Thursday, August 22, 2019

IBM Guardium Installation and Upgrade


Basic Installation 

The IBM Guardium V10.1 Software Appliance Technical Requirements can be found here: http://ibm.co/2gd5ZRq.  Additional installation detail can be found here: http://ibm.co/2h0exMw.


Friday, August 16, 2019

IBM Guardium Notes: Basic Configuration Notes (License, NTP, SMTP, Data Related, Backup, Schedule, LDAP, Syslog)

This post is a summary for those basic IBM Guardium configuration. The IBM Guardium products provide a simple, robust solution for preventing data leaks from databases and files, helping to ensure the integrity of information in the data center and automating compliance controls.


These are the key functional areas of Guardium's database security solution:
  • Vulnerability assessment. This includes not just discovering known vulnerabilities in database products, but also providing complete visibility into complex database infrastructures, detecting misconfigurations, and assessing and mitigating these risks.
  • Data discovery and classification. Although classification alone does not provide any protection, it serves as a crucial first step toward defining proper security policies for different data depending on its criticality and compliance requirements.

Wednesday, August 14, 2019

IBM Guardium: Create an Alert / Policy / Classification

An alert is a message indicating that an exception or policy rule violation was detected.
Alerts are triggered in two ways:
  • correlation alert is triggered by a query that looks back over a specified time period to determine if alert threshold has been met. The Guardium Anomaly Detection Engine runs correlation queries on a scheduled basis. By default, correlation alerts do not log policy violations, but they can be configured to do that.
  • real-time alert is triggered by a security policy rule. The Guardium Inspection Engine component runs the security policy as it collects and analyzes database traffic in real time.

Monday, August 12, 2019

Install Nginx, MariaDB and PHP (LNMP) on GCP Free Tier Ubuntu VM

I was using LAMP for my WordPress blog for quite a few years. Because of Google Cloud Platform free VM's limitation, I am always suffering the performance issue if put all of them into one machine. Since last year, I was keeping trying using a different type of technologies to help. I tried to use Docker, also I separated Mysql db into a different vm. All are working, but not a best solution for me until I find Nginx and MariaDB. This combination has less resource usage and also providing me a possibility to squeeze all components into one GCP free VM.

This post is used to record all steps and commands I used. You will find a YouTube video at the end of post to present the installation process. The whole steps will take 30 minutes to 45 minutes to complete.


Friday, August 9, 2019

Troubleshooting WordPress Issue

Redhat Openshift made a change from Openshift online 2 to online 3. Deadline is end of Sep 2017. My blog www.51sec.org which was hosted at Red Hat Openshift Online 2 environment for last a couple of years has been migrated from Redhat Openshift Platform to AWS Linux Free Tier a couple of days ago before deadline. At the beginning, migration process was easy and smooth since I am keeping same domain 51sec.org.

Also Wordpress plug-in "All-in-One WP Migration" helped a lot during this process. Whole blog was exported to a 120M package. Unfortunately I still got a problem when access www.51sec.org site later which is running on AWS Linux instance.

There are a couple of issues I found while migration or building new site. This post is a summary those issues I found
1. PHP is out of memory.
2. WordPress Site and Home URL Change
3. Change Upload file limitation 2M

Friday, August 2, 2019

Find Real IP of a Website bypassing CDN


There are more and more websites using CDN (Content Delivery Network) to help deliver their contents to end users. It is faster, safer and more reliable. At the same time, CDN such as cloudflare company hides your real ip behind their public ip. Is there a way we can bypassing CDN and find out those websites' real ip addresses.

I found following a couple of websites can help you do that.

Tuesday, July 30, 2019

IBM Guardium: Configure a Database Vulnerability Assessment


This post is to record steps how to configure IBM Guardium to do  Vulnerability Assessment. In next couple of posts, I will write more about how to use Guardium to complete some basic task, just like this one. Please keep tuned.

Let me get it started now.