Tuesday, September 9, 2014

software

  • Google Play
Google Play, formerly the Android Market, is a digital distribution platform operated by Google. It is the official app store for the Android operating system, allowing users to browse and download applications developed with the Android SDK and published through Google.
http://en.wikipedia.org/wiki/Google_Play


  • App Store (iOS)
The App Store is a digital distribution platform for mobile apps on iOS, developed and maintained by Apple Inc. The service allows users to browse and download applications that were developed with Apple's iOS SDK.
The apps can be downloaded directly to an iOS device, or onto a personal computer via iTunes (also developed and maintained by Apple Inc.).
http://en.wikipedia.org/wiki/App_Store_%28iOS%29

  • Instagram
Instagram is an online mobile photo-sharing, video-sharing and social networking service that enables its users to take pictures and videos, apply digital filters to them, and share them on a variety of social networking services, such as Facebook, Twitter, Tumblr and Flickr.
Users are also able to record and share short videos lasting for up to 15 seconds.
Instagram is distributed through the Apple App Store, Google Play, and Windows Phone Store.
Support was originally available for only the iPhone, iPad, and iPod Touch;
in April 2012, support was added for Android camera phones.
http://en.wikipedia.org/wiki/Instagram



  • Vine is a short-form video sharing service. Founded in June 2012, it was acquired by microblogging website Twitter in October 2012, just prior to its official launch.
The service allows users to record and edit six-second long video clips, which can be then published through Vine's social network and shared on other services such as Facebook and Twitter. Vine's app can also be used to browse through videos posted by other users, along with groups of videos by theme, and trending videos.
http://en.wikipedia.org/wiki/Vine_%28software%29

  • WhatsApp
WhatsApp Messenger is a proprietary, cross-platform instant messaging subscription service for smartphones and selected feature phones that uses the internet for communication. In addition to text messaging, users can send each other images, video, and audio media messages as well as their location using integrated mapping features.
http://en.wikipedia.org/wiki/WhatsApp


  • Wickr
Wickr (pronounced "wicker") is the name of a proprietary instant messenger for iPhone and Android and of the company that produces it. Wickr allows users to exchange end-to-end encrypted and self-destructing messages, including photos and file attachments
http://en.wikipedia.org/wiki/Wickr

hardware

  •  Smartphone
 A smartphone (or smart phone) is a mobile phone with more advanced computing capability and connectivity than basic feature phones.
 Early smartphones typically combined the features of a mobile phone with those of another popular consumer device, such as a personal digital assistant (PDA), a media player, a digital camera, and/or a GPS navigation unit. Later smartphones include all of those plus the features of a touchscreen computer, including web browsing, Wi-Fi, and 3rd-party apps.
 http://en.wikipedia.org/wiki/Smartphone


  •  iPod Touch
 The iPod Touch (stylized and marketed as iPod touch) is a multi-purpose pocket computer designed and marketed by Apple Inc. with a user interface that is touchscreen-based. It can be used as a music and video player, digital camera, handheld game device, and personal digital assistant (PDA).It connects to the Internet through Wi-Fi base stations and is therefore not a smartphone, though its design and iOS operating system are very similar to Apple's iPhone.
 http://en.wikipedia.org/wiki/IPod_Touch

  •  iPhone
 a line of smartphones designed and marketed by Apple Inc.
 It runs Apple's iOS mobile operating system
 There are seven generations of iPhone models, each accompanied by one of the six major releases of iOS.
 http://en.wikipedia.org/wiki/IPhone


  •  A Chromebook is a laptop running Chrome OS as its operating system. The devices are designed to be used primarily while connected to the Internet, with most applications and data residing "in the cloud". A Chromebook is an example of a thin client.
http://en.wikipedia.org/wiki/Chromebook

  • iPad
a line of tablet computers designed and marketed by Apple Inc. which runs Apple's iOS.
The user interface is built around the device's multi-touch screen, including a virtual keyboard.
The iPad has built-in Wi-Fi and, on some models, cellular connectivity
An iPad can shoot video, take photos, play music, and perform Internet functions such as web-browsing and emailing. Other functions—games, reference, GPS navigation, social networking, etc.—can be enabled by downloading and installing apps.
http://en.wikipedia.org/wiki/IPad

  • iPad Mini
a line of mini tablet computers designed, developed, and marketed by Apple Inc
It is a sub-series of the iPad line of tablets, with a reduced screen size of 7.9 inches, in contrast to the standard 9.7 inches
http://en.wikipedia.org/wiki/IPad_Mini


  • Google Nexus
a line of consumer electronic devices that run the Android operating system.
The product family consists mostly of mobile devices—five smartphones and three tablet computers
the devices currently available in the line are the Nexus 5 smartphone (made with partner LG Electronics), second generation Nexus 7 tablet (made with Asus), and Nexus 10 tablet (made with Samsung).
Nexus devices are the first Android devices to receive updates to the operating system.
http://en.wikipedia.org/wiki/Google_Nexus

