Mike Weber's training class on monitoring Linux mail servers with Nagios. The training session was held during the Nagios World Conference North America held Sept 27-29th, 2011 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna
Introduction to InSpec and 1.0 release updateAlex Pop
Contains an introduction to infrastructure and compliance tests as code and how InSpec can be used for this.
Agenda:
* Why infrastructure tests as code
* What is InSpec and how it works
* Core and custom resources
* What's new in InSpec 1.0 (released Sept 26, 2016)
* Documentation and installation
* Integrations
* Demo
* Chef Community Summit
Jumpstart your education on learning Chef InSpec to turn your DevOps into DevSecOps, by automating your integration testing and compliance/security scanning.
Code testing and Continuous Integration are just the first step in a source code to production process. Combined with infrastructure-as-code tools such as Puppet the whole process can be automated, and tested!
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios
Mike Weber's presentation on Expanding NRDS Capabilities on Linux Systems.
The presentation was given during the Nagios World Conference North America held Oct 13th - Oct 16th, 2014 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/conference
InSpec Workshop at Velocity London 2018Mandi Walls
InSpec is an open-source testing framework that allows users to test and enforce security configurations and compliance for infrastructure code. It uses human-readable tests and resources to check configurations and generate reports. Users can write InSpec tests and profiles to test systems locally or remotely, address security issues, and integrate testing into development workflows using tools like Test Kitchen.
This document discusses the configuration of various server services, including:
- Setting up an Apache web server with SSL encryption and generating SSL certificates.
- Additional Apache configurations like virtual hosting, CGI scripts, and SELinux contexts.
- Basic SMTP configuration using Postfix and setting up an internal mail server.
- Configuring a caching-only DNS server using Named.
- Setting up NFS for file sharing between servers.
- Enabling file sharing with Windows clients using Samba (CIFS).
- Configuring an anonymous FTP server with vsftpd.
It provides instructions and examples for configuring each of these services on Linux servers.
Symfony 4.0 + - Track Technique eZ Roadshow 2019 - PARISeZ Systems
The document discusses several new features in Symfony 4.x that can be used in eZ Platform v3.x, including Symfony Flex, the Lock Component, and the Messenger Component. It also covers the Symfony Maker Bundle, Cache Component improvements, the new HttpClient Component, and options for the HttpClient. Finally, it mentions the Symfony Mime Component for creating emails.
digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...digitalSTROM.org
Manfred Stock, Entwickler bei der Winterthurer Softwareschmiede futureLAB, besprach die Verbindung von etablierter Heimelektronik mit digitalSTROM am Beispiel des Squeezebox Servers von Logitech, der Musik in mehreren Räumen abspielt. Vorausgesetzt die Hard- oder Software bietet eine offene Schnittstelle kann diese via JSON-Schnittstelle mit dem dSS kommunizieren und eine digitalSTROM-Wohnung steuern. Stock programmierte dazu ein Plugin in Perl, das sich in den Squeezebox Server integriert. So wird die Fernbedienung des Soundsystems zum Eingabegerät für digitalSTROM.
Mehr unter: www.digitalstrom.org
Introduction to InSpec and 1.0 release updateAlex Pop
Contains an introduction to infrastructure and compliance tests as code and how InSpec can be used for this.
Agenda:
* Why infrastructure tests as code
* What is InSpec and how it works
* Core and custom resources
* What's new in InSpec 1.0 (released Sept 26, 2016)
* Documentation and installation
* Integrations
* Demo
* Chef Community Summit
Jumpstart your education on learning Chef InSpec to turn your DevOps into DevSecOps, by automating your integration testing and compliance/security scanning.
Code testing and Continuous Integration are just the first step in a source code to production process. Combined with infrastructure-as-code tools such as Puppet the whole process can be automated, and tested!
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios
Mike Weber's presentation on Expanding NRDS Capabilities on Linux Systems.
The presentation was given during the Nagios World Conference North America held Oct 13th - Oct 16th, 2014 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/conference
InSpec Workshop at Velocity London 2018Mandi Walls
InSpec is an open-source testing framework that allows users to test and enforce security configurations and compliance for infrastructure code. It uses human-readable tests and resources to check configurations and generate reports. Users can write InSpec tests and profiles to test systems locally or remotely, address security issues, and integrate testing into development workflows using tools like Test Kitchen.
This document discusses the configuration of various server services, including:
- Setting up an Apache web server with SSL encryption and generating SSL certificates.
- Additional Apache configurations like virtual hosting, CGI scripts, and SELinux contexts.
- Basic SMTP configuration using Postfix and setting up an internal mail server.
- Configuring a caching-only DNS server using Named.
- Setting up NFS for file sharing between servers.
- Enabling file sharing with Windows clients using Samba (CIFS).
- Configuring an anonymous FTP server with vsftpd.
It provides instructions and examples for configuring each of these services on Linux servers.
