AWS – EC2

AWS – EC2

What ever kind of applications that you are running it’s pretty certain that you are going to need severs, Sometimes you need larger ones, Some time you need smaller ones, Sometimes you need one and sometimes you need thousands of them.

What if your requirement, you need to obtain services quickly and inexpensively? Traditionally provisioning servers can be time consuming and it could takes many days or weeks. You have to research into the right kind of hardware to buy and need to purchase the hardware, have it racked and stacked and eventually get access to your servers and once you purchase the servers you stuck with them.

Amazon Elastic Compute Cloud (EC2) makes it easy for you to obtain virtual servers also known as compute instances in the cloud quickly and inexpensively. You simply choose the instance type you want, the template you are going to use, the templates are based on Windows or Linux and launch the quantity you are going to need. You can do this by few clicks from the AWS management console or automate the process by APK using and SDK in your choice of language and within minuted your instances will be running and you have access full administrator control just like any other server and with Amazon EC2 you only pay for your use. Once you done with the instance, Stop them and you stop paying for them.

Amazon EC2 provides you different ranges of instance type design for different use-cases, these range from small and economical instances that are great for low volume applications, all the way up to cluster compute instances run for high performance compute workload and cloud based super-computing on demand.

Amazon EC2 provides instance optimized for compute, memory, storage and GPU processing enable you to find the right price and performance combinations for what ever workloads you want to run. It’s also really easy to resize your instances if your business or applications requirement change, Amazon EC2 offers a choice of flexible pricing options with on demand pricing you only pay for what you use, When you stop your instances you stop paying. There are no long term commitments or upfront fees. Reserved instance pricing lets you obtain a significant discount over the on demand pricing return for a low one time payment. Spot instance pricing lets you name the price that you want to pay for the instances using marketplace pricing and allow you to obtain compute capacity at significant discount than the on-demand price.

Amazon knows the security is very important for your applications and Amazon EC2 provides a number of built in security features your instances located on a virtual private cloud or a VPC, that is logically isolated network that you control. Amazon VPC provides you with a number of network security tools that you can use to control that who can access your instances. You can also connects securely to your on premises network with hardware based VPN device.

Amazon EC2 instances provides you various amount of directly attached temporary storage depends on instance type and you can also use Amazon Elastic Block store or EBS to provide persistent block storage fop your Amazon EC2 instances. Amazon EBS also offers you to the ability to provision storage with the specific level of performance to meets the needs of your application. They can be difficult to predict the demand of your application might experience an Amazon EC2 provides auto-scaling o help insure your applications demand are met Also auto-scaling lets you to define metrics increase or decrease the number of instances that you are running.
You can use standard metrics such as network,Bandwidth or CPU utilization with the custom metric you designed. This help you insure that you can meet your application demand with only pay for what you use.

 

AWS (Amazon Web Service)

AWS (Amazon Web Service)

AWS

 

AWS is the most comprehensive and widely adapted cloud platform. Millions of customers trust AWS to power their infrastructure and applications. Organizations that every type and size using AWS to lower cost,become more agile and innovate faster. AWS provides on demand delivery of technology services via internet with pay as you go pricing. You can use this services to build and run virtually any type of application without upfront cost and ongoing commitments. You only pay for what you use.

AWS gives you more services and more features within those services with any other cloud provider this makes faster,easier and most cost effective to moving your existing applications to the cloud and build anything you can imagine. For infrastructure technologies like compute,storage and databases to emerging technologies like machine learning,AI,DATA LAKES and Analytics and IoT.

Building on AWS means you can choose the right tool for the job. Eg WAS offers the wide availability of databases that purpose build for different types of applications. With AWS you can leverage the latest technology to experiment and innovate more quickly.

AWS are continually exhilarating the phase of innovation to invent entirely new technologies we can use to transform our business. Like pioneering the serverless computing phase by the launch of AWS lambda which lets developer run their code without provisioning or managing servers. And AWS build Amazon sage maker a fully managed machine learning service that powers everyday developers and scientists that use machine learning without any previous experience.

AWS is constantly expanding their global network of AWS regions, So you can access AWS services to build and run applications anywhere on the world. Each of these regions have multiple availability zones that are physically separated from each other, and connected through low latency high through put and highly redundant networking this make it easy to design and develop applications that are scalable, fault tolerance and highly available.

AWS infrastructure is build to satisfy the security standards of the most risk sensitive organizations. You have so access to the AWS partner network which has thousands of system integrator who are specialized in AWS services and hundred and thousands of independent software vendors who adapted technology to work on AWS with the largest community of customers across every industry AWS has unmatched experience and operational expertise you can depend on for your most important applications and every imaginable use cases.

