Recent Posts

[Notes] CISSP Chapter 1: Security Governance Through Principles and Policies

[Notes] CISSP Chapter 1: Security Governance Through Principles and Policies

The CIA Triad Confidentiality: Confidentiality terms: Integrity: Integrity terms: Availability: Availability terms: Other Security Concepts Evaluate and Apply Security Governance Principles Data Classification Organizational Roles and Responsibilities Security Control Frameworks Due Care and Due Diligence Developing Documents Threat Modeling Prioritization and Response Apply Risk-Based Management 

GlusterFS fix faulty bricks

GlusterFS fix faulty bricks

Great tutorial to manage glusterFS : readthedocs if you are getting error like volume add-brick: failed: Incorrect number of bricks supplied 1 with count 2 Then you are trying to add  distribute leg, which requires multiple bricks based on replication setting, try following command gluster vol add-brick <vol-name> <brick1><brick2>

List the SSL/TLS cipher suites a particular website offers

List the SSL/TLS cipher suites a particular website offers

 Command Line

Nmap with ssl-enum-ciphers 

This will be a very simple and and  faster way to get a list of available ciphers from a network service.  and nmap will provide a strength rating of strong, weak, or unknown for each available cipher. Which will help to determine overall strength of server security.

nmap --script ssl-enum-ciphers -p 443 www.example.com

To install nmap on osx run : brew install nmap

sslscan

sslscan is a also nice little utility to get details regarding website ssl.
To install on osx run : brew install sslscan

Online Tool

SSL Labs‘ website also have good tool to test tls/ssl ciphers and other utility.

Source : http://superuser.com/questions/109213/how-do-i-list-the-ssl-tls-cipher-suites-a-particular-website-offers

 

Fix Logitech MX Master Scroll Wheel Issue

Fix Logitech MX Master Scroll Wheel Issue

https://toemat.com/logitech-mx-master-fix/

OpenSSH 7.3 on CentOs 6.7

OpenSSH 7.3 on CentOs 6.7

A simple script to upgrade OpneSSH on CentOs 6.7. This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters 

List all users crontab entries

List all users crontab entries

for user in $(cut -f1 -d: /etc/passwd); do echo $user; crontab -u $user -l; done
Cache a large array: JSON, serialize or var_export?

Cache a large array: JSON, serialize or var_export?

http://techblog.procurios.nl/k/n618/news/view/34972/14863/cache-a-large-array-json-serialize-or-var_export.html

Keep sensitive info out of your email & chat logs

Keep sensitive info out of your email & chat logs

During work, We share passwords or some other sensitive piece of information with a friend or coworker. The problem is When you do it over chat or email, that data just got really insecure and easy to find, if some one got access of  your account, 

How to find the reason for a risky test in PHPUnit ?

How to find the reason for a risky test in PHPUnit ?

Recently I started phpUnit testing, and I found some of the test are flagging as risky. Most of the time I able figure bout reason but some time it very time consuming and also there isn’t any messages from PHPUnit.

PHPUnit 4.4.5 by Sebastian Bergmann.

Configuration read from phpunit.xml.dist

R.................R.R..R

Time: 14,17 seconds, Memory: 52,50Mb

OK, but incomplete, skipped, or risky tests!
Tests: 24, Assertions: 52, Risky: 4.

Finally I found a soultion and it is very simple( How I can forgot about -v flag !! )

 phpunit -v|--verbose              Output more verbose information.

Stay tuned, more testing related post probably writing 🙂

Writing modular JavaScript without polluting the global namespace

Writing modular JavaScript without polluting the global namespace

http://marcofranssen.nl/writing-modular-javascript-without-polluting-the-global-namespace/

HTML5 a tag download Attribute

HTML5 a tag download Attribute

In HTML5, you can download file when clicking on the link instead of redirecting to the file. Read More : http://www.w3schools.com/tags/att_a_download.asp