The document provides information about the Extensible Messaging and Presence Protocol (XMPP):
- XMPP is an open-source communication protocol for message-oriented middleware based on XML. It allows for near-real-time exchange of structured yet extensible data between any two or more network entities.
- XMPP supports instant messaging, presence, multi-party chat, voice and video calls, collaboration, lightweight middleware, content syndication, and generalized routing of XML data.
- The document discusses XMPP architecture, standards, security mechanisms like TLS and SASL, and the basic client-server communication flow when establishing an XMPP connection.
Null 11 june_Malware CNC: Advance Evasion techniques_by Avkash k and dhawal shahnullowaspmumbai
Malware Command and Control: Evasion Tactics and Techniques
Malware is designed to perform malicious actions without catching attention of the user. Malware Authors keep on developing new ideas to stay undetected by security technologies. In order to remain undetected, communication channels between attacker and malware needs to be stealthy and evolving. Making Command and control with attacker to receive on demand commands is an essential phase of the Cyber Kill Chain.
As a result, we are observing continuous advancement into communication channel for Malware Command and control.
In this session, we will try to cover some of the advanced techniques used by Malwares nowadays to communicate with it's command and control.
Network Automation (Bay Area Juniper Networks Meetup)Alejandro Salinas
Network Automation Presentation at the Bay Area Juniper Networks Meetup. Here I present three stories with regards to network automation at Groupon, increasing in complexity as we go through and also touching on some of the process/management challenges.
Null 11 june_Malware CNC: Advance Evasion techniques_by Avkash k and dhawal shahnullowaspmumbai
Malware Command and Control: Evasion Tactics and Techniques
Malware is designed to perform malicious actions without catching attention of the user. Malware Authors keep on developing new ideas to stay undetected by security technologies. In order to remain undetected, communication channels between attacker and malware needs to be stealthy and evolving. Making Command and control with attacker to receive on demand commands is an essential phase of the Cyber Kill Chain.
As a result, we are observing continuous advancement into communication channel for Malware Command and control.
In this session, we will try to cover some of the advanced techniques used by Malwares nowadays to communicate with it's command and control.
Network Automation (Bay Area Juniper Networks Meetup)Alejandro Salinas
Network Automation Presentation at the Bay Area Juniper Networks Meetup. Here I present three stories with regards to network automation at Groupon, increasing in complexity as we go through and also touching on some of the process/management challenges.
What's New in Cumulus Linux 2.5.5?
Cumulus Linux 2.5.5 supports these new features:
- netshow has been moved to the main repository in Cumulus Linux
- Integration with Nutanix Prism: View basic Cumulus Linux status information from your Prism GUI
- Stability enhancements to BGP, MLAG and VXLAN
The talk first walks over some of the security issues of the older versions of the SSL/TLS protocol. Then It introduces the upcomint TLS 1.3 version, presenting its new features and adoption status.
What's New in Cumulus Linux 2.5.5?
Cumulus Linux 2.5.5 supports these new features:
- netshow has been moved to the main repository in Cumulus Linux
- Integration with Nutanix Prism: View basic Cumulus Linux status information from your Prism GUI
- Stability enhancements to BGP, MLAG and VXLAN
The talk first walks over some of the security issues of the older versions of the SSL/TLS protocol. Then It introduces the upcomint TLS 1.3 version, presenting its new features and adoption status.
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI
This presentation part of Prisma CSI's Practical White Hat Hacker Training v1
PRISMA CSI • Cyber Security and Intelligence www.prismacsi.com
This document can be shared or used by quoted and used for commercial purposes, but can not be changed. Detailed information is available at https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.
"The benefit of real-time data can be measured by how frequently the data in question changes, nowhere is this more apparent than threat detection. Responding to an ever changing landscape of attacks and exploits requires a system that can not only handle the scale and dynamic nature of the data but also a dynamically changing set of detection rules. We developed Confluent SIGMA, an open source project built on Kafka Streams for the open SIGMA DSL, to handle real-time rule additions and modifications. In this talk we will cover:
* The architecture of our Kafka Streams layer that makes it possible to use external data feeds as rule input
* How we handle dynamic criteria for joins and filters
* Best practices for writing dynamic rule engines in Kafka Streams
* Upcoming improvements to Kafka Streams to support versioned rules
Although Confluent SIGMA focuses on cyber threat detection this same pattern can also be applied to any DSL (domain specific language) that would benefit from real-time stream processing. After attending you will have the framework to drive dynamic rules through Kafka Streams for any use case that might require it."
Network scanning with Nmap for Noobs and Ninjas - This slide was presented at Null Delhi monthly security meet by Nikhil and Jayvardhan.
https://www.facebook.com/nullOwaspDelhi/
Abandon Decades-Old TCPdump for Modern TroubleshootingAvi Networks
Are you tired of troubleshooting with TCPdump? The Avi Vantage Platform is here to help. Learn how you can abandon your decades-old CPU-intensive logging tools – and gain intuitive, real-time analytics, faster time-to-resolution, modern SSL encryption, and (most importantly) happy IT teams focused on delivering applications.
