This document discusses ways to optimize logging by centralizing and proactively using log data. It recommends using Monolog to log from application code in a standardized format. Rsyslog can then collect logs centrally from applications and systems. Logstash can further process logs with filters and output them to destinations like Elasticsearch. Graylog2 provides a web interface for powerful log searching, analytics, and alerting. Centralizing, standardizing, and proactively analyzing logs with these open source tools allows for improved monitoring and troubleshooting.
How to run system administrator recruitment process? By creating platform based on open source parts in just 2 nights! I gave this talk in Poland / Kraków OWASP chapter meeting on 17th October 2013 at our local Google for Entrepreneurs site. It's focused on security and also shows how to create recruitment process in CTF / challenge way.
This story covers mostly security details of this whole platform. There's great chance, that I will give another talk about this system but this time focusing on technical details. Stay tuned ;)
Is there a way to amend a MySQL split brain scenario? When two servers are diverged from each other, is it possible to identify and undo the conflicting changes?
We introduce gh-mysql-rewind, which combines multiple technologies to achieve auto-resolution of data divergence. This presentation explains how gh-mysql-rewind works, and how it is being tested in production to validate its operation.
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce Diane Mueller
Presenters: Jhon Honce
Cartridges allow developers to provide services running on top of the Red Hat OpenShift Platform-as-a-Service (PaaS). OpenShift already provides cartridges for numerous web application frameworks and databases. Writing your own cartridges allows you to customize or enhance an existing service, or provide new services. In this session, the presenter will discuss best practices for cartridge development and the latest changes in the OpenShift cartridge support.
* Latest changes made in the platform to ease cartridge development
* OpenShift Cartridges vs. plugins
* Outline for development of a new cartridge
* Customization of existing cartridges
* Quickstarts: leveraging a cartridge or cartridges to provide a complete application
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsBishop Fox
Learn the basics of network penetration testing success - an introduction to the top three tools that will help you on your security journey: Nmap, Netcat, and Metasploit. See how to use Nmap both for port scanning and vulnerability discovery. You'll also learn how to use Netcat to grab banners, make HTTP requests, and create both reverse and bind shells. Finally, we’ll learn the ins and outs of Metasploit, including how to integrate our Nmap scan results for even more ownage and using the built-in exploits to get shells.
At the end of this, you will be port scanning, creating payloads, and popping shells. This technical workshop is designed to familiarize you with the necessary tools to continue your ethical hacking journey. From here, take your l33t new skillz and apply them to Capture The Flag (CTF) competitions or scanning your home network for vulnerabilities.
(This was originally presented on February 22, 2010 at Day of Shecurity Boston 2019).
How to run system administrator recruitment process? By creating platform based on open source parts in just 2 nights! I gave this talk in Poland / Kraków OWASP chapter meeting on 17th October 2013 at our local Google for Entrepreneurs site. It's focused on security and also shows how to create recruitment process in CTF / challenge way.
This story covers mostly security details of this whole platform. There's great chance, that I will give another talk about this system but this time focusing on technical details. Stay tuned ;)
Is there a way to amend a MySQL split brain scenario? When two servers are diverged from each other, is it possible to identify and undo the conflicting changes?
We introduce gh-mysql-rewind, which combines multiple technologies to achieve auto-resolution of data divergence. This presentation explains how gh-mysql-rewind works, and how it is being tested in production to validate its operation.
OpenShift Origin Community Day (Boston) Writing Cartridges V2 by Jhon Honce Diane Mueller
Presenters: Jhon Honce
Cartridges allow developers to provide services running on top of the Red Hat OpenShift Platform-as-a-Service (PaaS). OpenShift already provides cartridges for numerous web application frameworks and databases. Writing your own cartridges allows you to customize or enhance an existing service, or provide new services. In this session, the presenter will discuss best practices for cartridge development and the latest changes in the OpenShift cartridge support.