  • Kindle Fire
The Kindle Fire is a mini tablet computer version of Amazon.com's Kindle e-book reader.
Kindle Fire has a color 7-inch multi-touch display with IPS technology and runs a custom version of Google's Android operating system called Fire OS.
The device—which includes access to the Amazon Appstore, streaming movies and TV shows, and Kindle's e-books
http://en.wikipedia.org/wiki/Kindle_Fire


  • Tablet computer
A tablet computer, or simply tablet, is a mobile computer with display, circuitry and battery in a single unit. Tablets are equipped with sensors, including cameras, microphone, accelerometer and touchscreen, with finger or stylus gestures replacing computer mouse and keyboard. Tablets may include physical buttons, e.g., to control basic features such as speaker volume and power and ports for network communications and to charge the battery. An on-screen, pop-up virtual keyboard is usually used for typing. Tablets are typically larger than smart phones or personal digital assistants at 7 inches (18 cm) or larger, measured diagonally
http://en.wikipedia.org/wiki/Tablet_computer

  • personal digital assistant (PDA)
A personal digital assistant (PDA), also known as a palmtop computer, or personal data assistant, is a mobile device that functions as a personal information manager. PDAs are largely considered obsolete with the widespread adoption of smartphones.
Nearly all current PDAs have the ability to connect to the Internet. A PDA has an electronic visual display, enabling it to include a web browser, all current models also have audio capabilities enabling use as a portable media player, and also enabling most of them to be used as mobile phones. Most PDAs can access the Internet, intranets or extranets via Wi-Fi or Wireless Wide Area Networks. Most PDAs employ touchscreen technology.
http://en.wikipedia.org/wiki/Personal_digital_assistant

  • laptop
A laptop is a portable personal computer with a clamshell form factor, suitable for mobile use.They are also sometimes called notebook computers or notebooks
http://en.wikipedia.org/wiki/Laptop

operating system

  •  iOS (previously iPhone OS) is a mobile operating system developed by Apple Inc. and distributed exclusively for Apple hardware. It is the operating system that powers many of the company's iDevices.
 Originally unveiled in 2007 for the iPhone, it has been extended to support other Apple devices such as the iPod Touch (September 2007), iPad (January 2010), iPad Mini (November 2012) and second-generation Apple TV onward (September 2010).
 http://en.wikipedia.org/wiki/IOS


  •  iOS 8 is the eighth major release of the iOS mobile operating system designed by Apple Inc. as the successor to iOS 7.
Many of the features and highlights of iOS 8 have seem to come from previous versions of Android, and even Windows Phone.
http://en.wikipedia.org/wiki/IOS_8

  •  Chrome OS is a Linux kernel-based operating system designed by Google to work primarily with web applications
The user interface takes a minimalist approach and consists almost entirely of just the Google Chrome web browser
This means that Chrome OS is almost a pure web thin client OS
Chrome OS is built upon the open source project called Chromium OS[10] which, unlike Chrome OS, can be compiled from the downloaded source code.
Chrome OS is the commercial version installed on specific hardware from Google's manufacturing partners.
http://en.wikipedia.org/wiki/Chrome_OS

  • Chromium OS is a Linux-based operating system designed by Google to work exclusively with web applications. It is the open source development version of Chrome OS.
http://en.wikipedia.org/wiki/Chromium_OS

  • Android (operating system)
Android is a mobile operating system (OS) based on the Linux kernel that is currently developed by Google.
http://en.wikipedia.org/wiki/Android_%28operating_system%29

GeoJSON

  •  GeoJSON is a format for encoding a variety of geographic data structures.
 http://geojson.org/

Geography Markup Language (GML)

  • Geography Markup Language (GML)
 The OpenGIS® Geography Markup Language Encoding Standard (GML) The Geography Markup Language (GML) is an XML grammar for expressing geographical features. GML serves as a modeling language for geographic systems as well as an open interchange format for geographic transactions on the Internet
 http://www.opengeospatial.org/standards/gml


  •  OGC Web Services Context Document defines the application state of an OGC Integrated Client
 http://en.wikipedia.org/wiki/Open_Geospatial_Consortium


  •  The ISO 19100 is a series of standards for defining, describing, and managing geographic information
 http://www.slideshare.net/Databaseguys/iso-19100-geographic-information-and-geomatics
 

PostGIS

  •  PostGIS
 PostGIS is a spatial database extender for PostgreSQL object-relational database. It adds support for geographic objects allowing location queries to be run in SQL.
 http://postgis.net/

Intrusion detection system (IDS / IPS)

  •  Intrusion detection system
 An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and host based (HIDS) intrusion detection systems.
 http://en.wikipedia.org/wiki/Intrusion_detection_system

  •  Intrusion prevention system
 Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it
 http://en.wikipedia.org/wiki/Intrusion_prevention_system

  • IPS vs IDS vs Firewall
firewall prevents malicious traffic
Passive IDS: the IDS only reports that there was an intrusion.
Active IDS: the IDS also takes actions against the issue to fix it or at least lessen its impact.

