SpamAssassin 4.0 is going to be released soon.
In this version there will be a lot of new features useful to catch new types of spam messages and a lot of improvements.
In this session, we’ll review how previous efforts, including Netfilter, Berkley Packet Filter (BPF), Open vSwitch (OVS), and TC, approached the problem of extensibility. We’ll show you an open source solution available within the Red Hat Enterprise Linux kernel, where extending and merging some of the existing concepts leads to an extensible framework that satisfies the networking needs of datacenter and cloud virtualization.
Cilium - API-aware Networking and Security for Containers based on BPFThomas Graf
Cilium provides network security and visibility for microservices. It uses eBPF/XDP to provide fast and scalable networking and security controls at layers 3-7. Key features include identity-based firewalling, load balancing, and mutual TLS authentication between services. It integrates with Kubernetes to apply network policies using standard Kubernetes resources and custom CiliumNetworkPolicy resources for finer-grained control.
Kernel Recipes 2019 - XDP closer integration with network stackAnne Nicolas
XDP (eXpress Data Path) is the new programmable in-kernel fast-path, which is placed as a layer before the existing Linux kernel network stack (netstack).
We claim XDP is not kernel-bypass, as it is a layer before and it can easily fall-through to netstack. Reality is that it can easily be (ab)used to create a kernel-bypass situation, where non of the kernel facilities are used (in form of BPF-helpers and in-kernel tables). The main disadvantage with kernel-bypass, is the need to re-implement everything, even basic building blocks, like routing tables and ARP protocol handling.
It is part of the concept and speed gain, that XDP allows users to avoid calling part of the kernel code. Users have the freedom to do kernel-bypass and re-implement everything, but the kernel should provide access to more in-kernel tables, via BPF-helpers, such that users can leverage other parts of the Open Source ecosystem, like router daemons etc.
This talk is about how XDP can work in-concert with netstack, and proposal on how we can take this even-further. Crazy ideas like using XDP frames to move SKB allocation out of driver code, will also be proposed.
Every IR presents unique challenges. But - when an attacker uses PowerShell, WMI, Kerberos attacks, novel persistence mechanisms, seemingly unlimited C2 infrastructure and half-a-dozen rapidly-evolving malware families across a 100k node network to compromise the environment at a rate of 10 systems per day - the cumulative challenges can become overwhelming. This talk will showcase the obstacles overcome during one of the largest and most advanced breaches Mandiant has ever responded to, the novel investigative techniques employed, and the lessons learned that allowed us to help remediate it.
Details a massive intrusion by Russian APT29 (AKA CozyDuke, Cozy Bear)
This document provides information on managing users and groups in Linux. It lists commands for adding, modifying, and deleting users and groups such as useradd, usermod, userdel, and groupadd. It describes how user information is stored in files like /etc/passwd, /etc/shadow, and /etc/group. It also covers setting passwords, restricting login access, giving users root privileges, and managing secondary groups. Potential error scenarios involving permissions and viewing passwords are also addressed.
This document is a presentation on introducing Linux shell scripting. It begins by stating that the talk is aimed at those who can open a terminal and type commands. It then outlines what will be covered, including basic shell commands, combining commands, creating simple scripts, and using cron for automation. The document provides examples of commands for files, disks, processes, and networks. It also demonstrates how to combine commands using pipes and redirection. Finally, it shows how to create simple scripts and discusses using cron for automation.
The document provides an overview of eBPF maps and how they can be used to share data between eBPF programs running in the kernel and userspace applications. It describes how maps are created via the BPF syscall using the BPF_MAP_CREATE command. It also explains how keys and values can be looked up, updated, and deleted from maps using commands like BPF_MAP_LOOKUP_ELEM, BPF_MAP_UPDATE_ELEM, and BPF_MAP_DELETE_ELEM. Finally, it lists the different types of eBPF maps available.
This document discusses the architecture for testing new versions and rules of RSPAMD, an email spam filtering software. It proposes using a proxy server to encrypt and load balance traffic between stable and testing clusters. The proxy would immediately return results from the stable cluster and compare results from multiple testing clusters using scripts. This allows testing new versions and rules on live traffic while maintaining a stable filtering environment.
In this session, we’ll review how previous efforts, including Netfilter, Berkley Packet Filter (BPF), Open vSwitch (OVS), and TC, approached the problem of extensibility. We’ll show you an open source solution available within the Red Hat Enterprise Linux kernel, where extending and merging some of the existing concepts leads to an extensible framework that satisfies the networking needs of datacenter and cloud virtualization.
