HTTP Security Headers Check Tool - Security Headers Response (serpworx.com)
Tuesday, January 2, 2024
Wednesday, December 6, 2023
grep urls from bash script
grep -rnE "script|link" app/Views/ | awk '!/base_url/' | awk '!/site_url/' | grep -Eo "(http|https)://[a-zA-Z0-9./?=_%:-]*" | sort -u |uniq >> url.txt
Friday, October 13, 2023
Windows tool for creating a self-signed certificate
Windows tool
for creating a self-signed certificate.
https://sourceforge.net/projects/portecle/
kindly
install portecle tool from above link. The steps for creating the certificate
that we need are as given below :
1) Install
the tool from above link.
2) Go to File -> New Keystore -> PKCS #12. Click on Okay.
3) Go to Tools -> Generate Key Pair. Select RSA. Enter 2048 and click on
Okay.
4) Select SHA256 with RSA in the dropdown list. Enter roughly the details asked
in the form. Click on Okay.
5) Enter an Alias in the dialog box and click on Okay. Key Pair generation
successful message is displayed.
6) Now, right click on the keypair (identified by the alias) displayed and
click
on export.
The other opensource tool is - openSSL.
Wednesday, October 4, 2023
How To Create PKCS #12 For Your Application
This post is about creating PKCS #12 to serve e.g. your content via HTTPS in your application itself or in another web container (such a Tomcat or another application server).
The PKCS #12 format is a binary format for storing cryptography objects. It usually contains the server certificate, any intermediate certificates (i.e. chain of trust), and the private key, all of them in a single file. A PKCS #12 file may be encrypted and signed. PKCS #12 files are usually found with the extensions .pfx and .p12.
The PKCS #12 is similar to JKS format, but you can use it not only in Java but also in other libraries in C, C++ or C# etc, so I prefer this type of a keystore to be more general.
To use PKCS #12 inside your application, you have two way how to do it:
- Create your own self-signed SSL certificate
- Create a certificate using the Certificate Signing Request (CSR, a.k.a PKCS #10)
The first option is fast and simple, but not suitable for production environment. The second option is about creating CSR to be signed by any trusted Certificate Authority (CA).
Create your own self-signed SSL certificate
When you need to create a new certificate as quickly as possible, run the following two commands:
Generate a private key and a certificate in separated files using PEM format
openssl – the command for executing OpenSSL.
req – certificate request and certificate generating utility in OpenSSL.
-x509 – used to generate a self-signed certificate.
-newkey rsa:4096 - option to create a new certificate request and a new private key, rsa:4096 means generating an RSA key nbits in size.
-keyout myPrivateKey.pem – use the private key file myPrivateKey.pem as the private key to combining with the certificate.
-out myCertificate.crt – use myCertificate.crt as the output certificate name.
-days 3650 – specifies the number of days to certify the certificate for.
-nodes - a created private key will not be encrypted.
Combine a private key and a certificate into one key store in the PKCS #12 format
openssl – the command for executing OpenSSL.
pkcs12 – the PKCS #12 utility in OpenSSL.
-export - the option specifies that a PKCS #12 file will be created.
-out keyStore.p12 – specifies a filename to write the PKCS #12 file to.
-inkey myPrivateKey.pem – file to read private key from.
-in myCertificate.crt – the filename to read the certificate.
The wizard will prompt you for an export password. If filled, this password will be used as a key store password.
And that is all you need, use keyStore.p12 in your application.
Create a certificate using the Certificate Signing Request
Generate a private key and a certificate signing request into separated files
openssl – the command for executing OpenSSL.
req – certificate request and certificate generating utility in OpenSSL.
-newkey rsa:4096 - option to create a new certificate request and a new private key, rsa:4096 means generating an RSA key nbits in size.
-keyout myPrivateKey.pem – use the private key file myPrivateKey.pem as the private key to combining with the certificate.
-out request.csr – use request.csr as the certificate signing request in the PKCS #10 format.
