SEARCH KEYWORD -- Unix server security
A trap about PHP random number
The method to get random number in PHP is very simple, we only need to use rand() function. int rand ( int $min , int $max ) One function call can return the random number in a specified range. But in fact, the random number in computer is actually pseudorandomness, generally to increase the randomness, we may set a random seed before calling rand(). void srand ([ int $seed ] ) According to other language features, we should pass a time value as a parameter to the srand() function, generally...
Open source code libraries suffer from vulnerabilities
A study of how 31 popular open source code libraries were downloaded over the past 12 months found that more than a third of the 1,261 versions of these libraries had a known vulnerability and about a quarter of the downloads were tainted. The study was undertaken by Aspect Security, which evaluates software for vulnerabilities, with Sonatype, a firm that provides a central repository housing more than 300,000 libraries for downloading open source components and gets 4 billion requests pe...
Open source,Security,Vulnerability 2012-03-28 06:10:19
Google open sources its Collaborative IDE
July 9, 2012 news, Google engineer Scott Blum published an article on Google+ which revealed that Google would open source the Collaborative IDE. The project was named "Collide" (collaborative IDE), which is a Web collaborative code editor. Google hopes that Collide can serve as a catalyst for improving the state of web-based IDEs.Caution Collide does not have any proper auth, SSL support, or user account management just yet. Please consider that fact when running instances that expose important...
Google,Open source,Collide IDE 2012-07-09 10:55:20
The Five Stages of Hosting
As a proud VPS survivor, I thought it might be fun to write up five common options for hosting a web business, ranked in decreasing order of 'cloudiness'. People who aren't interested in this kind of minutia would be wise to pull the rip cord right here. 1. The Monastery You run your site on an 'application platform' like Heroku, Azure, or Google App Engine. You design your application around whatever metaphors and APIs the service lays out, and in return you are veiled from all t...
Website hosting,Recommendations,Stages,Advantages 2012-01-30 05:43:42
Handle NXDomain error when resolving IP address in Ruby DNS resolver
In another post, we covered how to resolve SystemStackError when resolving IP address in Ruby. In this post, we would cover another common issue where a NXDomain error is returned when resolving an IP address. The NXDomain error means that the queried domain name does not exist in the DNS. In Ruby, DNS resolver library will use /etc/resolv.conf by default get the name servers to resolve the domain name. There are multiple DNS name servers can be specified in /etc/resolv.conf with below format. ...
RUBY,RUBY ON RAILS,NETWORK,DNS,NXDOMAIN 2017-07-16 01:39:23
How DNS lookup works
When accessing a website, a domain name would be needed normally. To get to the actual web server, the domain name must be mapped to an actual IP address and the IP address will be used to reach the web server. The process of finding the IP address from a domain name is called DNS lookup. How does DNS lookup work? There are tons of domain name and IP address around the world, there must be some well-designed architecture to support fast lookup. This post will explain how this works. DNS Se...
DNS,DNS LOOKUP 2022-09-09 23:11:03
Different types of keystore in Java -- PKCS11
PKCS11 keystore is designed for hardware storage modules(HSM). It's an interface to talk to the HSMs. It doesn't actually store any keys but provide a set of classes to communicate with the underlying HSM. The actual keys and certificates are stored on the HSMs. The reason for storing the keys and materials is to ensure security and efficiency. Since the keys are on the HSMs, they are safe to be stolen. All encryption/decryption operations are performed on the HSMs as well, this incre...
New function signal.NotifyContext in GoLang 1.16
os/signal package in GoLang may not be frequently used but it provides some good features like Shutdown() which can be used to gracefully shutdown a running HTTP server. func (srv *Server) Shutdown(ctx context.Context) error With this function, there is no need to use third party library to gracefully shutdown HTTP server. How is it being used? package main import ( "context" "fmt" "net/http" "os" "os/signal" "time" ) func main() { server := http.Server{ Addr: ":8080", } http.Handl...
GOLANG,NOTIFYCONTEXT,GRACEFUL SHUTDOWN 2021-06-19 01:07:10
30 minutes to fix Java vulnerability
On September 25, Adam Gowdiak from the Polish security consulting firm Security Explorations submitted a Java security vulnerability to Oracle and provided a proof-of-concept. The vulnerability exists in Java 5 6,7, once the user accesses hosted malware site, an attacker can remotely control the infected machine.Gowdiak later got in touch again with Oracle and got the response that the fix has reached the final stage. He can expect the patch in four months later. He eventually unbearable Oracle'...
Java, Vulnerability,Fix 2012-10-29 11:53:43
aspã€phpã€asp.netã€jsp介ç»åŠä¼˜ç¼ºç‚¹æ¯”较
现在主æµçš„网站开å‘è¯è¨€æ— 外乎aspã€phpã€asp.netã€jspç‰ã€‚ 网页从开始简å•çš„hmtl到å¤æ‚çš„æœåŠ¡è¯è¨€ï¼Œèµ°è¿‡äº†10多个年头,å„ç§æŠ€æœ¯å±‚出ä¸ç©·ï¼Œå•ä¸ªçš„主æµæŠ€æœ¯ä¹Ÿåœ¨ä¸æ–翻新的版本,现在分...
RECENT
- Tips for Socializing With Friends During College
- Proximity Cards Do More Than Just Open Doors
- How to choose quality painted auto parts
- Oval engagement rings from MoonOcean: Elegance of form and individual approach
- Hologres vs AWS Redshift
- GoLand connect to Hologres
- A journey to investigate a goroutine leakage case
- Understanding Slice Behavior in Go
- Breaking Barriers: How 3D Printing is Democratizing Product Development
- The Power of Efficiency: 10 Practical Energy-Saving Tips for Tech Startups
- more>>