Cilium - API-aware Networking and Security for Containers based on BPFThomas Graf
Cilium provides network security and visibility for microservices. It uses eBPF/XDP to provide fast and scalable networking and security controls at layers 3-7. Key features include identity-based firewalling, load balancing, and mutual TLS authentication between services. It integrates with Kubernetes to apply network policies using standard Kubernetes resources and custom CiliumNetworkPolicy resources for finer-grained control.
Kernel Recipes 2019 - XDP closer integration with network stackAnne Nicolas
XDP (eXpress Data Path) is the new programmable in-kernel fast-path, which is placed as a layer before the existing Linux kernel network stack (netstack).
We claim XDP is not kernel-bypass, as it is a layer before and it can easily fall-through to netstack. Reality is that it can easily be (ab)used to create a kernel-bypass situation, where non of the kernel facilities are used (in form of BPF-helpers and in-kernel tables). The main disadvantage with kernel-bypass, is the need to re-implement everything, even basic building blocks, like routing tables and ARP protocol handling.
It is part of the concept and speed gain, that XDP allows users to avoid calling part of the kernel code. Users have the freedom to do kernel-bypass and re-implement everything, but the kernel should provide access to more in-kernel tables, via BPF-helpers, such that users can leverage other parts of the Open Source ecosystem, like router daemons etc.
This talk is about how XDP can work in-concert with netstack, and proposal on how we can take this even-further. Crazy ideas like using XDP frames to move SKB allocation out of driver code, will also be proposed.
Every IR presents unique challenges. But - when an attacker uses PowerShell, WMI, Kerberos attacks, novel persistence mechanisms, seemingly unlimited C2 infrastructure and half-a-dozen rapidly-evolving malware families across a 100k node network to compromise the environment at a rate of 10 systems per day - the cumulative challenges can become overwhelming. This talk will showcase the obstacles overcome during one of the largest and most advanced breaches Mandiant has ever responded to, the novel investigative techniques employed, and the lessons learned that allowed us to help remediate it.
Details a massive intrusion by Russian APT29 (AKA CozyDuke, Cozy Bear)
This document provides information on managing users and groups in Linux. It lists commands for adding, modifying, and deleting users and groups such as useradd, usermod, userdel, and groupadd. It describes how user information is stored in files like /etc/passwd, /etc/shadow, and /etc/group. It also covers setting passwords, restricting login access, giving users root privileges, and managing secondary groups. Potential error scenarios involving permissions and viewing passwords are also addressed.
This document is a presentation on introducing Linux shell scripting. It begins by stating that the talk is aimed at those who can open a terminal and type commands. It then outlines what will be covered, including basic shell commands, combining commands, creating simple scripts, and using cron for automation. The document provides examples of commands for files, disks, processes, and networks. It also demonstrates how to combine commands using pipes and redirection. Finally, it shows how to create simple scripts and discusses using cron for automation.
The document provides an overview of eBPF maps and how they can be used to share data between eBPF programs running in the kernel and userspace applications. It describes how maps are created via the BPF syscall using the BPF_MAP_CREATE command. It also explains how keys and values can be looked up, updated, and deleted from maps using commands like BPF_MAP_LOOKUP_ELEM, BPF_MAP_UPDATE_ELEM, and BPF_MAP_DELETE_ELEM. Finally, it lists the different types of eBPF maps available.
This document discusses the architecture for testing new versions and rules of RSPAMD, an email spam filtering software. It proposes using a proxy server to encrypt and load balance traffic between stable and testing clusters. The proxy would immediately return results from the stable cluster and compare results from multiple testing clusters using scripts. This allows testing new versions and rules on live traffic while maintaining a stable filtering environment.
This document provides an introduction to eBPF and XDP. It discusses the history of BPF and how it evolved into eBPF. Key aspects of eBPF covered include the instruction set, JIT compilation, verifier, helper functions, and maps. XDP is introduced as a way to program the data plane using eBPF programs attached early in the receive path. Example use cases and performance benchmarks for XDP are also mentioned.
This document provides an overview of SELinux, including its introduction, access control mechanisms, policy, administration, and benefits. SELinux is a Linux security module that implements mandatory access controls to confine processes and restrict their access. It defines types for objects like files and directories, domains for processes, and roles to determine what access users and processes have. SELinux policy enforces these controls and can be configured through booleans and modified policy modules. It helps strengthen security by auditing access and confining services like web servers even if they are compromised by an attack.