Symfony 4.0 + - Track Technique eZ Roadshow 2019 - PARISeZ Systems
The document discusses several new features in Symfony 4.x that can be used in eZ Platform v3.x, including Symfony Flex, the Lock Component, and the Messenger Component. It also covers the Symfony Maker Bundle, Cache Component improvements, the new HttpClient Component, and options for the HttpClient. Finally, it mentions the Symfony Mime Component for creating emails.
digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...digitalSTROM.org
Manfred Stock, Entwickler bei der Winterthurer Softwareschmiede futureLAB, besprach die Verbindung von etablierter Heimelektronik mit digitalSTROM am Beispiel des Squeezebox Servers von Logitech, der Musik in mehreren Räumen abspielt. Vorausgesetzt die Hard- oder Software bietet eine offene Schnittstelle kann diese via JSON-Schnittstelle mit dem dSS kommunizieren und eine digitalSTROM-Wohnung steuern. Stock programmierte dazu ein Plugin in Perl, das sich in den Squeezebox Server integriert. So wird die Fernbedienung des Soundsystems zum Eingabegerät für digitalSTROM.
Mehr unter: www.digitalstrom.org
While there have been many improvements around securing containers, there is still a large gap in monitoring the behaviour of containers in production. Sysdig Falco is an open source behavioural activity monitor for containerized environments.
Sysdig Falco can detect and alert on anomalous behaviour at the application, file, system, and network level. In this session get a deep dive into Falco: How does behavioural security differ from existing security solutions like image scanning, seccomp, SELinux or AppArmor? What can Sysdig Falco detect? Building and customizing rules for your Docker and Kubernetes apps. Forensics analysis with Sysdig Inspect even when the container doesn't exist anymore!
Read more on:
https://sysdig.com/blog/docker-runtime-security/
https://sysdig.com/blog/runtime-security-kubernetes-sysdig-falco/
Security and dev ops for high velocity organizationsChef
This document discusses Chef Compliance and how it helps with security and DevOps for organizations that move quickly. It introduces InSpec, an open source framework that allows defining infrastructure compliance and security checks as code. With InSpec, compliance checks can be automated and run continuously alongside infrastructure code. Traditional compliance is time-consuming and separate from development workflows, but defining compliance specifications in InSpec code allows integrating compliance into DevOps pipelines for continuous verification.
A massive attack was revealed that exploited the Shellshock vulnerability in QNAP NAS devices. The attackers deployed a payload that patched the vulnerability, armed the devices for DDOS attacks, and installed a scanner to search for more vulnerable devices. Over 500 compromised devices were detected. The payload installed a backdoor that could control the armed devices for DDOS attacks through IRC commands.
So you’ve managed to get a foothold into the web server — now what? Privilege escalation can be an intimidating process for those unfamiliar with Linux systems or advanced penetration testing techniques. Servers are often cluttered with utilities, backups, and files; how do you find your way through to a root shell? Where are the first places an attacker might look for exploitable vulnerabilities? In this workshop, participants will learn about common privilege escalation paths on Linux systems, including sticky bits, shell escapes, wildcard injections, and how to identify vulnerable services. This presentation will demonstrate several techniques for those looking to improve their security skills.
(This was originally presented on February 22, 2010 at Day of Shecurity Boston 2019).
(This was originally presented on February 22, 2010 at Day of Shecurity Boston 2019).
(This was originally presented on February 22, 2010 at Day of Shecurity Boston 2019).
(This was originally presented at BSides Columbus 2019 on March 1, 2019.)
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru OtsukaCODE BLUE
This document discusses methods for jailbreaking iOS devices by exploiting vulnerabilities to escalate privileges and disable security mitigations. It summarizes 3 key steps:
1) Using CVE-2016-7637 and CVE-2016-7661 to perform privilege escalation to root level access via a man-in-the-middle attack on the com.apple.iohideventsystem port.
2) Using CVE-2016-7644, a use-after-free bug, to gain the kernel task port, allowing control of the kernel.
3) Overwriting ipc_port data structures to fake the kernel task port and obtain full kernel write privileges, bypassing security mechanisms like AMCC
Running Docker in Development & Production (#ndcoslo 2015)Ben Hall
The document discusses running Docker in development and production. It covers:
- Using Docker containers to run individual services like Elasticsearch or web applications
- Creating Dockerfiles to build custom images
- Linking containers together and using environment variables for service discovery
- Scaling with Docker Compose, load balancing with Nginx, and service discovery with Consul
- Clustering containers together using Docker Swarm for high availability
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04Febi Gelar Ramadhan
The document provides steps to install and configure Nagios3 monitoring on Ubuntu 12.04. It involves installing Nagios3 and Apache2 packages, configuring host definitions and services to monitor for three hosts, grouping the hosts, defining service checks, and restarting Nagios after configuration. Finally, a username and password are set up to access the Nagios web interface and confirm monitoring of the three hosts.
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
At our OC DevOps Meetup, we invited Rami Al-Ghami, a Sr. Software engineer at Workday to deliver a presentation on a Hands-On Terraform Best Concepts and Best Practices.