Some of the most used AWS services are…

1,EC2 Services.

2,RDS

3,VPC

4,Route 53

5,Load Balancer.

 

Cloud Computing.

Cloud Computing.

What is Cloud Computing?

 

Cloud computing is an on demand delivery of IT resources via the internet with pay as you go pricing instead of buying and owning and maintaining physical data-centers and servers. You access technology service such as computing power,storage and databases on as needed basis from a cloud provider like AWS,AZURE,Google Cloud etc.

Organizations of every type and size industry are using the cloud for a wide verity of use-cases such as data backup, disaster recovery,email,virtual desktops,Software development and testing,big data analytics and customer facing web applications. For example the health care companies are using the cloud to develop more personalize treatment for patients. Financial services companies are using the cloud to power real time fraud detection and prevention and video-game makers are using the cloud to deliver online games to millions of players around the globe.

With cloud computing your business can be more agile,reduce cost,instantly scaled and deployed globally in minutes. Cloud computing provides you instant access to broad range of technologies that you can innovate-faster and build nearly anything like infrastructure services to compute,storage and databases to IoT to machine learning,data analytics and much more.

You can deploy technology services in a matter of minutes and get from idea to implementation several orders of magnitude faster than before. This gives you the freedom to experiment and test new ideas to differentiate customer experience and transform your business,Such as adding machine learning and intelligence to your applications in order to personalize your experience to your customers and improve their engagement.

You don’t need to make large upfront investments in hardware and overpay for capacity you don’t use, Instead you can use trade capital expense for variable expense and only pay for IT when you consumes it. With cloud computing you access resource from the cloud in real-time as they needed. You can scale these new resources up and down to grow and shrink capacity instantly as your business changed. Cloud computing also make it easy to expand to new regions and apply globally in minutes. For example AWS has infrastructure all around the world.Putting applications to closer proximity to end users reduced latency and improve their experiences.

No matter your location, size and industry the cloud frees you managing infrastructure and data-centers, So you can focus on what matters the most to your business.

Internet Protocol version 6 (IPv6) | Adding a Temporary IPv6 Address on Linux.

Internet Protocol version 6 (IPv6) | Adding a Temporary IPv6 Address on Linux.

IPv6 [Internet Protocol version 6]

Introduction.

Internet Protocol Version 6 (IPv6) is a network layer protocol that enables data communications over a packet switched network.

Packet switching involves the sending and receiving of data in packets between two nodes in a network. The working standard for the IPv6 protocol was published by the Internet Engineering Task Force (IETF) in 1998.

The IETF specification for IPv6 is RFC 2460. IPv6 was intended to replace the widely used Internet Protocol Version 4 (IPv4) that is considered the backbone of the modern Internet.

IPv4 currently supports a maximum of approximately 4.3 billion unique IP addresses. IPv6 supports a theoretical maximum of 2128 addresses (340,282,366,920,938,463,463,374,607,431,768,211,456 to be exact!).

IPv6 and IPv4 share a similar architecture. The majority of transport layer protocols that function with IPv4 will also function with the IPv6 protocol. Most application layer protocols are expected to be interoperable with IPv6 as well, with the notable exception of File Transfer Protocol (FTP)

An IPv6 address consists of eight groups of four hexadecimal digits. If a group consists of four zeros, the notation can be shortened using a colon to replace the zeros.

A main advantage of IPv6 is increased address space. The 128-bit length of IPv6 addresses is a significant gain over the 32-bit length of IPv4 addresses, allowing for an almost limitless number of unique IP addresses.

 

 

IPv6 features
—————-

* Supports source and destination addresses that are 128 bits (16 bytes) long.

* Requires IPSec support.

* Uses Flow Label field to identify packet flow for QoS handling by router.

* Allows the host to send fragments packets but not routers.

* Doesn’t include a checksum in the header.

* Uses a link-local scope all-nodes multicast address.

* Does not require manual configuration or DHCP.

* Uses host address (AAAA) resource records in DNS to map host names to IPv6 addresses.

* Uses pointer (PTR) resource records in the IP6.ARPA DNS domain to map IPv6 addresses to host names.

* Supports a 1280-byte packet size (without fragmentation).

* Moves optional data to IPv6 extension headers.

* Uses Multicast Neighbor Solicitation messages to resolve IP addresses to link-layer addresses.

* Uses Multicast Listener Discovery (MLD) messages to manage membership in local subnet groups.

* Uses ICMPv6 Router Solicitation and Router Advertisement messages to determine the IP address of the best default gateway.