Implementing generic JNI hardware control for Kotlin based app on AOSPCheng Wig
With the popularity of Android phones, along with the success in the consumer field, the industrial Android platform is getting more and more popular in Europe.
An industrial grade Android OS usually requires hardware control such as GPIO, I2C, PWM, etc., however device vendors implement these functions in different ways, some may even compromise Android security function. In this session, the presenter will introduce how to implement packaged JNI API from common libraries of Linux OS for hardware controlling for Kotlin based app while fully matching the security architecture of Android OS through AOSP 12 BSP and Android-Studio IDE.
It describes the MMC storage device driver functionality in Linux Kernel and it's role. It explains different type of storage devices available and how they are handled from MMC driver point of view. It describes eMMC (internal storage) device and SD (external storage) devices in details and SD protocol used for communicating with these devices in Linux.
eBPF is an exciting new technology that is poised to transform Linux performance engineering. eBPF enables users to dynamically and programatically trace any kernel or user space code path, safely and efficiently. However, understanding eBPF is not so simple. The goal of this talk is to give audiences a fundamental understanding of eBPF, how it interconnects existing Linux tracing technologies, and provides a powerful aplatform to solve any Linux performance problem.
This document discusses shell scripting and provides information on various shells, commands, and scripting basics. It covers:
- Common shells like Bourne, C, and Korn shells. The Bourne shell is typically the default and fastest, while the C shell adds features like alias and history.
- Basic bash commands like cd, ls, pwd, cp, mv, less, cat, grep, echo, touch, mkdir, chmod, and rm.
- The superuser/root user with full privileges and password security best practices.
- How login works and the difference between .login and .cshrc initialization files.
- Exiting or logging out of shells.
This document provides an agenda and overview for a hands-on lab on using DPDK in containers. It introduces Linux containers and how they use fewer system resources than VMs. It discusses how containers still use the kernel network stack, which is not ideal for SDN/NFV usages, and how DPDK can be used in containers to address this. The hands-on lab section guides users through building DPDK and Open vSwitch, configuring them to work with containers, and running packet generation and forwarding using testpmd and pktgen Docker containers connected via Open vSwitch.
Kubered -Recipes for C2 Operations on KubernetesJeffrey Holden
This document provides recipes for containerizing and deploying common C2 frameworks like Cobalt Strike and Merlin on Kubernetes. It discusses using Docker to containerize the C2 payloads, creating Kubernetes deployments, services, and ingress resources to expose the containers. It also covers using Nginx Ingress and Istio service mesh with Envoy sidecars to provide redirection and traffic manipulation capabilities for C2 infrastructure on Kubernetes.
The webinar discussed accelerating P4 and eBPF programs on Netronome SmartNIC hardware. It covered the Linux kernel infrastructure like TC and XDP that supports offloading eBPF programs. It also explained how the NFP architecture is optimized for network flow processing with its multi-core design and memory hierarchy. The webinar demonstrated how eBPF programs can be translated to run efficiently on the NFP hardware by handling maps and applying optimizations.
This was a quick presentation I made at our local Rockford SpiceCorps. The idea was to show an alternative way of easing the logon process from a maintenance standpoint, specifically for admins who were not script-savvy.
This document discusses tracing in the Linux kernel. It describes various tracing mechanisms like ftrace, tracepoints, kprobes, perf, and eBPF. Ftrace allows tracing functions via compiler instrumentation or dynamically. Tracepoints define custom trace events that can be inserted at specific points. Kprobes and related probes like jprobes allow tracing kernel functions. Perf provides performance monitoring capabilities. eBPF enables custom tracing programs to be run efficiently in the kernel via just-in-time compilation. Tracing tools like perf, systemtap, and LTTng provide user interfaces.
Cilium - Bringing the BPF Revolution to Kubernetes Networking and SecurityThomas Graf
BPF is one of the fastest emerging technologies of the Linux kernel. The talk provides an introduction to Cilium which brings the powers of BPF to Kubernetes and other orchestration systems to provide highly scalable and efficient networking, security and load balancing for containers and microservices. The talk will provide an introduction to the capabilities of Cilium today but also deep dives into the emerging roadmap involving networking at the socket layer and service mesh datapath capabilities to provide highly efficient connectivity between cloud native apps and sidecar proxies.