Watch this Avi webinar to #ByeByeTCPdump forever and learn:
- Why TCPdump should be your tool of last resort
- How headers compressed with HTTP/2, SSL leveraging PFS, and distributed systems have rendered certain tools useless
- How automation and visibility can help you troubleshoot more quickly
- How you can replace TCPdump with intelligent logs and analytics
Watch the full webinar: https://info.avinetworks.com/webinars-avi-tech-corner-episode-1
Packet Analysis - Course Technology Computing Conference
Presenter: Lisa Bock - Pennsylvania College of Technology
Most network administrators are well-versed in hardware, applications, operating systems, and network analysis tools. However, many are not trained in analyzing network traffic. Network administrators should be able to identify normal network traffic in order to determine unusual or suspicious activity. Network packet analysis is important in order to troubleshoot congestion issues, create firewall and intrusion detection system rules, and perform incident and threat detection. This hands-on presentation will review fundamental concepts necessary to analyze network traffic, beginning with an overview of network analysis, then a review the TCP/IP protocol suite and LAN operations. Participants will examine packet captures and understand the field values of the protocols and as to what is considered normal behavior, and then examine captures that show exploits, network reconnaissance, and signatures of common network attacks. The program will use Wireshark, a network protocol analyzer for Unix and Windows, to study network packets, look at basic features such as display and capture filters, and examine common protocols such as TCP, HTTP, DNS, and FTP. Time permitting, the presentation will provide suggestions on how to troubleshoot performance problems, conduct a network baseline, and how to follow a TCP or UDP stream and see HTTP artifacts. Participants should have a basic knowledge of computer networking and an interest in the subject.
Reconsider TCPdump for Modern TroubleshootingAvi Networks
Are you tired of troubleshooting with TCPdump? The Avi Vantage Platform is here to help. Learn how you can reconsider your decades-old CPU-intensive logging tools – and gain intuitive, real-time analytics, faster time-to-resolution, modern SSL / TLS encryption, and (most importantly) happy IT teams focused on delivering applications.
Watch this Avi webinar to learn:
- Why TCPdump should be your tool of last resort
- How headers compressed with HTTP/2, PFS, and distributed systems have rendered certain tools useless
- How you can replace TCPdump with intelligent logs and analytics
- How to future proof your troubleshooting tools with HTTP/3, TLS 1.3, containers and Kubernetes
Watch on-demand here https://www.networkworld.com/resources/form?placement_id=de4979d3-4f46-498e-8285-2bdad91ca3fb&brand_id=512
CNIT 50: 6. Command Line Packet Analysis ToolsSam Bowne
For a college class in Network Security Monitoring at CCSF.
Course website: https://samsclass.info/50/50_F17.shtml
Based on "The Practice of Network Security Monitoring: Understanding Incident Detection and Response" by Richard Bejtlich, No Starch Press; 1 edition (July 26, 2013), ASIN: B00E5REN34
JDO 2019: Service mesh with Istio - Mariusz GilPROIDEA
Architektura mikroserwisowa niesie ze sobą wiele wyzwań, zarówno w kwestii kodu i odpowiedzialności realizowanych przez poszczególne usługi jak i komunikacji pomiędzy nimi. Ta sieć powiązanych ze sobą aplikacji, nieustannie komunikujących się z użyciem różnych protokołów staje się zwykle wraz z upływem czasu coraz bardziej skomplikowana i trudniejsza w codziennym zarządzaniu. Istio jest jednym z narzędzi pomagających zapanować nad skomplikowanym service meshem, oferującym szereg funkcjonalności związanych choćby z load balancingiem ruchu sieciowego, autentykacji, monitoringu, trackowania… W trakcie prezentacji zapoznasz się więc zarówno z architekturą Istio jak i typowymi przypadkami użycia tego rozwiązania.
Similar to Extensible Messaging and Presence Protocol (XMPP) (20)
A pragmatic lightweight dependency injection framework for Kotlin developers. Written in pure Kotlin using functional resolution only: no proxy, no code generation, no reflection!
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
Globus Connect Server Deep Dive - GlobusWorld 2024Globus
We explore the Globus Connect Server (GCS) architecture and experiment with advanced configuration options and use cases. This content is targeted at system administrators who are familiar with GCS and currently operate—or are planning to operate—broader deployments at their institution.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Graspan: A Big Data System for Big Code AnalysisAftab Hussain
We built a disk-based parallel graph system, Graspan, that uses a novel edge-pair centric computation model to compute dynamic transitive closures on very large program graphs.
We implement context-sensitive pointer/alias and dataflow analyses on Graspan. An evaluation of these analyses on large codebases such as Linux shows that their Graspan implementations scale to millions of lines of code and are much simpler than their original implementations.
These analyses were used to augment the existing checkers; these augmented checkers found 132 new NULL pointer bugs and 1308 unnecessary NULL tests in Linux 4.4.0-rc5, PostgreSQL 8.3.9, and Apache httpd 2.2.18.
- Accepted in ASPLOS ‘17, Xi’an, China.
- Featured in the tutorial, Systemized Program Analyses: A Big Data Perspective on Static Analysis Scalability, ASPLOS ‘17.