The software lifecycle does not end when the developer packages their code and makes it ready for deployment. The delivery of this code is an integral part of shipping a product. Infrastructure orchestration and resource configuration should follow a similar lifecycle (and process) to that of the software delivered on it. In this talk, Rami will discuss how to use Terraform to automate your infrastructure and software delivery.
This document describes Windows Credentials Editor (WCE), a tool that can dump and manipulate Windows logon session credentials from memory without requiring code injection. It discusses two implementation methods - using the authentication package API or directly reading LSASS process memory. The memory reading method is safer as it does not require running code in LSASS. It works by reversing the LSASS data structures to find logon sessions and credentials, then decrypting credentials using encryption keys and initialization vectors read from LSASS memory.
This document provides instructions for installing Subversion on Ubuntu with Apache, SSL, and BasicAuth. It describes how to install Subversion and Apache components, create SVN repositories, configure Apache, set up password authentication, and enable HTTPS access to the SVN repositories. The key steps are to create SVN databases under /var/svn, configure the dav_svn.conf file, set up password authentication with htpasswd, restart Apache, and test access over HTTPS.
Running Docker in Development & Production (DevSum 2015)Ben Hall
This document provides an overview of Docker containers and how to use Docker for development and production environments. It discusses Docker concepts like images, containers, and Dockerfiles. It also demonstrates how to build images, run containers, link containers, manage ports, and use Docker Compose. The document shows how Docker can be used to develop applications using technologies like ASP.NET, Node.js, and Go. It also covers testing, deploying to production, and optimizing containers for production.
Real World Lessons on the Pain Points of Node.js ApplicationsBen Hall
The document discusses several pain points experienced with Node.js applications and solutions for resolving them. It covers creating a strong foundation by upgrading to Node.js v5, locking down NPM dependencies, handling errors properly with try/catch blocks and promises, deploying applications using Docker for scaling, addressing security issues, and using tools like debug and profilers to improve performance.
Continuous Delivery helps to keep your software and Docker images updated and deploy new versions in production easily. Microservices are great reducing the attack vector and limiting the privileges or credentials access of each piece of your application. Containers provide an opportunity to implement better security, small, immutable, single process and purpose. In this session, we will discover real use case examples on how to make your CI/CD pipeline interact with Docker security tools. But security doesn’t stop where your deployment pipeline ends. How we can prepare for 0-days and policy violations that happen at run-time? Can we make it part of the CI/CD process?
The document discusses building secure code by rigorously testing it through automated attacks and verification. It introduces the concept of "ruggedization" where code is made resilient through repeated, automated testing against attacks. This helps code handle adversity in unexpected ways and provides unrealized value. It promotes using the Gauntlet framework to put code through extensive security testing with tools like nmap, metasploit, fuzzers and custom attacks to improve security.
Get hands-on with security features and best practices to protect your containerized services. Learn to push and verify signed images with Docker Content Trust, and collaborate with delegation roles. Intermediate to advanced level Docker experience recommended, participants will be building and pushing with Docker during the workshop.
Led By Docker Security Experts:
Riyaz Faizullabhoy
David Lawrence
Viktor Stanchev
Experience Level: Intermediate to advanced level Docker experience recommended
While there have been many improvements around securing containers, there is still a large gap in monitoring the behaviour of containers in production. Sysdig Falco is an open source behavioural activity monitor for containerized environments.
Sysdig Falco can detect and alert on anomalous behaviour at the application, file, system, and network level. In this session get a deep dive into Falco: How does behavioural security differ from existing security solutions like image scanning, seccomp, SELinux or AppArmor? What can Sysdig Falco detect? Building and customizing rules for your Docker and Kubernetes apps. Forensics analysis with Sysdig Inspect even when the container doesn't exist anymore!
Read more on:
https://sysdig.com/blog/docker-runtime-security/
https://sysdig.com/blog/runtime-security-kubernetes-sysdig-falco/
Security and dev ops for high velocity organizationsChef
This document discusses Chef Compliance and how it helps with security and DevOps for organizations that move quickly. It introduces InSpec, an open source framework that allows defining infrastructure compliance and security checks as code. With InSpec, compliance checks can be automated and run continuously alongside infrastructure code. Traditional compliance is time-consuming and separate from development workflows, but defining compliance specifications in InSpec code allows integrating compliance into DevOps pipelines for continuous verification.
A massive attack was revealed that exploited the Shellshock vulnerability in QNAP NAS devices. The attackers deployed a payload that patched the vulnerability, armed the devices for DDOS attacks, and installed a scanner to search for more vulnerable devices. Over 500 compromised devices were detected. The payload installed a backdoor that could control the armed devices for DDOS attacks through IRC commands.
So you’ve managed to get a foothold into the web server — now what? Privilege escalation can be an intimidating process for those unfamiliar with Linux systems or advanced penetration testing techniques. Servers are often cluttered with utilities, backups, and files; how do you find your way through to a root shell? Where are the first places an attacker might look for exploitable vulnerabilities? In this workshop, participants will learn about common privilege escalation paths on Linux systems, including sticky bits, shell escapes, wildcard injections, and how to identify vulnerable services. This presentation will demonstrate several techniques for those looking to improve their security skills.
