po…
PART 1: How I Met Your Beacon – Overview
…During this research we will outline a number of effective strategies for hunting for beacons, supported by our BeaconHunter tool that we developed to execute these strategies and which we intend to open source in due course. In the following posts to this research, we will then step in to a number of case studies for applying these detections to a variety of both commercial and open source frameworks…:
https://www.mdsec.co.uk/2022/07/part-1-how-i-met-your-beacon-overview/
…During this research we will outline a number of effective strategies for hunting for beacons, supported by our BeaconHunter tool that we developed to execute these strategies and which we intend to open source in due course. In the following posts to this research, we will then step in to a number of case studies for applying these detections to a variety of both commercial and open source frameworks…:
https://www.mdsec.co.uk/2022/07/part-1-how-i-met-your-beacon-overview/
MDSec
PART 1: How I Met Your Beacon - Overview - MDSec
Introduction Its no secret that MDSec provides a commercial command-and-control framework with a focus on evasion for covert operations. With this in mind, we are continuously performing on-going R&D in...