 

Adding a Temporary IPv6 Address on Linux.
=================================

Using “IP”
———-

/sbin/ip -6 addr add <ipv6address>/<prefixlength> dev <interface>

eg: /sbin/ip -6 addr add 2001:49f0:2920::a2/64 dev eth0

 

Using “ifconfig”
——————

/sbin/ifconfig <interface> inet6 add <ipv6address>/<prefixlength>

eg: /sbin/ifconfig eth0 inet6 add 2001:49f0:2920::a2/64

 

Add an IPv6 route through a gateway
============================

Using “ip”
———–

/sbin/ip -6 route add <ipv6network>/<prefixlength> via <ipv6address>
¬ [dev <device>]

eg: /sbin/ip -6 route add default via 2001:49f0:2920::1

 

Using “route”
—————

/sbin/route -A inet6 add <ipv6network>/<prefixlength> gw
¬ <ipv6address> [dev <device>]

eg: /sbin/route -A inet6 add default gw 2001:49f0:2920::1

 

Removing an IPv6 address
====================

Using “ip”
————

/sbin/ip -6 addr del <ipv6address>/<prefixlength> dev <interface>

eg: /sbin/ip -6 addr del 2001:49f0:2920::a2/64 dev eth0

 

Using “ifconfig”
——————

/sbin/ifconfig <interface> inet6 del <ipv6address>/<prefixlength>

eg: /sbin/ifconfig eth0 inet6 del 2001:49f0:2920::a2/64

 

NoSql Injection

JavaScript (server-side) injection vulnerabilities are not limited. NoSQL database engines that process JavaScript containing user-specified parameters can also be vulnerable.  For example, MongoDB supports the use of JavaScript  functions for query specifications etc. Since MongoDB databases do not have strictly defined database schemas, using JavaScript for query syntax allows developers to write complex queries against disparate  document structures. For example,we have a MongoDB collection that contains some documents representing books, some documents representing movies, and some documents representing music albums.  This JavaScript query function  will select all the documents in the specified collection that were either written, filmed, or recorded in the specified time:

function()

{

var search_time = input_value;

return this.publishingTime == search_time ||

this.filmingTime == search_Time ||

this.recordingTime == search_Time;

}

If the application developer were building this application in PHP (for example), the source code might look like this:

$query = ‘function()

{

var search_time = ” .

$_GET[‘time’] . ”;’ .

‘return this.publishingTime == search_Time || ‘ .

this.filmingTime == search_Time || ‘ .

this.recordingTime == search_Time;}’;

$cursor = $collection->find(array(‘$where’ => $query));

This code uses the value of the request parameter “year” as the search
parameter. However, just as in a traditional SQL injection attack, since the query syntax is being constructed in an ad-hoc fashion  (i.e. query syntax concatenated along with user input), this code is vulnerable to a server-side JavaScript
injection attack. For example, this request would be an effective DoS attack against the system:
                  
                      http://server/app.php?year=1995′;while(1);var%20foo=’bar

credits : sql injection attacks and defence.
Firefox Developer Edition

Firefox Developer Edition

Mozilla Firefox Released Firefox Developer Edition

Built for those who build the Web

Introducing the only browser made for developers like you.

  • Designed for developers

    The only browser made just for developers, Firefox Developer Edition was created with your workflow in mind. Build, test, scale and more all from one place, for the first time ever.


  • Debug any browser

    Inspect and debug your app across any browser or device with Valence — a powerful, pre-installed extension that you’ll only find in Firefox Developer Edition.


  • Pixel-perfect coding

    Target screen sizes with the Responsive Design View and tweak your CSS on the fly with the built-in Style Editor for pixel-perfect coding.

    All your favorite dev tools and more

    Firefox Developer Edition brings your core dev tools together with some powerful new ones that will extend your ability to work across multiple platforms from one place. It’s everything you’re used to, only better. And only from Firefox.

    WebIDE

    Develop, deploy and debug Firefox OS apps directly in your browser, or on a Firefox OS device, with this tool that replaces App Manager.


Responsive Design View

See how your Website or Web app will look on different screen sizes without changing the size of your browser window.


Valence

Develop and debug your apps across multiple browsers and devices with this powerful extension that comes pre-installed with Firefox Developer Edition.


Web Audio Editor

Inspect and interact with Web Audio API in real time to ensure that all audio nodes are connected in the way you expect.


Page Inspector

Examine the HTML and CSS of any Web page and easily modify the structure and layout of a page.


Web Console

See logged information associated with a Web page and use Web Console to interact with Web pages using JavaScript.


JavaScript Debugger

Step through JavaScript code and examine or modify its state to help track down bugs.


Network Monitor

See all the network requests your browser makes, how long each request takes and details of each request.


Style Editor

View and edit CSS styles associated with a Web page, create new ones and apply existing CSS stylesheets to any page.



Pin It on Pinterest