The document provides an overview of techniques for penetrating OS X environments externally, including using the EmPyre remote access Trojan, phishing with OS X payloads, privilege escalation, persistence mechanisms like login hooks and crontab, host and network reconnaissance tools, and lateral movement options like SSH. The challenges of operating in an OS X environment and adapting typical Windows tactics are also discussed.
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Valeriy Kravchuk
Bpftrace is a relatively new eBPF-based open source tracer for modern Linux versions (kernels 5.x.y) that is useful for analyzing production performance problems and troubleshooting software. Basic usage of the tool, as well as bpftrace one liners and advanced scripts useful for MariaDB DBAs are presented. Problems of MariaDB Server dynamic tracing with bpftrace and some possible solutions and alternative tracing tools are discussed.
This document provides an overview of basic Linux commands and concepts for beginners. It covers topics such as opening the terminal, changing directories, listing and manipulating files and folders, searching for files, managing processes, installing packages, setting environment variables, and compressing files. The document is intended to help new Linux users learn the basics of how Linux is organized and how to navigate and perform tasks on the command line interface.
This document provides an overview and agenda for an introductory training course on testing infrastructure automation code with Chef and its tools. The agenda includes an overview of Chef, discussing resources, describing policies with recipes and cookbooks, using a sandbox for testing, verifying node state, getting faster feedback, writing clean code, and wrapping up. Hands-on labs are emphasized for learning Chef through practice. Questions are encouraged throughout, and breaks will be taken as needed.
This document provides an introduction to eBPF and XDP. It discusses the history of BPF and how it evolved into eBPF. Key aspects of eBPF covered include the instruction set, JIT compilation, verifier, helper functions, and maps. XDP is introduced as a way to program the data plane using eBPF programs attached early in the receive path. Example use cases and performance benchmarks for XDP are also mentioned.
This document provides an overview of SELinux, including its introduction, access control mechanisms, policy, administration, and benefits. SELinux is a Linux security module that implements mandatory access controls to confine processes and restrict their access. It defines types for objects like files and directories, domains for processes, and roles to determine what access users and processes have. SELinux policy enforces these controls and can be configured through booleans and modified policy modules. It helps strengthen security by auditing access and confining services like web servers even if they are compromised by an attack.
Implementing generic JNI hardware control for Kotlin based app on AOSPCheng Wig
With the popularity of Android phones, along with the success in the consumer field, the industrial Android platform is getting more and more popular in Europe.
An industrial grade Android OS usually requires hardware control such as GPIO, I2C, PWM, etc., however device vendors implement these functions in different ways, some may even compromise Android security function. In this session, the presenter will introduce how to implement packaged JNI API from common libraries of Linux OS for hardware controlling for Kotlin based app while fully matching the security architecture of Android OS through AOSP 12 BSP and Android-Studio IDE.
It describes the MMC storage device driver functionality in Linux Kernel and it's role. It explains different type of storage devices available and how they are handled from MMC driver point of view. It describes eMMC (internal storage) device and SD (external storage) devices in details and SD protocol used for communicating with these devices in Linux.
eBPF is an exciting new technology that is poised to transform Linux performance engineering. eBPF enables users to dynamically and programatically trace any kernel or user space code path, safely and efficiently. However, understanding eBPF is not so simple. The goal of this talk is to give audiences a fundamental understanding of eBPF, how it interconnects existing Linux tracing technologies, and provides a powerful aplatform to solve any Linux performance problem.
This document discusses shell scripting and provides information on various shells, commands, and scripting basics. It covers:
- Common shells like Bourne, C, and Korn shells. The Bourne shell is typically the default and fastest, while the C shell adds features like alias and history.
- Basic bash commands like cd, ls, pwd, cp, mv, less, cat, grep, echo, touch, mkdir, chmod, and rm.
- The superuser/root user with full privileges and password security best practices.
- How login works and the difference between .login and .cshrc initialization files.
- Exiting or logging out of shells.
This document provides an agenda and overview for a hands-on lab on using DPDK in containers. It introduces Linux containers and how they use fewer system resources than VMs. It discusses how containers still use the kernel network stack, which is not ideal for SDN/NFV usages, and how DPDK can be used in containers to address this. The hands-on lab section guides users through building DPDK and Open vSwitch, configuring them to work with containers, and running packet generation and forwarding using testpmd and pktgen Docker containers connected via Open vSwitch.