-nodes - a created private key will not be encrypted.
Generate a certificate signing request from an existing private key
openssl – the command for executing OpenSSL.
req – certificate request and certificate generating utility in OpenSSL.
-new - generates a new certificate request.
-key myPrivateKey.pem – specifies the file to read the private key from.
-out request.csr – use request.csr as the certificate signing request in the PKCS#10 format.
Now it is time to send request.csr as a result of the previous step to your CA (Certificate Authority) to be signed.
You are almost done. When you get a new certificate for your request.csr from your CA, use it together with a private key to create a PKCS#12 file:
Combine a private key and a certificate into one key store in the PKCS #12 format
openssl – the command for executing OpenSSL.
pkcs12 – the PKCS #12 utility in OpenSSL.
-export - the option specifies that a PKCS #12 file will be created.
-out keyStore.p12 – specifies a filename to write the PKCS #12 file to.
-inkey myPrivateKey.pem – file to read private key from.
-in myCertificate.crt – the filename to read the certificate.
-certfile CA.crt – optional parameter to read additional certificates from, useful to create a complete trust chain.
The output file keyStore.p12 is what you need to add to your application. When you filled an export password use it as a key store password in a configuration file.
Tuesday, August 29, 2023
MYSQLCHECK - TABLE MAINTENANCE PROGRAM
MYSQLCHECK - TABLE MAINTENANCE PROGRAM
HELP
mysqlcheck --helpRUN PROGRAM
mysqlcheck employees staffTuesday, June 27, 2023
Linux Frequently asked interview questions as DevOps Point of View
Linux Frequently asked interview questions as DevOps Point of View:
1. What is Linux?
Linux is an open-source operating system kernel that serves as the foundation for many different distributions, known as Linux distributions or simply Linux distros.
2. What are the flavours of Linux?
Ubuntu,
CentOS,
Suse,
RedHat,
Debian.
3. What is the difference between UNIX and Linux?
UNIX is an older operating system that served as the inspiration for Linux. Linux is a Unix-like operating system that was developed independently but shares many similarities with UNIX.
4. What is the difference between a process and a thread in Linux?
A process is an instance of a program that is running on a system, while a thread is a lightweight process that shares the resources of a process.
5. What is the difference between a hard link and a soft link in Linux?
A hard link is a link to a file that points to the same inode as the original file, while a soft link (also known as a symbolic link) is a link to a file that points to the file's path.
6. What is a shell in Linux?
The shell is a command-line interpreter that allows users to interact with the operating system. It provides a way to execute commands and run programs.
7. What is a process in Linux?
A process is an instance of a running program. It represents the execution of a program in memory and includes information such as the program's code, data, and resources.
8. How can you check the memory usage of a Linux system?
The "free" command displays information about the system's memory usage, including total memory, used memory, free memory, and swap usage.
9. How do you find the IP address of a Linux system?
The "ifconfig" command displays network interface information, including IP addresses assigned to the system.
10. How do you find the list of running processes in Linux?
The "ps" command can be used to display a list of running processes. Adding options like "-ef" or "-aux" provides more detailed information.
11. How do you kill a process in Linux?
The "kill" command is used to terminate a process. It requires the process ID (PID) of the process to be killed. The PID can be obtained using the "ps" command.
12. What is the purpose of the "chmod" command in Linux?
The "chmod" command is used to change the permissions of files and directories in Linux. It can be used to grant or revoke read, write, and execute permissions.
13. How do you search for a file in Linux?
The "find" command allows you to search for files based on various criteria, such as name, size, or modification time. For example, "find / -name myfile.txt" searches for a file named "myfile.txt" starting from the root directory.
14. What is SSH?
SSH (Secure Shell) is a network protocol that provides a secure way to access and manage remote systems. It allows encrypted communication between a client and a server.