* Latest changes made in the platform to ease cartridge development
* OpenShift Cartridges vs. plugins
* Outline for development of a new cartridge
* Customization of existing cartridges
* Quickstarts: leveraging a cartridge or cartridges to provide a complete application
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsBishop Fox
Learn the basics of network penetration testing success - an introduction to the top three tools that will help you on your security journey: Nmap, Netcat, and Metasploit. See how to use Nmap both for port scanning and vulnerability discovery. You'll also learn how to use Netcat to grab banners, make HTTP requests, and create both reverse and bind shells. Finally, we’ll learn the ins and outs of Metasploit, including how to integrate our Nmap scan results for even more ownage and using the built-in exploits to get shells.
At the end of this, you will be port scanning, creating payloads, and popping shells. This technical workshop is designed to familiarize you with the necessary tools to continue your ethical hacking journey. From here, take your l33t new skillz and apply them to Capture The Flag (CTF) competitions or scanning your home network for vulnerabilities.
(This was originally presented on February 22, 2010 at Day of Shecurity Boston 2019).
Managing and Visualizing your Replication Topologies with OrchestratorShlomi Noach
Introducing Orchestrator: a MySQL replication topology management service, that greatly simplifies DBA's tasks and enhances visibility on your topologies.
LAS16-309: Server Ecosystem: Xen on ARM, from Big Iron to IoT & LuaJIT status on Aarch64
Speakers: Ryan Arnold, Steve Capper, Julien Grall, Zheng Xu
Date: September 28, 2016
★ Session Description ★
Abstract Xen on ARM: The Xen port is exploiting this set of new hardware capabilities to run guest VMs in the most efficient way possible while keeping ARM specific changes to Xen and Linux to a minimum. ARM virtualization is set to be increasingly relevant for the embedded industry in the coming years.
Whilst Xen is best known as the technology powering the biggest clouds in the industry, it also a great fit for automotive deployments and mobile devices that can fit in your pocket. The talk will give concrete examples of the ways Xen can add value to your platforms, not only by providing an excellent general purpose virtualization solution, but also by providing simple, yet effective ways to partition the platform into different security domains.
This presentation will include a brief overview of the Xen on ARM architecture, covering the key design principles employed. The techniques pioneered during the ARM port that allowed the Xen community to remove many legacy components from the Xen code base, streamlining both the ARM and x86 implementations. The talk will conclude explaining how to port Xen to any new ARM boards with the least amount of effort.
Abstract LuaJIT: Lua is a scripting language commonly embedded by web front-ends. Enabling Lua JIT compilation can reduce CPU usage when handling huge amounts of network traffic. This year Linaro (and others) started to work on porting LuaJIT to AArch64. Though the work is not finished we have made good progress. This presentation will briefly introduce LuaJIT, discuss the technical challenges of porting
to AArch64, and address the progress of the porting effort and the next steps.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-309
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-309/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
LAS16-305: Smart City Big Data Visualization on 96BoardsLinaro
LAS16-305: Smart City Big Data Visualization on 96Boards
Speakers: Naresh Bhat, Ganesh Raju
Date: September 28, 2016
★ Session Description ★
Cities are getting identified as smart cities based on what and how data are used to do predictive analytics. Smart City as a phrase can have a wide spectrum of meaning. But there are two key things (Data and Analytics) that ‘smart’ refers to in smart city. With IoT gaining so much market attention, brings in the power to drive the implementation. Data collection, Storage and Analytics provide so much potential. This talk will go over a sample use case scenario utilizing ODPi based Hadoop eco system and H20 visualizations for analytics.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-305
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-305/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
Presenting "Pseudo GTID": a competitive technology to MySQL 5.6 GTID, with less overhead and constraints, running on top of you good-old-mysql-replication topology, no upgrades or agents required.
Pseudo GTID allows easy replication topology changes as well as easy recovery from master/intermediate master/slave crash.
Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120Linaro
"Session ID: BUD17-120
Session Name: Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120
Speaker: Stefan Schmidt
Track: LITE
★ Session Summary ★
Adding support for IEEE 802.15.4 and 6LoWPAN to an embedded Linux system opens up new possibilities to communicate with tiny devices. The mainline kernel
supports the wireless protocols to connect such devices to the internet, acting
as border router for such networks.
This talk will show the current kernel support, how to enable and configure the
subsystems to use it and how to communicate between Linux and IoT operating
systems like RIOT, Contiki or Zephyr.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/bud17/bud17-120/
Presentation: https://www.slideshare.net/linaroorg/linuxwpan-ieee-802154-and-6lowpan-in-the-linux-kernel-bud17120
Video: https://youtu.be/6YNeF2H2i-U
---------------------------------------------------
★ Event Details ★
Linaro Connect Budapest 2017 (BUD17)
6-10 March 2017
Corinthia Hotel, Budapest,
Erzsébet krt. 43-49,
1073 Hungary
---------------------------------------------------
Keyword: linux-wpan, kernel, IEEE, Stefan Schmidt
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
A Journey into Hexagon: Dissecting Qualcomm BasebandsPriyanka Aash
Mobile phones are quite complicated and feature multiple embedded processors handling wifi, cellular connectivity, bluetooth, and other signal processing in addition to the application processor. Have you ever been curious about how your phone actually makes calls and texts on a low level? Or maybe you want to learn more about the internals of the baseband but have no clue where to start. We will dive into the internals of a qualcomm baseband, tracing it's evolution over the years until its current state. We will discuss the custom, in-house DSP architecture they now run on, and the proprietary RTOS running on it. We will also cover the architecture of the cellular stack, likely places vulnerabilities lie, and exploit mitigations in place. Finally we will cover debugging possibilities, and how to get started analyzing the baseband firmware—how to differentiate between RTOS and cellular functions, how to find C std library functions, and more.
Pseudo GTID and Easy MySQL Replication Topology ManagementShlomi Noach
Use Pseudo GTID to refactor your MySQL replication topology even in face of master/intermediate master craches; use open source orchestrator to automate, visualize and persist your topologies
Command line interface,Program arguments and data streams,Program execution,Bash built-ins,Output stream redirection,Input stream redirection,Pipelining
Developed for the Denver Art Museum by Ashley Blewer, this slide-deck covers some of the basics of diagnosing issues with Archivematica. Ashley covers everything from the software components involved with Archivematica, to monitoring logs, system monitoring, and upgrading your system. The presentation concludes with some useful links for tech-savvy preservationists, and Archivematica-unfamiliar system's administrators!
Managing and Visualizing your Replication Topologies with OrchestratorShlomi Noach
Introducing Orchestrator: a MySQL replication topology management service, that greatly simplifies DBA's tasks and enhances visibility on your topologies.
LAS16-309: Server Ecosystem: Xen on ARM, from Big Iron to IoT & LuaJIT status on Aarch64
Speakers: Ryan Arnold, Steve Capper, Julien Grall, Zheng Xu
Date: September 28, 2016
★ Session Description ★
Abstract Xen on ARM: The Xen port is exploiting this set of new hardware capabilities to run guest VMs in the most efficient way possible while keeping ARM specific changes to Xen and Linux to a minimum. ARM virtualization is set to be increasingly relevant for the embedded industry in the coming years.
Whilst Xen is best known as the technology powering the biggest clouds in the industry, it also a great fit for automotive deployments and mobile devices that can fit in your pocket. The talk will give concrete examples of the ways Xen can add value to your platforms, not only by providing an excellent general purpose virtualization solution, but also by providing simple, yet effective ways to partition the platform into different security domains.
