Posts

atop - useful tool for investigation and incident RCA on Linux

Atop is an ASCII full-screen performance monitor for Linux that is capable of reporting the activity of all processes (even if processes have finished during the interval), daily logging of system and process activity for long-term analysis, highlighting overloaded system resources by using colors, etc. At regular intervals, it shows system-level activity related to the CPU, memory, swap, disks (including LVM) and network layers, and for every process (and thread) it shows e.g. the CPU utilization, memory growth, disk utilization, priority, username, state, and exit code. In combination with the optional kernel module netatop , it even shows network activity per process/thread. The command atop has some major advantages compared to other performance monitoring tools: Resource consumption by all processes It shows the resource consumption by all processes that were active during the interval, so also the resource consumption by those process

Workload Automation (WLA) vs Robotic Process Automation (RPA)

Workload automation (WLA) and robotic process automation (RPA) are both tools that help businesses automate processes and tasks. While they accomplish some of the same things, there are some key differences between the two, with both offering businesses unique advantages and disadvantages. Both workload automation and robotic process automation make workflows more efficient, can reduce overhead costs, reduce the workload of skilled IT staff members, and can automate repetitive processes and tasks. While often thought of as competing processes, they don’t have to be thought of this way. Instead, in the increasingly complex and dynamic environment of automation, it makes more sense to think of workload automation and robotic process automation as complementary tools. When used correctly, workload automation and robotic process automation can be used together as part of an effective and comprehensive automation strategy. To better understand the differences between the two

A Practical Introduction to Container Terminology

https://developers.redhat.com/blog/2018/02/22/container-terminology-practical-introduction/

SignatureMiner : Anti-Virus Signature Intelligence Tool

SignatureMiner, a semisupervised security framework for Anti-Virus signatures featuring normalization, customization, clustering and knowledge discovery. SignatureMiner is based on MinHash and regular expressions and can be used both for malware label classification and signature-based analytics. (SignatureMiner: A Fast Anti-Virus Signature Intelligence Tool - IEEE Conference Publication, 2020) SignatureMiner is a python tool to mine information from cryptic Antivirus software signatures. It was designed to extract consensus about malware types from the outputs of Multi-scanner tools, but can be leveraged to extract (or mine) useful insights from the signatures themselves. SignatureMiner leverages the well-known minhashing approach to cluster together tokens extracted from clean AV signatures. Those clusters have to be supervised by the user to write some regular expression rules (in python) that SignatureMiner can convert into classification directives. To do this, SignatureM

Virtualbox - Install guest additions on RHEL 8 or CentOS 8

1. First install the following packages required for compilation of guest addition modules # dnf install tar bzip2 kernel-devel-$(uname -r) kernel-headers  perl gcc make elfutils-libelf-devel       2. Install Guest Addition  by running the installation script after mounting guest addition iso # ./VBoxLinuxAdditions.run 3. Check if the guest addition modules has been installed # lsmod | grep vbox       Reference : https://linuxconfig.org/virtualbox-install-guest-additions-on-redhat-8

Types of web hosting - Shared, VPS and Dedicated

Shared hosting - cheap and beginner friendly In a shared hosting environment, you share one server with other customers. These plans include the physical server and the software applications within the server. Each server works similarly to a bulked-up version of your home computer. It has hard drive space, a central processing unit (CPU), and RAM. In a shared hosting space, the host puts hundreds or even thousands of users on a single server. It’s likely that each user has more than one site, and that means one shared server can house thousands of websites. How does it work? These services are affordable because the costs to operate the server are lower. The host shared the cost between you and these other owners. There are, however, some downsides. The main drawback to using shared hosting is that you are sharing all the servers resources with the other websites. Who’s it suitable for? If you are on tight budget, shared hosting is a great option. More co

OPENSSH - List supported Ciphers and Algorithms

We need this list because sometimes our Vulnerabiliy Scanning software points out that some old ciphers are WEAK. From the man pages of SSH:  -Q cipher | cipher-auth | mac | kex | key              Queries ssh for the algorithms supported for the specified version 2.  The available features are: cipher (supported sym‐              metric ciphers), cipher-auth (supported symmetric ciphers that support authenticated encryption), mac (supported message              integrity codes), kex (key exchange algorithms), key (key types). Supported cipher suites [vicky@vicky-centos-7 ~]$  ssh -Q cipher 3des-cbc blowfish-cbc cast128-cbc arcfour arcfour128 arcfour256 aes128-cbc aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com chacha20-poly1305@openssh.com Supported message integrity codes [vicky@vicky-centos-7 ~]$ ssh -Q mac hmac-sha1 hmac-sha1-96 hmac-sha2-256 hmac-sha2-512

Security as a Service (SECaaS)

What is Security as a Service (SECaaS)? Security as a Service (SECaaS) can most easily be described as a cloud delivered model for outsourcing cybersecurity services. Much like Software as a Service, SECaaS provides security services on a subscription basis hosted by cloud providers. Security as a Service solutions have become increasingly popular for corporate infrastructures as a way to ease the in-house security team’s responsibilities, scale security needs as the business grows, and avoid the costs and maintenance of on-premise alternatives. Benefits of Security as a Service Cost Savings One of the biggest benefits of a Security as a Service model is that it saves a business money. A cloud delivered service is often available in subscription tiers with several upgrade options so a business only pays for what they need, when they need. It also eliminates the need for expertise. The Latest Security Tools and Updates When you implement SECaaS, you get

WTF is The Blockchain?

The ultimate 3500-word guide in plain English to understand Blockchain. Author :  Mohit Mamoria SOURCE : https://hackernoon.com/wtf-is-the-blockchain-1da89ba19348

MySQL FLUSH Commands

Flush privileges mysql> FLUSH PRIVILEGES; when we grant some privileges for a user, running the command flush privileges will reloads the grant tables in the mysql database enabling the changes to take effect without reloading or restarting mysql service. Flush TABLES mysql> FLUSH TABLES; The command closes all tables which are currently open or in use. And clears cache which intern make better utilization on available memory. Flush HOSTS mysql> FLUSH HOSTS; The command uses host cache tables, if maximum number of connections has been reached for a particular host, mysql server will not able to make new connections. flushing host tables resets the process and again allows the connections for particular HOST. Flush LOGS mysql> FLUSH LOGS; The command closes and reopens all log files, if log files are to big and taking more time to load then you can run the command which will create an empty log file. REFERENCE / SOURCE : https://www.interserver.net