Kubered -Recipes for C2 Operations on KubernetesJeffrey Holden
This document provides recipes for containerizing and deploying common C2 frameworks like Cobalt Strike and Merlin on Kubernetes. It discusses using Docker to containerize the C2 payloads, creating Kubernetes deployments, services, and ingress resources to expose the containers. It also covers using Nginx Ingress and Istio service mesh with Envoy sidecars to provide redirection and traffic manipulation capabilities for C2 infrastructure on Kubernetes.
The webinar discussed accelerating P4 and eBPF programs on Netronome SmartNIC hardware. It covered the Linux kernel infrastructure like TC and XDP that supports offloading eBPF programs. It also explained how the NFP architecture is optimized for network flow processing with its multi-core design and memory hierarchy. The webinar demonstrated how eBPF programs can be translated to run efficiently on the NFP hardware by handling maps and applying optimizations.
This was a quick presentation I made at our local Rockford SpiceCorps. The idea was to show an alternative way of easing the logon process from a maintenance standpoint, specifically for admins who were not script-savvy.
This document discusses tracing in the Linux kernel. It describes various tracing mechanisms like ftrace, tracepoints, kprobes, perf, and eBPF. Ftrace allows tracing functions via compiler instrumentation or dynamically. Tracepoints define custom trace events that can be inserted at specific points. Kprobes and related probes like jprobes allow tracing kernel functions. Perf provides performance monitoring capabilities. eBPF enables custom tracing programs to be run efficiently in the kernel via just-in-time compilation. Tracing tools like perf, systemtap, and LTTng provide user interfaces.
Cilium - Bringing the BPF Revolution to Kubernetes Networking and SecurityThomas Graf
BPF is one of the fastest emerging technologies of the Linux kernel. The talk provides an introduction to Cilium which brings the powers of BPF to Kubernetes and other orchestration systems to provide highly scalable and efficient networking, security and load balancing for containers and microservices. The talk will provide an introduction to the capabilities of Cilium today but also deep dives into the emerging roadmap involving networking at the socket layer and service mesh datapath capabilities to provide highly efficient connectivity between cloud native apps and sidecar proxies.
The document provides an overview of techniques for penetrating OS X environments externally, including using the EmPyre remote access Trojan, phishing with OS X payloads, privilege escalation, persistence mechanisms like login hooks and crontab, host and network reconnaissance tools, and lateral movement options like SSH. The challenges of operating in an OS X environment and adapting typical Windows tactics are also discussed.
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Valeriy Kravchuk
Bpftrace is a relatively new eBPF-based open source tracer for modern Linux versions (kernels 5.x.y) that is useful for analyzing production performance problems and troubleshooting software. Basic usage of the tool, as well as bpftrace one liners and advanced scripts useful for MariaDB DBAs are presented. Problems of MariaDB Server dynamic tracing with bpftrace and some possible solutions and alternative tracing tools are discussed.
This document provides an overview of basic Linux commands and concepts for beginners. It covers topics such as opening the terminal, changing directories, listing and manipulating files and folders, searching for files, managing processes, installing packages, setting environment variables, and compressing files. The document is intended to help new Linux users learn the basics of how Linux is organized and how to navigate and perform tasks on the command line interface.
This document provides an overview and agenda for an introductory training course on testing infrastructure automation code with Chef and its tools. The agenda includes an overview of Chef, discussing resources, describing policies with recipes and cookbooks, using a sandbox for testing, verifying node state, getting faster feedback, writing clean code, and wrapping up. Hands-on labs are emphasized for learning Chef through practice. Questions are encouraged throughout, and breaks will be taken as needed.
TYPO3 8 is here - how we keep EXT:solr uptodate with the TYPO3 coretimohund
This presentation shows, how we use travis-ci.org and scrutinizer-ci.com to keep our extension uptodate with the TYPO3 core. Beside that we show what could be next for EXT:solr in the next year.
The document provides an overview of Microsoft Teams features and data storage. It discusses how Teams is enabled through Exchange Online, SharePoint Online, OneDrive and Office 365 groups. Conversations are stored in Exchange mailboxes and SharePoint sites. Case scenarios describe challenges migrating to Teams like creating teams in a controlled way and resolving issues during creation like duplicate site collections. Potential problems during migration are also outlined.
1) Apache Ambari is an open-source platform for provisioning, managing and monitoring Hadoop clusters.