(This was originally presented on February 22, 2010 at Day of Shecurity Boston 2019).
(This was originally presented on February 22, 2010 at Day of Shecurity Boston 2019).
(This was originally presented on February 22, 2010 at Day of Shecurity Boston 2019).
(This was originally presented at BSides Columbus 2019 on March 1, 2019.)
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru OtsukaCODE BLUE
This document discusses methods for jailbreaking iOS devices by exploiting vulnerabilities to escalate privileges and disable security mitigations. It summarizes 3 key steps:
1) Using CVE-2016-7637 and CVE-2016-7661 to perform privilege escalation to root level access via a man-in-the-middle attack on the com.apple.iohideventsystem port.
2) Using CVE-2016-7644, a use-after-free bug, to gain the kernel task port, allowing control of the kernel.
3) Overwriting ipc_port data structures to fake the kernel task port and obtain full kernel write privileges, bypassing security mechanisms like AMCC
Running Docker in Development & Production (#ndcoslo 2015)Ben Hall
The document discusses running Docker in development and production. It covers:
- Using Docker containers to run individual services like Elasticsearch or web applications
- Creating Dockerfiles to build custom images
- Linking containers together and using environment variables for service discovery
- Scaling with Docker Compose, load balancing with Nginx, and service discovery with Consul
- Clustering containers together using Docker Swarm for high availability
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04Febi Gelar Ramadhan
The document provides steps to install and configure Nagios3 monitoring on Ubuntu 12.04. It involves installing Nagios3 and Apache2 packages, configuring host definitions and services to monitor for three hosts, grouping the hosts, defining service checks, and restarting Nagios after configuration. Finally, a username and password are set up to access the Nagios web interface and confirm monitoring of the three hosts.
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
At our OC DevOps Meetup, we invited Rami Al-Ghami, a Sr. Software engineer at Workday to deliver a presentation on a Hands-On Terraform Best Concepts and Best Practices.
The software lifecycle does not end when the developer packages their code and makes it ready for deployment. The delivery of this code is an integral part of shipping a product. Infrastructure orchestration and resource configuration should follow a similar lifecycle (and process) to that of the software delivered on it. In this talk, Rami will discuss how to use Terraform to automate your infrastructure and software delivery.
This document describes Windows Credentials Editor (WCE), a tool that can dump and manipulate Windows logon session credentials from memory without requiring code injection. It discusses two implementation methods - using the authentication package API or directly reading LSASS process memory. The memory reading method is safer as it does not require running code in LSASS. It works by reversing the LSASS data structures to find logon sessions and credentials, then decrypting credentials using encryption keys and initialization vectors read from LSASS memory.
This document provides instructions for installing Subversion on Ubuntu with Apache, SSL, and BasicAuth. It describes how to install Subversion and Apache components, create SVN repositories, configure Apache, set up password authentication, and enable HTTPS access to the SVN repositories. The key steps are to create SVN databases under /var/svn, configure the dav_svn.conf file, set up password authentication with htpasswd, restart Apache, and test access over HTTPS.
Running Docker in Development & Production (DevSum 2015)Ben Hall
This document provides an overview of Docker containers and how to use Docker for development and production environments. It discusses Docker concepts like images, containers, and Dockerfiles. It also demonstrates how to build images, run containers, link containers, manage ports, and use Docker Compose. The document shows how Docker can be used to develop applications using technologies like ASP.NET, Node.js, and Go. It also covers testing, deploying to production, and optimizing containers for production.
Real World Lessons on the Pain Points of Node.js ApplicationsBen Hall
The document discusses several pain points experienced with Node.js applications and solutions for resolving them. It covers creating a strong foundation by upgrading to Node.js v5, locking down NPM dependencies, handling errors properly with try/catch blocks and promises, deploying applications using Docker for scaling, addressing security issues, and using tools like debug and profilers to improve performance.
Continuous Delivery helps to keep your software and Docker images updated and deploy new versions in production easily. Microservices are great reducing the attack vector and limiting the privileges or credentials access of each piece of your application. Containers provide an opportunity to implement better security, small, immutable, single process and purpose. In this session, we will discover real use case examples on how to make your CI/CD pipeline interact with Docker security tools. But security doesn’t stop where your deployment pipeline ends. How we can prepare for 0-days and policy violations that happen at run-time? Can we make it part of the CI/CD process?
The document discusses building secure code by rigorously testing it through automated attacks and verification. It introduces the concept of "ruggedization" where code is made resilient through repeated, automated testing against attacks. This helps code handle adversity in unexpected ways and provides unrealized value. It promotes using the Gauntlet framework to put code through extensive security testing with tools like nmap, metasploit, fuzzers and custom attacks to improve security.
