Nov 012016
 

Today I want to repost a great article first posted on sysadvent blog.

I think it’s a great post that show how to integrate different software to achieve a modern continuos integration.

Original article by:
Written by: Paul Czarkowski (@pczarkowski)
Edited by: Dan Phrawzty (@phrawzty)

Docker and the ecosystem around it have done some great things for developers, but from an operational standpoint, it’s mostly just the same old issues with a fresh coat of paint. Real change happens when we change our perspective from Infrastructure (as a Service) to Platform (as a Service), and when the ultimate deployment artifact is a running application instead of a virtual machine.

Even Kubernates still feels a lot like IaaS – just with containers instead of virtual machines. To be fair, there are already some platforms out there that shift the user experience towards the application (Cloud Foundry and Heroku come to mind), but many of them have a large operations burden, or are provided in a SaaS model only.

In the Docker ecosystem we are starting to see more of these types of platforms, the first of which was Dokku which started as a single machine Heroku replacement written in about 100 lines of Bash. Building on top of that work other, richer systems like Deisand Flynn have emerged, as well as custom solutions built in-house, like Yelp’s PaaSta.

Continue reading »

Flattr this!

Sep 192013
 

Fool those who try to portscan your system!
The Portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.

The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task

Continue reading »

Flattr this!

Jul 222012
 

Sometimes you have some firewall that don’t allows you to accept connection other than some specific ports let’s say that you can connect on your VPS or remote server only on the ports 80 (http) and 443 (https), but you need a port also for ssh to manage your vps/server but the port 443 is used by your Web server with its https protocol, so what can you do ?

This is where sslh comes in. It’s a really simple tool that wraps incoming connections to a port and then depending on protocol redirects it onto sshd back on port 22, or to your web server on localhost:443.
Continue reading »

Flattr this!

OpenVAS - Open Source Vulnerability Scanner

OpenVAS – Open Source Vulnerability Scanner

I thank Maurizio Pagani for allowing me to publish and translate his interesting presentation, published on http://babel.it. OpenVAS is a framework that includes services and tools for scanning and the complete managment of vulnerability. A vulnerability scanner is a tool that allows you to scan a target system (IP/HOSTNAME) based on a range of ports […]

How to put Varnish in front of your Webserver without doing any change.

Varnish is an open source “web accelerator” which you can use to speed up your website. It can cache certain static elements, such as images or javascript but you can also use it for other purposes such as Load balancing or some additional security, in general most of the people want to try it and […]