markruler

Log4J, JNDI, LDAP: JDK Changes Archeology

DISCLAIMER #1: THIS GIST IS INFORMATIONAL ONLY AND NOT A COMPLETE SECURITY GUIDANCE. Use this data with care, and please recheck the commits if you want to cite them as the source.

DISCLAIMER #2: JDK MITIGATIONS ARE NOT THE WHOLE STORY. THE REAL FIX IS IN LOG4J, UPGRADE TO AT LEAST 2.15.0 OR SET log4j2.formatMsgNoLookups=true. There might be more vectors than these mitigations cover. JDK mitigations shrink the attack surface, but they are not guaranteed to solve everything. I only checked this mitigates a few simple proof-of-concepts.

*TL;DR: Use JDK update releases that are less than 3 years old, and all known mitigations are there.

CMake를 왜 쓰는거죠?
좋은 툴은 Visual Studio 뿐입니다. 그 이외에는 전부 사도(邪道)입니다 사도! - 작성자

주의

이 문서는 CMake를 주관적으로 서술합니다
이 문서를 통해 CMake를 시작하기엔 적합하지 않습니다
https://cgold.readthedocs.io/en/latest/ 3.1 챕터까지 따라해본 이후 기본사항들을 속성으로 익히는 것을 돕기위한 보조자료로써 작성되었습니다

List of Linux networking tools

netstat (ss)

Displays contents of /proc/net files. It works with the Linux Network Subsystem, it will tell you what the status of ports are ie. open, closed, waiting, masquerade connections. It will also display various other things. It has many different options. Netstat (Network Statistic) command display connection info, routing table information etc. To displays routing table information use option as -r.

Sample output:

Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)    
tcp4 0 0 127.0.0.1.62132 127.0.0.1.http ESTABLISHED

Kubectl output options

Let's look at some basic kubectl output options.

Our intention is to list nodes (with their AWS InstanceId) and Pods (sorted by node).

We can start with:

kubectl get no

FWIW: I (@rondy) am not the creator of the content shared here, which is an excerpt from Edmond Lau's book. I simply copied and pasted it from another location and saved it as a personal note, before it gained popularity on news.ycombinator.com. Unfortunately, I cannot recall the exact origin of the original source, nor was I able to find the author's name, so I am can't provide the appropriate credits.

Effective Engineer - Notes

By Edmond Lau
Highly Recommended 👍
http://www.theeffectiveengineer.com/

What's an Effective Engineer?

Requirements

Minikube requires that VT-x/AMD-v virtualization is enabled in BIOS. To check that this is enabled on OSX / macOS run:

sysctl -a | grep machdep.cpu.features | grep VMX

If there's output, you're good!

Prerequisites

Table Of Content

Skip to the relevant sections if needed.

2-min tutorial to do it the quick-and-dirty-way
Concepts for resolving Git conflicts
Setting up different editors / tool for using git mergetool
- Finding out what mergetool editors are supported
mergetool simple code example for vimdiff
- Resolving conflict from a Git pull
Other great references and tutorials

Commit Message Conventions

These rules are adopted from the AngularJS commit conventions.

Goals
Generating CHANGELOG.md
- Recognizing unimportant commits
- Provide more information when browsing the history
Format of the commit message
Subject line

	#On macOS Mojave, this script must run in root, otherwise you will
	#get a runtime error due to "No permission" error when create raw socket

	import socket
	import io
	import struct
	import sys

	class flushfile(io.FileIO):
	def __init__(self, f):

	node {
	echo 'Results included as an inline comment exactly how they are returned as of Jenkins 2.121, with $BUILD_NUMBER = 1'
	echo 'No quotes, pipeline command in single quotes'
	sh 'echo $BUILD_NUMBER' // 1
	echo 'Double quotes are silently dropped'
	sh 'echo "$BUILD_NUMBER"' // 1
	echo 'Even escaped with a single backslash they are dropped'
	sh 'echo \"$BUILD_NUMBER\"' // 1
	echo 'Using two backslashes, the quotes are preserved'
	sh 'echo \\"$BUILD_NUMBER\\"' // "1"