2) New features in Ambari 2.4 include additional services, role-based access control, management packs and a Grafana UI for visualizing metrics.
3) Ambari simplifies cluster operations through an intuitive UI for deploying, securing, monitoring and upgrading Hadoop clusters on-premises and in the cloud.
1. Apache Ambari is an open-source platform for provisioning, managing and monitoring Hadoop clusters.
2. New features in Ambari 2.4 include additional services, role-based access control, management packs and a Grafana UI for visualizing metrics.
3. Ambari simplifies cluster operations through deploying clusters via blueprints, automated Kerberos integration, host discovery and stack advisors. It also supports upgrading clusters with either rolling or express upgrades.
This document provides a summary of key chapters from various books about Microsoft Exchange Server 2007. It discusses chapters about Exchange Server architecture, administration, installation, scaling, availability, backup/recovery, policies/security, and planning. The document is an advertisement for Sybex publishing promoting their books on Exchange Server 2007 topics.
Ruby 2.5 includes new features such as allowing rescue/else/ensure blocks directly in do/end, yield_self, Hash slicing methods, and Struct classes that accept keyword arguments. It also provides performance improvements like removing trace instructions for 5-10% faster execution and optimizing block passing. Additionally, there are other notable changes like Thread exceptions defaulting to report, SecureRandom preferring OS sources, and updates to standard libraries, Unicode version, RubyGems, and RDoc.
Parse Server is an open source backend as a service (BaaS) framework that allows developers to use the Parse API with their own infrastructure. It was created by Parse to allow developers to continue using the Parse API and migrating apps from Parse after it shuts down. Parse Server allows for more flexibility than Parse.com by allowing hosting anywhere, local development/testing, no preset query limits, custom databases/indexes, live queries, and functionality like Push Notifications, Pointer Permissions, and Config that have been added. Developers can get started by following Parse's migration guide and using Parse Server is expected to continue improving over time as an open source project.
This document provides an agenda for a conference on XPages Beyond the Basics held from February 2-3, 2012 in Denmark. The agenda includes topics like JavaScript/CSS aggregation, pre-loading for XPages, Java design elements, themes, the XPages Extension Library, relational database support using JDBC, exporting data to Excel/PDF, and more. The document also introduces the speaker, Ulrich Krause, an IBM Champion and experienced Notes/Domino developer.
ColdFusion 2016 includes many hidden gems in areas like installation, configuration, administration, web server configuration, new and changed features, and the CFML language. The document provides details on improvements to features like the installation process, CF Admin, wsconfig, PDF support, new language constructs like the safe navigation operator, new member functions, and updated underlying libraries. It also mentions deprecated features in ColdFusion 2016 and areas that will see changes in future releases.
1) Apache Ambari is an open-source platform for provisioning, managing, and monitoring Hadoop clusters.
2) New features in Ambari 2.4 include additional services, role-based access control, management packs, and Grafana integration.
3) Ambari simplifies cluster operations through an intuitive UI for deploying, securing, monitoring, upgrading, and scaling Hadoop clusters.
My slides from WordCamp Dhaka 2019 on WordPress Scaling. In this session I explained performance optimisation using HTTP/2, Caching and compressing resources.
I also explained how to Dockerize WordPress to make it easier to scale.
This document discusses implementing high availability in Exchange Server. It covers configuring highly available mailbox databases using database availability groups (DAGs) and deploying highly available non-mailbox servers. DAGs allow up to 16 copies of each database across multiple servers and enable automatic failover. The document demonstrates how to create and configure a DAG, monitor replication health, and deploy highly available hub transport and client access servers.
How to start developing your own ExpressionEngine addonsLeevi Graham
This document provides information on how to develop ExpressionEngine addons. It begins by discussing different types of addons like plugins, modules, and extensions. It then covers various popular addons like Freeform, Structure, and FieldFrame. The document also discusses where to find existing addons and provides an overview of the steps to create your own, including file structure, hooks, settings, and processing forms.