- Invited for presentation at SoCal PLS ‘16.
- Invited for poster presentation at PLDI SRC ‘16.
E-commerce Application Development Company.pdfHornet Dynamics
Your business can reach new heights with our assistance as we design solutions that are specifically appropriate for your goals and vision. Our eCommerce application solutions can digitally coordinate all retail operations processes to meet the demands of the marketplace while maintaining business continuity.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Do you want Software for your Business? Visit Deuglo
Deuglo has top Software Developers in India. They are experts in software development and help design and create custom Software solutions.
Deuglo follows seven steps methods for delivering their services to their customers. They called it the Software development life cycle process (SDLC).
Requirement — Collecting the Requirements is the first Phase in the SSLC process.
Feasibility Study — after completing the requirement process they move to the design phase.
Design — in this phase, they start designing the software.
Coding — when designing is completed, the developers start coding for the software.
Testing — in this phase when the coding of the software is done the testing team will start testing.
Installation — after completion of testing, the application opens to the live server and launches!
Maintenance — after completing the software development, customers start using the software.
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
Navigating the Metaverse: A Journey into Virtual Evolution"Donna Lenk
Join us for an exploration of the Metaverse's evolution, where innovation meets imagination. Discover new dimensions of virtual events, engage with thought-provoking discussions, and witness the transformative power of digital realms."
2. Extensible Messaging and Presence
Protocol (XMPP)
• A communication protocol based on XML.
• Designed to be extensible.
• Jeremie Miller began working on the Jabber technology in 1998.
(Originally named Jabber)
2
1999~2000
RFC 3920
RFC 3921
2011
RFC 6120
RFC 6121
RFC 6122
2015
RFC 7622
11. Stream Negotiation - Presence
11
<presence ….>
<show/>
</presence>
TC
P
sean@cyberlink.com cyberlink.co
m
12. Stream Negotiation - iq
12
<iq id=“1” type=“get”>
…
</iq>
TC
P
sean@cyberlink.com cyberlink.co
m
<iq id=“1” type=“result”>
…
</iq>
type: get, set, result, error
13. Stream Negotiation - message
13
<message….>
Hello
</message>
TC
P
sean@cyberlink.com cyberlink.co
m
14. Stream Negotiation – Close Stream
14
</stream>
TC
P
sean@cyberlink.com cyberlink.co
m
</stream>
15. Client Server Communication Overview
15
<?xml version='1.0'?>
<stream
from=“samo@cyberlink.com”
to=“cyberlink.com”>
<presence
…>Online</presence>
<iq …>…</iq>
<message
…>Hello</message>
</stream>
16. Authentication for XMPP
• Transport Layer Security (TLS)
▫ Secure the stream from tampering and eavesdropping.
▫ MUST send a new initial stream header after finish.
• Simple Authentication and Security Layer (SASL)
▫ Authenticate a stream. (U: base64(id+token))
▫ MUST send a new initial stream header after finish.
16
17. Cryptography
• Symmetric
▫ Use the same key for encrypt/decrypt.
▫ Security: Poor
▫ Performance: Good
• Asymmetric
▫ Use public key for encryption and use private for decryption.
▫ Security: Good
▫ Performance: Poor
17
35. Restarts
• On successful negotiation of a feature that necessitates a stream
restart, both parties MUST consider the previous stream to be
replaced but MUST NOT send a closing </stream> tag and MUST
NOT terminate the underlying TCP connection.
• The initiating entity then MUST send a new initial stream header.
35
42. Currently Design for U
• Remove the mechanism of RESTART.
• Add <CLResumed/> for doing SASL and binding again after reconnecting.
42
43. CLResume: server give info
43
<clresumed xmlns="urn:xmpp:custom:resume"
status="success"
sessionid="g2gEbQAAAAYzMTgwMDFtAAAAD3UuY3liZXJsa
W5rLmNvbW0AAAAkRjg5MjlFMzctRTAwMi00QzdGLTlEOTgt
RjkxNTFGNUQ3NEI5aANiAAAFkmIACeRcYgAM3cE="
expiration="2592000"/>
TC
P
sean@cyberlink.com cyberlink.co
m
46. XMPP Connection Steps w/o clresume
C -> S stream
C <- S stream / feature:starttls
C -> S starttls
C <- S proceed
C <> S tls handshake
C -> S stream
C <- S stream / feature:sasl
C -> S auth
C <- S auth
C -> S stream
C <- S stream / feature:bind
C -> S bind
C <- S bind
47. XMPP Connection Steps w/ clresume
(not resume case)
C -> S stream
C <- S stream / feature:starttls
C -> S starttls
C <- S proceed
C <> S tls handshake
C -> S stream
C <- S stream / feature:sasl
C -> S auth
C <- S auth
C -> S stream
C <- S stream / feature:bind
C -> S bind
C <- S bind
C <- S clresume
48. XMPP Connection Steps w/ CLResume
(resume case)
C -> S stream
C <- S stream / feature:starttls
C -> S starttls
C <- S proceed
C <> S tls handshake
C -> S stream
C <- S stream / feature:sasl
C -> S clresume
C <- S clresume