This presentation will include a brief overview of the Xen on ARM architecture, covering the key design principles employed. The techniques pioneered during the ARM port that allowed the Xen community to remove many legacy components from the Xen code base, streamlining both the ARM and x86 implementations. The talk will conclude explaining how to port Xen to any new ARM boards with the least amount of effort.
Abstract LuaJIT: Lua is a scripting language commonly embedded by web front-ends. Enabling Lua JIT compilation can reduce CPU usage when handling huge amounts of network traffic. This year Linaro (and others) started to work on porting LuaJIT to AArch64. Though the work is not finished we have made good progress. This presentation will briefly introduce LuaJIT, discuss the technical challenges of porting
to AArch64, and address the progress of the porting effort and the next steps.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-309
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-309/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
LAS16-305: Smart City Big Data Visualization on 96BoardsLinaro
LAS16-305: Smart City Big Data Visualization on 96Boards
Speakers: Naresh Bhat, Ganesh Raju
Date: September 28, 2016
★ Session Description ★
Cities are getting identified as smart cities based on what and how data are used to do predictive analytics. Smart City as a phrase can have a wide spectrum of meaning. But there are two key things (Data and Analytics) that ‘smart’ refers to in smart city. With IoT gaining so much market attention, brings in the power to drive the implementation. Data collection, Storage and Analytics provide so much potential. This talk will go over a sample use case scenario utilizing ODPi based Hadoop eco system and H20 visualizations for analytics.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-305
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-305/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
Presenting "Pseudo GTID": a competitive technology to MySQL 5.6 GTID, with less overhead and constraints, running on top of you good-old-mysql-replication topology, no upgrades or agents required.
Pseudo GTID allows easy replication topology changes as well as easy recovery from master/intermediate master/slave crash.
Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120Linaro
"Session ID: BUD17-120
Session Name: Linux-wpan: IEEE 802.15.4 and 6LoWPAN in the Linux Kernel - BUD17-120
Speaker: Stefan Schmidt
Track: LITE
★ Session Summary ★
Adding support for IEEE 802.15.4 and 6LoWPAN to an embedded Linux system opens up new possibilities to communicate with tiny devices. The mainline kernel
supports the wireless protocols to connect such devices to the internet, acting
as border router for such networks.
This talk will show the current kernel support, how to enable and configure the
subsystems to use it and how to communicate between Linux and IoT operating
systems like RIOT, Contiki or Zephyr.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/bud17/bud17-120/
Presentation: https://www.slideshare.net/linaroorg/linuxwpan-ieee-802154-and-6lowpan-in-the-linux-kernel-bud17120
Video: https://youtu.be/6YNeF2H2i-U
---------------------------------------------------
★ Event Details ★
Linaro Connect Budapest 2017 (BUD17)
6-10 March 2017
Corinthia Hotel, Budapest,
Erzsébet krt. 43-49,
1073 Hungary
---------------------------------------------------
Keyword: linux-wpan, kernel, IEEE, Stefan Schmidt
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
A Journey into Hexagon: Dissecting Qualcomm BasebandsPriyanka Aash
Mobile phones are quite complicated and feature multiple embedded processors handling wifi, cellular connectivity, bluetooth, and other signal processing in addition to the application processor. Have you ever been curious about how your phone actually makes calls and texts on a low level? Or maybe you want to learn more about the internals of the baseband but have no clue where to start. We will dive into the internals of a qualcomm baseband, tracing it's evolution over the years until its current state. We will discuss the custom, in-house DSP architecture they now run on, and the proprietary RTOS running on it. We will also cover the architecture of the cellular stack, likely places vulnerabilities lie, and exploit mitigations in place. Finally we will cover debugging possibilities, and how to get started analyzing the baseband firmware—how to differentiate between RTOS and cellular functions, how to find C std library functions, and more.
