Category Archives: sysadmin

WINDOWS NTFS TRICKS COLLECTION

A collection of eye-opening NTFS tricks to do things that you normally can’t.

TRICK 1: CREATE FOLDERS WITHOUT PERMISSIONS (CVE-2018-1036/NTFS EOP) On Windows you can assign “special permissions” to folders like permissions that a user is allowed to create files in a folder, …

Source: MOV AX, BX Code depilation salon: Articles, Code samples, Processor code documentation, Low-level programming, Working with debuggers WINDOWS NTFS TRICKS COLLECTION

Apache vs Nginx: Practical Considerations | DigitalOcean

A comparison of Apache vs Nginx and what they are suitable for.

Apache and Nginx are the two most common open source web servers in the world. Together, they are responsible for serving over 50% of traffic on the internet. Both solutions are capable of handling diverse workloads and working with other software to

Source: Apache vs Nginx: Practical Considerations | DigitalOcean

AWS EC2 Virtualization 2017

A very good summary of the advancement of virtualization technologies used in AWS EC2. The newest instance type offered is simply AWS Bare Metal, which provides all the hardware access with little performance overhead, while still retaining the benefits of cloud – elasticity etc.

AWS EC2 Virtualization 2017: explaining the different virtualization types, from emulation and binary substitution, paravirtualization and Xen, PV, HVM, and PVHVM modes, and the new Nitro hypervisor

Amazon AWS S3 outage is breaking things for a lot of websites and apps

One of Amazon AWS service – specifically S3 – goes down (and recovers eventually) but many sites are affected. It’s not as bad as the Dyn DDoS attack but it’s a reminder how many companies now rely on Amazon to power their services.

Amazon’s S3 web-based storage service is experiencing widespread issues, leading to service that’s either partially or fully broken on websites, apps and..

Source: Amazon AWS S3 outage is breaking things for a lot of websites and apps

Edit (2017-03-03): Amazon released a summary of what happened. The tl;dr version is this: fat-fingered engineer.

AWS and Azure in Plain English

If you are not an architect-level user of AWS you will probably be lost in the ever growing list of AWS services. The non-obvious names (Cognito, Athena, anyone?) for the services doesn’t help. Now someone is attempting to provide a – sometimes tongue-in-cheek – explanation of those services. Well, it’s not exactly plain english, but good attempt anyway. An Azure version is also available.

  1. AWS in Plain English
  2. Azure in Plain English

Visual Studio Code September 2016 1.6

LOL. Microsoft accidentally “DDoS” npmjs.org in the new VS Code release. This is due to a feature in VS Code 1.7 sending a lot of non-cacheable requests. Thankfully they responded quickly and reverted VS Code to the old version.

These typings files drive the IntelliSense (code completions) experience in VS Code. The feature was so great that we started to overload the npmjs.org service.

Source: Visual Studio Code September 2016 1.6

Strange Loop – IP Spoofing

A very clear explanation to the DDoS problem that has been plaguing the Internet and recent advances in DDoS techniques.

The internet was originally created as a collection of equal connected peers. Everyone connected had equal rights, could consume content, produce content.

It was normal to host DNS or HTTP services on your home land-line.

But this is not possible anymore. It’s just too easy to knock unprotected websites off line.

Strange Loop – IP Spoofing

No POST after rm -rf / / Kernel & Hardware / Arch Linux Forums

This is pretty serious. Someone just bricked his laptop by executing a rm -rf / command as root in Linux. As in destroyed. None of your usual BIOS/UEFI prompts appear and no hotkeys can help to restore the firmware.

The root (pardon the pun) of the problem appears to be traced to the mounting of /sys/firmware/efi/efivars as rw by systemd. systemd maintainer (Poettering) refuses to fix the issue.

100_05201

Source: No POST after rm -rf / / Kernel & Hardware / Arch Linux Forums

Under-attack Linode resets passwords after logins leak onto web

First sustained DDoS attacks. Now password leaks. The bad news never ends for Linode, which is unfortunate, since they are a very cheap and viable alternative to AWS especially if you factor in ingress/egress traffic.

Linode’s woes continue: the server hosting biz has just run a system-wide password reset on customer accounts after two Linode.com user credentials were discovered “on an external machine.”

Source: Under-attack Linode resets passwords after logins leak onto web

2016-01-06 11.22 SGT: As of now, the site is still having intermittent access.
Capture

Let’s Encrypt – Entering Public Beta

Let’s Encrypt goes public beta. No more paying of ridiculous amounts for a simple SSL certificate. Yearly.

The process is still somewhat rough on the edges now. I expect it to get better when it goes 1.0. There’s another important thing to note when you’re using using certificates from Let’s Encrypt. In the interest of transparency, they publish the list of certificates issued by them. So if you’re uncomfortable about your domain appearing in a public website, you may want to reconsider.

Let’s Encrypt is a free, automated, and open certificate authority brought to you by the Internet Security Research Group (ISRG). ISRG is a California public benefit corporation, and is recognized by the IRS as a tax-exempt organization under Section 501(c)(3) of the Internal Revenue Code.

Source: Entering Public Beta