Get hands-on with security features and best practices to protect your containerized services. Learn to push and verify signed images with Docker Content Trust, and collaborate with delegation roles. Intermediate to advanced level Docker experience recommended, participants will be building and pushing with Docker during the workshop.
Led By Docker Security Experts:
Riyaz Faizullabhoy
David Lawrence
Viktor Stanchev
Experience Level: Intermediate to advanced level Docker experience recommended
This document summarizes three penetration testing activities using different tools:
1) Configuring a proxy using Zap to intercept and analyze web traffic.
2) Using DirBuster to discover file directories on a target website by brute forcing common folders and files.
3) Scanning a Metasploitable virtual machine for web vulnerabilities using Nikto and confirming open ports with Nmap. Basic commands for using MACChanger to change a machine's MAC address are also outlined.
The document discusses using InSpec to build security into workflows by creating tests to check for compliance. InSpec allows writing tests in a human-readable format to test security configurations and ensure compliance with policies. Tests can be run locally or remotely on servers to check configurations and are integrated with DevOps workflows through profiles and controls.
Compliance as Code: Velocity with Security - Fraser Pollock, ChefAlert Logic
This document discusses mapping compliance documents to InSpec controls for auditing infrastructure. It provides an example of mapping a compliance control related to setting the SSH protocol to version 2. It demonstrates implementing this control in InSpec by defining a title, description, and test to check the SSH configuration file. It also shows how to run the InSpec control locally and remotely on infrastructure to automate compliance testing.
5. hands on - building local development environment with Open Manovideos
This document describes how to build a local development environment using OpenMANO to test network scenarios and virtualized network functions (VNFs). It provides instructions on configuring OpenMANO and OpenVIM, creating tenants, networks, and VNF descriptors, and deploying a sample network scenario with four VNFs connected in series. The deployed scenario can then be managed and monitored using the OpenMANO graphical user interface.
Terraform is used to manage infrastructure as code. InSpec is a powerful framework for validating that infrastructure. In combination they allow for fast, safe infrastructure automation.
Lab Zero Lunchdown: Deploying Elixir and Phoenix Applicationsbrien_wankel
This Elixir deployment overview will recommend two different approaches to getting your application deployed.
You will learn about both containerized deploys and OTP deploys and the hope is to provide enough information that you can decide which is right for your situations.
The talk will also cover some common situations that must be considered when it comes to the Elixir build and deploy workflow.
Mike Weber's presentation on using Nagios with NRPE.
The presentation was given during the Nagios World Conference North America held Sept 25-28th, 2012 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna
Automating Compliance with InSpec - Chef Singapore MeetupMatt Ray
July 24, 2017 slides and demo for Automating Compliance with InSpec. The associated GitHub repository is here: https://github.com/mattray/inspec-workshop
This document provides a quick introduction to InSpec, which is a human-readable specification language for defining security and compliance tests. It can be used to create, share, and reuse test profiles to verify characteristics of systems and applications. The document demonstrates writing InSpec tests and profiles to check configuration settings like SSH protocol version. InSpec integrates with tools like Test Kitchen and can test any target, including local systems, remote hosts over SSH/WinRM, Docker containers, and cloud resources. Profiles allow packaging and sharing sets of InSpec tests.
A Docker-based Development Environment Even I Can UnderstandJeremy Gimbel
Jeremy Gimbel of Vector Media Group at ExpressionEngine Conference 2018
For years, I used MAMP and later Vagrant to run my local development environment. With MAMP I constantly was cluttering my computer with additional dependencies and living in fear of what would happen when my code went live on staging and production servers wildly different than my local setup. Vagrant was a slight improvement, but the virtual machines were monolithic and hard to build. Like many, my first few attempts at Docker failed miserably and left me with more questions than I had going in and very few answers. Through much research and the guiding voices of my colleagues, I’ve finally managed to wrangle the beast that is Docker into a development environment that is more flexible than ever before and yet easy to use. In this session I will walk attendees through the basics of Docker, the components of my Docker development environment and help guide them around some of the pitfalls I came across while I set it up.
The document discusses security in database systems. It covers topics like leaving the virtual machine network adapter in bridge mode, configuring Kali Linux for DNS spoofing attacks, modifying configuration files like etter.conf and etter.dns, scanning for hosts on the network, and initiating ARP poisoning and DNS spoofing attacks using Ettercap to redirect traffic to a malicious IP address. The document also provides information about the Optix Pro 1.3 trojan horse program and its ability to install backdoors and remotely control infected systems.
5/13/13 presentation to Austin DevOps Meetup Group, describing our system for deploying 15 websites and supporting services in multiple languages to bare redhat 6 VMs. All system-wide software is installed using RPMs, and all application software is installed using GIT or Tarball.
Chef is an open-source automation platform that treats infrastructure as code. It allows users to automate how infrastructure is configured, deployed and managed across any environment using a powerful DSL written in Ruby. Key features of Chef include server provisioning, automation of infrastructure changes, and management of configurations through recipes and cookbooks which are shared through an online community. Linecook is presented as an alternative to Chef for server automation that uses shell scripts instead of Ruby code and relies on established tools like SSH, VirtualBox, and bash instead of requiring installation of the Chef platform.