This document summarizes Amazon RDS for PostgreSQL, including:
- New major and minor version releases including 9.5.2 and support for additional extensions
- Changes to default parameters in 9.5 including increased max_connections and maintenance_work_mem
- Details on performing major version upgrades safely using pg_upgrade and testing
- New security features like forcing SSL on all connections and encryption of snapshot sharing
- Performance testing showing little overhead from encryption at rest
- Data migration options using the Database Migration Service
The document provides an outline for a 3-day training on configuring and customizing DSpace 4.2. Day 1 covers a quick review of basic DSpace concepts and configuration. Day 2 focuses on content transmission and customization. Day 3 covers theming the XML user interface and a preview of DSpace 5.0. The document discusses various aspects of a DSpace installation including source code, installation, configuration files, and integrating with a web server and database. It also summarizes configuring authentication methods, email templates, themes, and attributes for institutional authentication.
The document provides an outline for a 3-day DSpace 4.2 advanced training course. Day 1 covers a quick review of basic DSpace concepts and configuration. Day 2 focuses on content transmission and theming in the XML user interface (XMLUI). Day 3 previews upcoming DSpace 5.0 features and covers customizing submission workflows, authentication methods, and creating custom metadata forms. The training will help attendees learn advanced configuration, customization, and administration of a DSpace repository.
WordPress is a free and open-source content management system that can be used to create blogs and websites. It has a plugin architecture and a template system that allows for great flexibility and customization. WordPress is highly extensible through plugins and has a large community that contributes plugins, themes, and translations to support users in many different languages.
ACME is a protocol for automating certificate lifecycle management communications between Certificate Authorities (CAs) and a company’s web servers.
The most known implementation is the one made by Let’s Encrypt non-profit CA.
There are many other implementation and one of the most attractive and easy to use is Apache httpd mod_md.
During the talk I will explain why ACME protocol is important to secure web sites and how mod_md could ease the transition to a more secure www.
In this talk I will describe what's new in SpamAssassin 3.4.2, the ideas for further developments and some tips to improve the efficiency of your antispam solution.
seccomp is a computer security facility in the Linux kernel, pledge is a similar security facility in the OpenBSD kernel. In this presentation Giovanni Bechis will review the development story and progress of both kernel interfaces and will analyze the main differences. There will be some examples of implementations of security patches made for some important open source projects.
pf(4) is the OpenBSD packet filter that provides stateful packet filtering and network address translation (NAT). It is used in OpenBSD, FreeBSD, NetBSD, DragonflyBSD, and other systems. Some key features of pf include its flexible rule syntax, atomic ruleset updates, integrated traffic shaping, and ability to divert packets to userspace processes like spamd for inspection. It provides logging in tcpdump format and can integrate with CARP and other services. The pf code was developed for OpenBSD after the previous IPFilter code was removed due to licensing issues.
This document summarizes an overview of the ELK stack presented at LinuxCon Europe 2016. It discusses the components of ELK including Beats, Logstash, Elasticsearch, and Kibana. It provides examples of using these components to collect, parse, store, search, and visualize log data. Specific topics covered include collecting log files using Filebeat and Logstash, parsing logs with Logstash filters, visualizing data in Kibana, programming Elasticsearch with REST APIs and client libraries, and alerting using the open source ESWatcher tool.
OpenSSH is a free SSH implementation used for secure communications and file transfers. It provides strong cryptography, authentication methods, and allows for features like port forwarding, X11 forwarding, and file transfers. OpenSSH uses a modular structure which separates the transport, authentication, and connection protocols. This makes it more secure than the original SSH version 1, especially against man-in-the-middle attacks. The OpenSSH codebase focuses on security through techniques like input validation, sandboxing, and process separation between the monitoring and slave processes.
OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defined by RFC 5321, with some additional standard extensions. It allows ordinary machines to exchange e-mails with other systems speaking the SMTP protocol.
Started out of dissatisfaction with other implementations, OpenSMTPD nowadays is a fairly complete SMTP implementation.
This document discusses the Heartbleed bug in OpenSSL and the creation of LibreSSL as a more secure alternative. It notes that 17% of HTTPS servers were vulnerable to Heartbleed, which allowed attackers to steal passwords, credit cards, and other private data from server memory. LibreSSL was created to have fewer lines of code, modern coding practices, and fewer portability workarounds than OpenSSL to address bugs like Heartbleed. The document emphasizes fixing bugs quickly and not reinventing standard library functions.
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes.
Primary development occurs inside the OpenBSD source tree with the usual care the project is known for. On a regular basis the code is re-packaged for portable use by other operating systems.
SOGo: sostituire Microsoft Exchange con software Open SourceGiovanni Bechis
Microsoft Exchange è lo standard de-facto in ambito groupware, ora però lo si può sostituire con strumenti open source senza perdere funzionalità e guadagnandoci in efficenza, sicurezze e in possibilità di integrazione con altri software.