15. How do you connect to a remote Linux server using SSH?
You can connect to a remote Linux server using SSH by running the command "ssh username@hostname" in a terminal. Replace "username" with your username and "hostname" with the server's IP address or domain name.
16. What is the purpose of the "grep" command?
The "grep" command is used to search for specific patterns within files. It is commonly used for text searching and pattern matching.
17. How do you check the disk usage in Linux?
The "df" command displays information about disk space usage on file systems. Adding the "-h" option provides human-readable output.
18. How can you compress and decompress files in Linux?
The "gzip" command is used to compress files, creating a ".gz" file. To decompress a compressed file, you can use the "gunzip" command.
19. How do you check the disk space usage of a specific directory in Linux?
The "du" command is used to estimate the disk space usage of a directory and its subdirectories. Adding the "-h" option provides a more readable output.
20. How do you monitor system performance in Linux?
The "top" command is commonly used to monitor system performance in real-time. It displays information about CPU usage, memory usage, running processes, and more.
21. What is a package manager in Linux?
A package manager is a tool used to manage software packages in a Linux distribution. It handles package installation, updates, and removal. Examples of package managers are "apt" for Debian-based distributions and "yum" for Red Hat-based distributions.
22. How do you install software in Linux?
The method of installing software in Linux depends on the distribution. For Debian-based distributions like Ubuntu, you can use the "apt" or "apt-get" command. For Red Hat-based distributions like CentOS, you can use the "yum" or "dnf" command.
23. How do you add a user in Linux?
The "useradd" command is used to add a user in Linux. For example, "useradd username" creates a new user with the username specified.
24. How do you change the password for a user in Linux?
The "passwd" command is used to change the password for a user in Linux. Running "passwd username" prompts you to enter a new password for the specified user.
25. What is the purpose of the "cron" daemon in Linux?
The "cron" daemon is a time-based job scheduler in Linux. It allows users to schedule and automate the execution of commands or scripts at specified intervals or times.
26. How do you schedule a cron job in Linux?
To schedule a cron job, you can use the "crontab" command. Running "crontab -e" opens the user's crontab file, where you can specify the command or script to be executed and the schedule.
27. What is the difference between SSH and SSL?
SSH (Secure Shell) is a network protocol used for secure remote access and management of systems. SSL (Secure Sockets Layer) is a security protocol used to establish secure encrypted connections between clients and servers, commonly used for secure web communication (HTTPS).
28. How do you check the network connectivity in Linux?
The "ping" command is used to check network connectivity between your machine and a remote host. Running "ping hostname" sends ICMP echo requests to the specified hostname or IP address and displays the response time.
29. What is a firewall in Linux?
A firewall is a network security tool that filters incoming and outgoing network traffic based on predefined rules. It helps protect systems from unauthorized access and network-based attacks.
30. What is a RAID in Linux?
RAID (Redundant Array of Independent Disks) is a technology used to combine multiple physical disk drives into a single logical unit. It provides improved performance, data redundancy, or a combination of both, depending on the RAID level used.
31. How do you create a partition in Linux?
The "fdisk" command is commonly used to create partitions in Linux.
Monday, June 12, 2023
AWS important questions
Which pillar of the AWS Well-Architected Framework recommends maintaining infrastructure as code?
A company uses reserved EC2 instances across multiple units with each unit having its own AWS account. However, some of the units under-utilize their reserved instances while other units need more reserved instances. As a Cloud Practitioner, which of the following would you recommend as the most cost-optimal solution?
A photo sharing web application wants to store thumbnails of user-uploaded images on Amazon S3. The thumbnails are rarely used but need to be immediately accessible from the web application. The thumbnails can be regenerated easily if they are lost. Which is the most cost-effective way to store these thumbnails on S3?
A data analytics company is running a proprietary batch analytics application on AWS and wants to use a storage service which would be accessed by hundreds of EC2 instances simultaneously to append data to existing files. As a Cloud Practitioner, which AWS service would you suggest for this use-case?
Subscribe to:
Posts (Atom)