The slides from my July Django-District presentation. It shows some of the basics of using the new fabric. I have uploaded the example fabfile.py to slideshare as well.
Workshop Consul .- Service Discovery & Failure DetectionVincent Composieux
This workshop uses a Docker Swarm cluster to deploy a Consul agent and uses Registrator to automatically register Docker containers services into Consul and add a health check on it.
The presentation from Python meetup by JettyCloud about solving a problem found in a library that uses hashlib, followed by an overview of the CPython hashlib module with implementation details.
40 Methods for Privilege Escalation - Part 1
Privilege escalation is the act of exploiting a bug, a design flaw, or a configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user.
The first part of Privilege escalation methods with complete Descriptions:
1. Abusing Sudo Binaries
2. Abusing Scheduled Tasks
3. Golden Ticket With Scheduled Tasks
4. Abusing Interpreter Capabilities
5. Abusing Binary Capabilities
6. Abusing ActiveSessions Capabilities
7. Escalate with TRUSTWORTHY in SQL Server
8. Abusing Mysql run as root
9. Abusing journalctl
10. Abusing VDS
11. Abusing Browser
12. Abusing LDAP
13. LLMNR Poisoning
14. Abusing Certificate Services
15. MySQL UDF Code Injection
16. Impersonation Token with ImpersonateLoggedOnuser
17. Impersonation Token with SeImpersontePrivilege
18. Impersonation Token with SeLoadDriverPrivilege
19. OpenVPN Credentials
20. Bash History
21. Package Capture
22. NFS Root Squashing
23. Abusing Access Control List
24. Escalate With SeBackupPrivilege
25. Escalate With SeImpersonatePrivilege
26. Escalate With SeLoadDriverPrivilege
27. Escalate With ForceChangePassword
28. Escalate With GenericWrite
29. Abusing GPO
30. Pass-the-Ticket
31. Golden Ticket
32. Abusing Splunk Universal Forwarder
33. Abusing Gdbus
34. Abusing Trusted DC
35. NTLM Relay
36. Exchange Relay
37. Dumping with diskshadow
38. Dumping with vssadmin
39. Password Spraying
40. AS-REP Roasting Kerberoasting
Similar to Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers With Nagios (20)
Best Practices? That’s like asking how long is a piece of string! While every environment is different, there are however a number of configurations, tweaks and methods that can be of great benefit for your Nagios XI environment. This talk will cover a variety of Best Practice topics for Nagios XI ranging from flexible object configurations through to back end performance enhancements.
Trevor McDonald - Nagios XI Under The Hood - What happens when a check is run? What are the parts that move behind the scenes to turn a service check into a notification? In this talk, Trevor will walk through the check process from start to finish, giving an overview of the components involved at each step.
Sean Falzon - Nagios - Resilient NotificationsNagios
Sean will be discussing several approaches to notification types for real world Nagios deployments. This will include a few methods for handling on call rosters, sending SMS from fully visualized data centers, and resilient notifications by integrating with phone systems for voice notifications.
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise EditionNagios
Landis+Gyr uses Nagios XI to monitor over 105,000 hosts and services across its global operations. It utilizes 20 Nagios servers with 14 dedicated to managed services and 5 for data centers. Key benefits of Nagios XI for Landis+Gyr include its user-friendly GUI, short learning curve, and ability to interface with other systems. Additional features such as Thruk, Active Directory integration, automated host management, custom plugins, and the NSClient++ agent enhance Landis+Gyr's monitoring capabilities. Backend APIs also allow integration with third-party tools.
Janice Singh - Writing Custom Nagios Plugins - New to Nagios and wanting to expand its use with your own
custom plugins? This presentation will show you how to write your own plugins and integrate it into Nagios.
Dave Williams - Nagios Log Server - Practical ExperienceNagios
Dave Williams - Nagios Log Server - Practical Experience. -
This session will detail the green field deployment of Nagios Log Server in a client environment consisting of HP LAN Switches, 3PAR disk storage, HP Blade Chassis with Flex Fabric using
VMware, Hyper-V, Exchange & Citrix.
Mike Weber - Nagios and Group Deployment of Service ChecksNagios
This presentation will show how you can create groups of checks like CPU metrics, Oracle metrics or IIS metrics and push them to all of the hosts that require them. The presentation will provide a script that will allow you to select and implement hundreds of groups of checks that have been developed for NRPE, NCPA, WMI, NSClient++, NRDP and NRDS.
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationNagios
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation - Mike Merideth from VictorOps talks about the challenges of
sharing responsibility for monitoring in the DevOps world. Learn several strategies for keeping your configuration correct,
consistent, and up-to-date when several people are working on it.
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...Nagios
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring as a Service - Learn about the trials and challenges Agile Networks faced while converting their Nagios XI instance over to service outside customers.