Pseudo GTID and Easy MySQL Replication Topology ManagementShlomi Noach
Use Pseudo GTID to refactor your MySQL replication topology even in face of master/intermediate master craches; use open source orchestrator to automate, visualize and persist your topologies
Command line interface,Program arguments and data streams,Program execution,Bash built-ins,Output stream redirection,Input stream redirection,Pipelining
Developed for the Denver Art Museum by Ashley Blewer, this slide-deck covers some of the basics of diagnosing issues with Archivematica. Ashley covers everything from the software components involved with Archivematica, to monitoring logs, system monitoring, and upgrading your system. The presentation concludes with some useful links for tech-savvy preservationists, and Archivematica-unfamiliar system's administrators!
Sematext's DevOps Evangelist, Stefan Thies (@seti321), takes a Docker Logging tour through the different log collection options Docker users have, the pros and cons of each, specific and existing Docker logging solutions, tooling, the role of syslog, log shipping to ELK Stack, and more. Q&A session at end.
21 people attended the July 2014 program meeting hosted by BDPA Cincinnati chapter. The topic was 'Open Source Tools and Resources'. The guest speaker was Greg Greenlee (Blacks In Technology).
'Open source' refers to a computer program in which the source code is available to the general public for use or modification from its original design. Open source code is typically created as a collaborative effort in which programmers improve upon the code and share the changes within the community. Open source sprouted in the technological community as a response to proprietary software owned by corporations. Over 85% of enterprises are using open source software. Managers are quickly realizing the benefit that community-based development can have on their businesses. This month, we put on our geek hats and detective gloves to learn how we can monitor our computers’ environments using open source tools. This meetup covered some of the most popular ‘Free and Open Source Software’ (FOSS) tools used to monitor various aspects of your computer environment.
Suricata: A Decade Under the Influence (of packet sniffing)Jason Williams
Having just celebrated it's 10th birthday, Suricata has learned a lot about monitoring network traffic during the past decade. Suricata today is more than IDS/IPS— it is also a metadata creating, lua scripting, multi threaded, json logging, rule alerting, network security monitoring beast. Development for Suricata is funded by the non-profit Open Information Security Foundation which, along with feedback and support from the community, has made Suricata what it is today. In this talk we will discuss various aspects of modern Suricata, such as deployment, alerting, rule writing, compilation, protocols, lua, and more. Join us for a look into where Suricata has been, what it does today, and where it's going to go in the future.
Eko10 workshop - OPEN SOURCE DATABASE MONITORINGPablo Garbossa
Most database products have their own auditing functionalities or plugins but they always involve overhead which means they end up having them turned off or with the bare minimum enabled.
In this workshop we will show how to get reliable logging for mysql and mongodb servers in a scalable and non intrusive way, its drawbacks and how we can build our own open source tools to achieve results similar to most commercial products.
Tools to sniff, process and act upon queries will be shared and we will show how simple is to set up and monitor a database environment so it can be replicated and grow horizontally. All the code needed will be published.
Low latency Logging (BrightonPHP - 18th Nov 2013)James Titcumb
Logging is an absolute must for any API or web application, but when starting out, questions such as "how can we do it without disrupting everything else" and "what is the easiest way to log" often come out. I'm going to explore a couple of infrastructure ideas to carry out what I call "high-performance, low-latency" logging to ensure minimal impact to the performance of the runtime application. The talk will show you that a really great logging architecture is a low-cost investment in your application that will definitely pay off in the long run.
You Can't Correlate what you don't have - ArcSight Protect 2011Scott Carlson
In this presentation we discuss gathering data with syslog-ng in order to properly feed your SIEM system such as ArcSight ESM. This presentation is from HP/ArcSight Protect 2011.
Most database products have their own auditing functionalities or plugins but they always involve overhead which means they end up having them turned off or with the bare minimum enabled.
In this workshop we will show how to get reliable logging for mysql and mongodb servers in a scalable and non intrusive way, its drawbacks and how we can build our own open source tools to achieve results similar to most commercial products.
