Wednesday, August 14, 2019

IBM Guardium: Create an Alert / Policy / Classification

An alert is a message indicating that an exception or policy rule violation was detected.
Alerts are triggered in two ways:
  • correlation alert is triggered by a query that looks back over a specified time period to determine if alert threshold has been met. The Guardium Anomaly Detection Engine runs correlation queries on a scheduled basis. By default, correlation alerts do not log policy violations, but they can be configured to do that.
  • real-time alert is triggered by a security policy rule. The Guardium Inspection Engine component runs the security policy as it collects and analyzes database traffic in real time.

Friday, August 9, 2019

Troubleshooting WordPress Installation and Configuration Issue

Redhat Openshift made a change from Openshift online 2 to online 3. Deadline is end of Sep 2017. My blog www.51sec.org which was hosted at Red Hat Openshift Online 2 environment for last a couple of years has been migrated from Redhat Openshift Platform to AWS Linux Free Tier a couple of days ago before deadline. At the beginning, migration process was easy and smooth since I am keeping same domain 51sec.org.

Also Wordpress plug-in "All-in-One WP Migration" helped a lot during this process. Whole blog was exported to a 120M package. Unfortunately I still got a problem when access www.51sec.org site later which is running on AWS Linux instance.

There are a couple of issues I found while migration or building new site. This post is a summary those issues I found
1. PHP is out of memory.
2. WordPress Site and Home URL Change
3. Change Upload file limitation 2M

Friday, August 2, 2019

Find Website Real IP by Bypassing CDN


There are more and more websites using CDN (Content Delivery Network) to help deliver their contents to end users. It is faster, safer and more reliable. At the same time, CDN such as cloudflare company hides your real ip behind their public ip. Is there a way we can bypassing CDN and find out those websites' real ip addresses.

I found following a couple of websites can help you do that.

Tuesday, July 30, 2019

IBM Guardium: Configure a Database Vulnerability Assessment


This post is to record steps how to configure IBM Guardium to do  Vulnerability Assessment. In next couple of posts, I will write more about how to use Guardium to complete some basic task, just like this one. Please keep tuned.

Let me get it started now.

Sunday, July 14, 2019

Running WordPress in the Docker of AWS EC2 Instance

Docker is a technology that allows you to build, run, test, and deploy distributed applications that are based on Linux containers. Docker is already available on many different operating systems, including most modern Linux distributions, like Ubuntu, and even Mac OSX and Windows.If you are using Amazon EC2 already, you can launch an instance and install Docker to get started.

Youtube Video:


Saturday, July 13, 2019

Migrate WordPress Site from Ubuntu 16.04 to Ubuntu 18.04 at GCP VM and Cloud DB

I were using Ubuntu 16.04 as my web server and mysql server for quite a few years. They are all in the same server , either running in a docker container or in a service. For better performance, I decided to separate them to different layer. I am going to use GCP Cloud SQL service as my database layer.




Thursday, June 27, 2019

VanDyke SecureCRT and Putty Usage Tips and Tricks

VanDyke SecureCRT provides  IT pros a very user-friendly client to manage command line devices and SSH hosts with. Connecting to devices securely is one thing, and there are other products that can achieve this goal, but with SecureCRT, multiple connections can be managed in tabs to allow you to work between sessions without changing windows.

Here are some my favourite settings to customize SecureCRT:

1. Edit Default Settings for terminal Emulation
If you are using Linux devices, please choose Linux as your Terminal. For network / security devices, use VT100 will be best choice.

I also like to set Scrollback Buffer to 5000. If you choose ANSI color, the appearance color will be depending on the color codes sent by the remote application.