Matt Bruzek - Monitoring Your Public Cloud With NagiosNagios
Matt Bruzek - Monitor Public Cloud Use Nagios to monitor your public cloud. - No debian installer for Nagios 4? No problem! Deploy your public cloud with Juju and you can connect Nagios core services to your Ubuntu instances in the cloud. In this session, Matt will quickly go over the basic concepts of Juju and spend the rest of the time walking through examples of deploying Nagios monitoring solutions
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.Nagios
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs. - Lee will present how he overcame timeperiod issues, through the use of MK_Livestatus, Pushbullet, and scripts to notify of him of alerts while he is at work. All the user needs to do is execute a command at the start of their shift, and they will receive all their notifications until their shift ends.
Eric Loyd - Fractal Nagios - Learn how Nagios XI can be used to monitor Nagios Log Server (NLS) and Nagios Network Analyzer (NNA), how Nagios Log Server and Nagios Network Analyzer can leverage Nagios XI for alerting, and how to use Nagios Log Server and Nagios Network Analyzer to monitor each other and Nagios XI and Nagios Core, including remote execution environments.
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Nagios
Marcelo Perazolo, Lead Software Architect, IBM Corporation - In this session, Marcelo will describe how Nagios can be
integrated and extended for the monitoring of a typical
power-based converged infrastructure, and how it interfaces with existing element managers to provide a single point of integration for passive and active monitoring purposes.
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...Nagios
Tracking Boeing Satellites With Nagios - Learn how Nagios Core redefined support of the on-orbit fleet of Boeing satellites and changed the way Mission Operations are performed with the next generation of satellites.
Nagios World Conference 2015 - Scott Wilkerson OpeningNagios
This document welcomes attendees to the 5th Nagios World Conference and provides an overview of Nagios solutions. It summarizes that Nagios is deployed globally across all industry sectors in small, large, and multi-national businesses for network monitoring, alerting, reporting, and reaction. It then highlights some of the open source Nagios plugins, extensions, and tools as well as commercial products for enhanced user interfaces, reporting, configuration, network flow monitoring, log analysis, issue tracking, and centralized management.
Nagios Log Server greatly simplifies the process of searching your log data. Set up alerts to notify you when potential threats arise, or simply filter your data to quickly audit your system. With Log Server, you get all of your data in one location, with high availability and fail-over built right in. Quickly monitor your servers with configuration wizards and start monitoring your logs in minutes.
Learn more here: https://www.nagios.com/products/nagios-log-server/
Free download (60 day trial): https://www.nagios.com/downloads/nagios-log-server/
Network Analyzer provides an in-depth look at all network traffic sources and potential security threats allowing system admins to quickly gather high-level information regarding the health of the network as well as highly granular data for complete and thorough network analysis.
Dorance Martinez Cortes' presentation on customizing Nagios. The presentation was given during the Nagios World Conference North America held Oct 13th - Oct 16th, 2014 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/conference.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...Fwdays
Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless.
As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency.
We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
"Scaling RAG Applications to serve millions of users", Kevin GoedeckeFwdays
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
The Microsoft 365 Migration Tutorial For Beginner.pptxoperationspcvita
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
Session 1 - Intro to Robotic Process Automation.pdfUiPathCommunity
👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program:
https://bit.ly/Automation_Student_Kickstart
In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC.
📕 Detailed agenda:
What is RPA? Benefits of RPA?
RPA Applications
The UiPath End-to-End Automation Platform
UiPath Studio CE Installation and Setup
💻 Extra training through UiPath Academy:
Introduction to Automation
UiPath Business Automation Platform
Explore automation development with UiPath Studio
👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/
2. Various Methods to Monitor Mail Server
Public Ports
SMTP on Port 25
POPS on Port 995
IMAPS on Port 993
SNMP
Amavis on Port 10024
Reinjection Port on 10025
Spamassassin on Port 783
NRPE
Virus Signatures
Virus Activity
Virus Numbers
Perl Plugin
Email Delivery
Verify Read Email Headers
Verify Read Headers and Content
2011 2
3. Various Methods to Monitor Mail Server
SSH
Amavis on Port 10024
Reinjection Port on 10025
Spamassassin on Port 783
Virus Signatures
Virus Activity
Virus Numbers
Email Delivery
Verify Read Email Headers
Verify Read Headers and Content
2011 3
4. Monitor Public Mail Ports
SMTP Port 25
Port Status
Response Times
Graph Response Times
IMAPS Port 993
Port Status
Response Times
Graph Response Times
POP3S Port 995
Port Status
Response Times
Graph Response Times
2011 4
12. Checking Amavis - SNMP
Install Script
Install any script you want to use in
the /usr/local/nagios/libexec with the
correct permissions
Create Command
Whenever you use your own script, you
will need to create a command to
access the script.
Create Check
Once the command has been created
you will be able to use it for any hosts.