Tools to sniff, process and act upon queries will be shared and we will show how simple is to set up and monitor a database environment so it can be replicated and grow horizontally. All the code needed will be published.
This is the talk I have given on Fedora Developer's Conference 2014 in Brno. It provides insight into the security features we added to rsyslog v7, integration into systemd journal, enhancements of the v8 engine and a glimpse at how to write rsyslog plugins in languages other than C.
Eko10 - Security Monitoring for Big Infrastructures without a Million Dollar ...Hernan Costante
Nowadays in an increasingly more complex and dynamic network its not enough to be a regex ninja and storing only the logs you think you might need. From network traffic to custom logs you won't know which logs will be crucial to stop the next attacker, and if you are not planning to spend a half of your security budget in a commercial solution we will show you a way to building you own SIEM with open source. The talk will go from how to build a powerful logging environment for your organization to scaling on the cloud and storing everything forever. We will walk through how to build such a system with open source solutions as Elasticsearch and Hadoop, and creating your own custom monitoring rules to monitor everything you need. The talk will also include how to secure the environment and allow restricted access to other teams as well as avoiding common pitfalls and ensuring compliance standards.
Application Logging in the 21st century - 2014.keyTim Bunce
Slides for my talk at the Austrian Perl Workshop in Salzburg on October 10th.
A video of the talk can be found at https://www.youtube.com/watch?v=4Qj-_eimGuE
Unit test your java architecture with ArchUnitJeremy Cook
From Confoo 2021.
Software architecture tends to be esoteric and intangible. The result of this is architectural drift, with the architecture losing the qualities it was promoting as the code evolves. This talk will introduce ArchUnit, a library that allows you to test your Java architecture. You'll see how to write unit tests that protect architectural characteristics in your code while making your architecture easier to understand for everyone in your team.
Tracking your data across the fourth dimensionJeremy Cook
How can you track all changes to your data across time? This talk will introduce you to the techniques you need to do that. We’ll examine the theory behind temporal database tables as well as the changes in the SQL:2011 standard that support them. We’ll also look at how you can implement temporal tables, both for DBMS that support SQL:2011 and those that don't. By the end of this talk you should be able to take your data to the fourth dimension.
MVC allows you to divide responsibilities in your application but offers no help in building the most critical part: the domain logic. This talk will introduce ways that can help you to encapsulate the richness of your domain. We'll look at patterns such as Action Domain Responder and Hexagonal Architecture before introducing Domain Driven Design. Find out how to get beyond MVC and begin modelling your domains in rich, powerful and reusable ways.
Given at TrueNorthPHP 2014:
"MVC presents a great way to divide responsibilities in your application but it offers no help in building the most critical part: the model or domain. This talk will introduce ways that can help you to encapsulate the richness of your domain. We'll look at Action Domain Response as a new way of thinking about the concepts presented in MVC before examining Hexagonal Architecture, allowing you to easily reuse your domain across multiple delivery mechanisms. We'll then finish with an introduction to Domain Driven Design, a technique that allows you to closely align your domain with the business problems it is solving while helping keep things well designed and easily maintainable. By the end of this talk you should have the knowledge needed to begin modelling your domains more powerfully while keeping them aligned to the real world problems they solve."
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
2. Who?
●
●
●
●
●
Ex-pat Englishman, now living in
Southern Ontario.
Web developer for 5 years, mostly
PHP.
(Almost) senior software engineer at
TribeHR.
Co-organiser of Guelph PHP User
Group.
Ex-professional musician.
11. What's wrong with
error_log?
●
Nothing at all but...
●
It's limited:
–
Have to format the message yourself.
–
Limited number of destinations.
–
Doesn't support logging levels defined
in RFC 5424.
15. Channels
●
●
●
A channel is a name or category for
a logger.
Each logger instance is given a
channel when instantiated.
Allows for multiple loggers, each
with a different channel.
16. Handlers
●
●
●
●
Handlers write log messages to a
storage medium.