Questa è una breve introduzione alle possibilità offerte dalle piattaforme di cloud storage open source come owncloud e seafile; in particolare vengono analizzate le peculiarità del software Seafile.
Npppd is a VPN daemon in OpenBSD that supports PPTP, L2TP and PPPoE. It can authenticate using local files or RADIUS and tunnel IP packets. Npppd first appeared in OpenBSD 5.3 and its configuration file format has changed over time. Example configurations show how to set up basic and advanced npppd VPN tunnels using PPTP or L2TP with IPsec, and how to monitor active sessions. Future work may include better packet filtering and ARP cache integration.
Ssh è lo standard de-facto nelle comunicazioni sicure, questa è una breve ma esaustiva introduzione alle caratteristiche del programma e al suo utilizzo.
Il protocollo ipv6 è la nuova versione del protocollo ipv4, la base di internet così come lo conosciamo ora.
Sul protocollo ipv6 si baserà l'internet del futuro.
Relayd is a daemon to relay and dynamically redirect incoming connections to a target host.
Its main purposes are to run as a load-balancer, application layer gateway, or transparent proxy.
Discover the benefits of outsourcing SEO to Indiadavidjhones387
"Discover the benefits of outsourcing SEO to India! From cost-effective services and expert professionals to round-the-clock work advantages, learn how your business can achieve digital success with Indian SEO solutions.
Ready to Unlock the Power of Blockchain!Toptal Tech
Imagine a world where data flows freely, yet remains secure. A world where trust is built into the fabric of every transaction. This is the promise of blockchain, a revolutionary technology poised to reshape our digital landscape.
Toptal Tech is at the forefront of this innovation, connecting you with the brightest minds in blockchain development. Together, we can unlock the potential of this transformative technology, building a future of transparency, security, and endless possibilities.
Gen Z and the marketplaces - let's translate their needsLaura Szabó
The product workshop focused on exploring the requirements of Generation Z in relation to marketplace dynamics. We delved into their specific needs, examined the specifics in their shopping preferences, and analyzed their preferred methods for accessing information and making purchases within a marketplace. Through the study of real-life cases , we tried to gain valuable insights into enhancing the marketplace experience for Generation Z.
The workshop was held on the DMA Conference in Vienna June 2024.
HijackLoader Evolution: Interactive Process HollowingDonato Onofri
CrowdStrike researchers have identified a HijackLoader (aka IDAT Loader) sample that employs sophisticated evasion techniques to enhance the complexity of the threat. HijackLoader, an increasingly popular tool among adversaries for deploying additional payloads and tooling, continues to evolve as its developers experiment and enhance its capabilities.
In their analysis of a recent HijackLoader sample, CrowdStrike researchers discovered new techniques designed to increase the defense evasion capabilities of the loader. The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe. This new approach, called "Interactive Process Hollowing", has the potential to make defense evasion stealthier.
2. SpamAssassin 4.0 dev story
• 4.0 branch started on 2015 as a copy of 3.4.1
version
• 4.0 branch has started primarily to improve utf-8
parser
• While developing on 4.0 branch 5 minor versions
have been released
• Most recent SpamAssassin released version is 3.4.6
released on 04/12/2021
3. UTF8 support
• With UTF8 and UTF16
support
SpamAssassin can
easily block spam
in different
languages
4. UTF8 support
# Match a “ ” on the email Subject
📆
header EMOJI_CAL Subject =~ /xf0x9fx93x86/i
5. Bayes improvements
• It’s now possible
to skip common
words used in 15
different languages
to improve Bayes
algorithm on non-
english emails
15. sa-update(1) improvements
• --forcemirror
forces sa-update to use a specific mirror server
• --score-multiplier
adjust all scores from update channel, multiply
with given value
• --score-limit
adjust all scores from update channel, limit
to given value
16. ARC Signatures
• ARC signatures are
used to validate an
email when the
email's SPF and
DKIM records are
rendered invalid by
an intermediate
server
17. DMARC policies
• DMARC policies give
email domain owners
the ability to
protect their
domain from
unauthorized use
19. Inclusion changes
Some keywords have been changed by using more inclusive
words.
• whitelist -> welcomelist
• blacklist -> blocklist
Old keywords will continue to work until
SpamAssassin 4.1 will be released