2011 12
14. Checking Spamassassin - SNMP
Install Script
Install any script you want to use in
the /usr/local/nagios/libexec with the
correct permissions
Create Command
Whenever you use your own script, you
will need to create a command to
access the script.
Create Check
Once the command has been created
you will be able to use it for any hosts.
2011 14
16. Monitor Virus Activity with NRPE
Virus Signatures
Quarantine Status
Number of Viruses Captured
2011 16
17. Checking Virus Signatures – NRPE Daemon
You will need to install xinetd and make sure you have a file in /etc/xinetd.d called nrpe on
the client and it looks like this:
# default: off
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
type = UNLISTED
port = 5666
socket_type = stream
wait = no
user = nagios
group = nagios
server = /usr/sbin/nrpe
server_args = c /usr/local/nagios/etc/nrpe.cfg inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 192.168.5.50
}
2011 17
21. Checking Quarantine - NRPE
Command Definition
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe H $HOSTADDRESS$ c $ARG1$
}
Service Definition
define service{
use genericservice
host_name mail
service_description Quarantine Status
check_command check_nrpe!check_virusmail
}
NRPE Command
command[check_virusmail]=/usr/local/nagios/libexec/check_virusmail
Bash Shell Script
#!/bin/bash
vmail=$(ls /var/virusmails | grep virus|wc l)
vmail_date=$(ls l /var/virusmails | grep virus| awk F' ' '{print $6,$7,$8}'|tail 1)
if [ "$vmail" eq 0 ]
then
echo "No Viruses in Quarantine"
stateid=0
else
echo "Viruses Detected!!! Last Virus Captured $vmail_date"
stateid=1
fi
exit $stateid
2011 21
22. Monitor Email Delivery – Perl Plugin
Delivery Confirmation to INBOX
Verify that mail was is deliverable.
Delivery Confirmation: Read Header
Read mail header to verify delivery.
Delivery Confirmation: Read Header/Content
Read header and content to verify readability.
2011 22
24. Checking Email Delivery
Create Command
Whenever you use your own script, you will need to create a command to access the script.
Create Check
This example “hard codes” the check until you know it works, then add arguments.
2011 24
25. Monitor with SSH Proxy: Secure Communication
Amavis -SNMP
Reinjection Port -SNMP
Spamassassin - SNMP
Virus Signatures
Quarantine Status
Number of Viruses Captured
2011 25
26. SSH Proxy
This wizard monitors the remote host using
SSH to execute the plugins and scripts.
Download and install the SSH Proxy
wizard. Once it is installed select the
wizard from the list.
2011 26
27. SSH Proxy
In Step 2 you will need to add an IP Address or
fully qualified domain name. You will also
need to select the operating system of the
machine you will connect up to using SSH.
2011 27
28. SSH Proxy
In Step 2 you will need to add an IP Address or
fully qualified domain name. You will also
need to select the operating system of the
machine you will connect up to using SSH.
2011 28
31. SSH Proxy – Creating Keys
The key to getting the whole thing to work is setting up the passwordless login ability of the
nagios user. On the XI box login as the nagios user:
su – nagios
cd /home/nagios
sshkeygen
Use ENTER to select all options as you want to take default locations and you want a password that
is empty(be sure to set up the security requirements listed below).
On the host to be monitored follow the same steps. Then on the XI server, log in as nagios and go
to the ssh directory.
su – nagios
cd /home/nagios/sssh
cp id_rsa.pub nagios_key
scp nagios_key nagios@remote_client:/home/nagios/.ssh/nagios_key
You copy the public key to a different name, otherwise you will wipe out the public key on the
remote client. Now log into the remote client as nagios and move to the /home/nagios/.ssh
directory. Execute these commands:
cat nagios_key > authorized_keys
chmod 600 authorized_keys
ls l
rw 1 nagios nagios 394 Sep 14 16:24 authorized_keys
rw 1 nagios nagios 1671 Sep 14 16:18 id_rsa
rwrr 1 nagios nagios 418 Sep 14 16:18 id_rsa.pub
You should now be able to log in to the remote host from Nagios XI without a password.
2011 31
32. SSH Proxy – Security
If you are using the nagios login without a password and with an empty keyphrase, it is important
that you set a firewall rule to only allow connections using SSH from trusted hosts. Here is an
iptables rule (on a CentOS box) which uses one rule to allow the Nagios XI to use several
different ports. Notice the rule order is used with this rule being “7” so that you can block all
access after this rule.
Firewall
iptables I RHFirewall1INPUT 7 p tcp m state state NEW m multiport s 192.168.1.1
dports 110,995,993,9202,22 j ACCEPT
In addition set your tcp_wrappers file in /etc/hosts.allow so that only trusted hosts can get
access to the server using SSH. Be sure to edit this file carefully so you do not lock yourself
out. You will also need to edit /etc/hosts.deny to deny everything you do not allow.
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
ALL: 127.0.0.1
SSHD: 192.168.1.1
SMTP: ALL
POP3: ALL
IMAPS: ALL
# hosts.deny
ALL: ALL
2011 32