Multiple handlers can be attached to
each logger.
Set lowest level handler logs at and
if it 'bubbles'.
Many handlers available or you can
write your own.
18. Formatters
●
●
Processes a log message into the
appropriate format for a handler.
Each handler has a default
formatter to use but this can be
overridden.
22. Processors
●
●
●
Used to amend or add to the log
message.
PHP callable, called when a
message is logged.
Built in processors available:
–
IntrospectionProcessor
–
WebProcessor
–
MemoryUsageProcessor
–
MemoryPeakUsageProcessor
–
ProcessIdProcessor
–
UidProcessor
27. Why Syslog?
●
●
Loggable events don't only happen
in code!
To get a full picture of what's going
on we need to monitor what's going
on in other services too.
28. Syslog basics
●
●
●
●
OS daemon to process log
messages.
Messages are assigned a facility,
such as auth, authpriv, daemon or
cron or a custom one.
Messages are also assigned a
severity, defined in RFC 5424.
Messages can be sent to files,
console or a remote location.
29. Which Syslog daemon
to use?
●
In part will depend on your OS.
●
Things to consider:
–
Syslog is the oldest with not as many
features.
–
Syslog-ng is produced under a dual
license.
–
Rsyslog fully featured and open
source.
30. Introduction to Rsyslog
●
Fork of syslog by Rainer Gerhards.
●
Drop in replacement for syslog.
●
●
Many, many features including
plugin system for extending.
Default syslogger in Debian, can be
installed on other distros too.
31. Remote logging with
Rsyslog
●
Rsyslog can be configured to work
in a client-server setup.
–
–
●
One or more machines are setup as
clients to forward log messages.
One machine is setup to receive and
store them.
Probably want to filter sender on the
receiving machine...
34. Leveling up with Rsyslog
●
●
Apache can send all error logs to syslog
directly.
Rsyslog can also monitor other log files
using the Text File Input module.
–
Example of monitoring Apache access log at
https://gist.github.com/joseph12631/2580615
37. What is Logstash?
●
●
●
Tool to collect, filter and output log
messages.
Built in web interface or richer web
interface project called Kibana
available.
Full information at
http://logstash.net/ and Kibana
demo at http://demo.logstash.net/
38. Installing Logstash
●
●
Current release is 1.3.3 and can be
downloaded from here.
Run from cli, use supervisord or an
init.d/upstart script (cookbook entry
on how to do this at
http://cookbook.logstash.net/).
40. Logstash config
●
●
●
When starting specify the path to a
config file for Logstash to use.
Three main sections: input, filter
and output.
Each section may have multiple
instances of each type.
44. What is Graylog2?
●
●
●
●
Log storage and search application.
Can accept thousands of messages
per second and store terabytes of
data.
Web interface for searching and
analytics.
Built in alerting and metrics.
46. Getting log messages into
Graylog2
●
Can accept log messages in 3
ways:
–
–
Syslog via UDP or TCP.
–
●
Graylog Extended Log Format (GELF)
via UDP .
AMQP.
Multiple Graylog2 server instances
can be run in parallel.
47. Graylog2 web interface
●
●
Main view shows recent log
messages and graphs of recent
message numbers.
Single message can be clicked on
to view all details for it.
●
Dashboard views.
●
Full search functionality.
●
Analytics dashboard and metrics.
51. Searches and streams
●
●
●
Web interface allows fine grained
searching by different fields.
Frequently used searches can be
saved as streams.
Streams can be marked as
favourites by users and can be
viewed as dashboards.
52. Stream alarms
●
●
Alarms can be sent for a stream
with user defined sensitivity.
Plugins for sending alarms include:
–
–
PagerDuty
–
HipChat
–
Twilio SMS
–
●
Email
Jabber/XMPP
You can also write your own
Of all the things you would come to a conference like this to hear about...
Crisscott.com seems to be Scott Mattocks.
Logging
Unit Testing
Configuration
Isolates features
Documented
You can't optimise what you can't measure...
How many people monitor log files regularly?
How many only look at them during a major crisis?
Many log files generated by many applications/pieces of software.
Last time want to be digging through this is in a crisis.
Mention that I can't tell you how to do this.
This talk will introduce some tools that can get you to this point.
Combination of tools will get you to a pro-active log monitoring solution.
Also mention that for each tool I'm talking about there are many alternatives...
Mention closed source alternatives.
Mention that this is being used in production at MRX.
Of course this will be different for everyone!
Also mention that it's specifically for logging errors, not informational or debug messages.
Difficult to format messages.
Destinations: file or email.
Define log levels in RFC 5425
Mention that there are many logging libraries but Monolog has seemed to have gained the most traction.
Describe what PSR-3 is.
PPI takes pieces of Zend 2, Sf2 and Doctrine2 and mashes them!
Silex allows you to register a Monolog provider.
Channel equates to facility in Syslog.
Makes it easy to use different loggers for different parts/functionality in an app.
The handlers constructor accepts the minimum log level that the handler should accept. Defaults differently depending on handler.
Handlers can be shared between multiple loggers.
Needs care when not bubbling! Add more specific handlers later.
Rotating File Handler: Creates one file per day but meant as a quick + dirty solution.
Mail handlers include native mail and Swiftmail handlers.
Pushover handler sends mobile notifications through the Pushover API.
HipChatHandler send notification to a HipChat chat room (Rafael Dohms wrote it)
FirePHP and ChromePHP write to FireBug or Chrome consoles. DEV ONLY!!
Use Handler::setFormatter() method to set the formatter for a handler.
Mention that logging a message accepts up to two arguments:
The message (string) and an array of context.
Mention that handlers added last are called first.
Mention that this takes away some of the repetition of adding context to each log message.
IntrospectionProcessor: Adds the line/file/class/method from which the log call originated.
WebProcessor: Adds the current request URI, request method and client IP to a log record.
MemoryUsageProcessor: Adds the current memory usage to a log record.
MemoryPeakUsageProcessor: Adds the peak memory usage to a log record.
ProcessIdProcessor: Adds the process id to a log record.
UidProcessor: Adds a unique identifier to a log record.
Problems often caused by the intersection of different pieces of software.
Mention that you can often replace the default syslog daemon in an OS.
Mention that not going into all features of Rsyslog, just focusing on remote logging.
Suggest 'man rsyslog' or 'man rsyslog.conf'.
Also mention that can use something like Rsyslog or IPTables to filter remote loggers.
Note this should be added to main rsyslog config file or a file that's included in it.
This is for UDP forwarding. TCP would use @@.
Mention that normally you would need just one of these.
Also that the corresponding port needs to be opened in the server config.
This would only load the handler for the remote logs. Still needs to be processed with other directives.
Note that if all you want is to centralise all of your logs this could be the solution...
Mention that Logstash is written in Java.
34 inputs, has 28 filters and 47 different outputs.
Varnishlog – input from Varnishes memory log.
Anonymize – anonymise fields using a consistent hash.
Grok – regex library for parsing log messages and processing matches.
Geoip – add geo data to ip addresses in log messages.
Mutate – General mutations (rename, remove, replace, modify) to fields.
Of course this will be different for everyone!
Discuss advantages and disadvantages to using Graylog or Logstash.
Mention that graylog server and elasticsearch are written in Java, web interface is a Rails app.
Mention login details for the demo – username admin or user, password graylog2.
Benefits of UDP – 'Fire and forget'.
Drawbacks of UDP – Lack of acknowledgement of receiving messages.
TCP can mitigate packet loss but slower.
AMQP guarantees delivery, but more complex to setup and run.
GELF is basically JSON. Ideal for sending messages from app code. Libraries in many languages, including a Monolog handler.