Firewall - A device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected

Intrusion Detection System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected a log message is generated detailing the event.

Intrusion Prevention System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected the packet is rejected.

The IDS only monitors traffic. The IDS contains a database of known attack signatures. And it compares the inbound traffic against to the database. If an attack is detected then the IDS reports the attack.

http://security.stackexchange.com/questions/44931/difference-between-ids-and-ips-and-firewall


  • The differences between an IDS and a firewall are that the latter prevents malicious traffic, whereas the IDS:

    Passive IDS: the IDS only reports that there was an intrusion.
    Active IDS: the IDS also takes actions against the issue to fix it or at least lessen its impact.

However, what's the difference between an IPS and a Firewall? Both are a preventative technical control whose purpose is to guarantee that incoming network traffic is legitimate.


    Firewall - A device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected.
    Intrusion Detection System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected a log message is generated detailing the event.
    Intrusion Prevention System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected the packet is rejected.


http://security.stackexchange.com/questions/44931/difference-between-ids-and-ips-and-firewall


  • WAF vs IPS
IPS’s deal with packets, while WAF’s work within sessions

WAFs must understand not just protocol behavior, like HTTP GET, POST, HEAD, etc, but also JavaScript, SQL, HTML, XML, Cookies, etc. This application layer logic is fundamental to the operation of a WAF but not required for IPS functionality, and therefore not typically implemented on an IPS

Baselining is available on IPS and WAF, but the similarity stops with the name. IPS baselining consists of statistical deviations in throughput and traffic flows. WAF baselining involves URL, Parameter, HTTP Method, Session, and Cookie mapping. A WAF knows no concept of bandwidth utilization for baselining, just an IPS doesn’t know if a given URL is supposed to accept HTTP POSTs or GETs.

IPS signatures are looked at by companies as a means to virtually patch their PC’s ahead of an actual being patch or update being available or fully rolled out. This level of protection isn’t available on an IPS when specific application-layer vulnerabilities exist or when custom written web-application code has some new vulnerability. This is where the WAF provides a measure of protection not available on an IPS, due to the application-awareness of the WAF.

WAF deployments are focused on web applications and web application traffic, while IPS deployments are typically done at the network level inspecting all packets.
https://practical.wordpress.com/2009/12/28/waf-vs-ips-or-four-things-your-ips-cant-do/

  • Security: IDS vs. IPS Explained
an IPS has all the features of a good IDS, but can also stop malicious traffic from invading the enterprise.
In addition, an IPS can respond to a detected threat in two other ways. It can reconfigure other security controls, such as a firewall or router, to block an attack. Some IPS devices can even apply patches if the host has particular vulnerabilities. In addition, some IPS can remove the malicious contents of an attack to mitigate the packets, perhaps deleting an infected attachment from an email before forwarding the email to the user.
http://www.comparebusinessproducts.com/fyi/ids-vs-ips

  • Intrusion Detection FAQ: What is the difference between an IPS and a Web Application Firewall?
An IPS generally sits in-line and watches network traffic as the packets flow through it. It acts similarly to an Intrusion Detection System (IDS) by trying to match data in the packets against a signature database or detect anomalies against what is pre-defined as "normal" traffic
WAFs are designed to protect web applications/servers from web-based attacks that IPSs cannot prevent. In the same regards as an IPS, WAFs can be network or host based. They sit in-line and monitor traffic to and from web applications/servers. Basically, the difference is in the level of ability to analyze the Layer 7 web application logic.
https://www.sans.org/security-resources/idfaq/ips-web-app-firewall.php


  • Perimeter’s Host Intrusion Detection and Prevention System (HIDS/HIPS) is our premier
service designed to protect your most critical data and servers on your network. It
provides an additional layer of defense beyond services such as a managed firewall,
Network Intrusion Prevention Systems (NIPS) and signature-based anti virus software.
HIDS/HIPS relies on a learning pattern for both known and unknown types of malicious
activity. Rather than relying on signature matching for specific attacks, the behavior-
based rules associated with HIDS/HIPS products monitor and deny malicious activity
patterns. HIDS/HIPS monitors and alerts security operations personnel if activity is
suspicious
http://www.falkensecurenetworks.com/PDFs/HIDS-HIPS[1].pdf

  • Host based intrusion detection (HIDS) refers to intrusion detection that takes place on a single host system. Currently, HIDS involves installing an agent on the local host that monitors and reports on the system configuration and application activity. Some common abilities of HIDS systems include log analysis, event correlation, integrity checking, policy enforcement, rootkit detection, and alerting1. They often also have the ability to baseline a host system to detect variations in system configuration.
https://www.sans.org/security-resources/idfaq/what-is-a-host-intrusion-detection-system/1/24

  •  "OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows.
http://ossec.github.io/

  •  The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.Samhain been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as a standalone application on a single host.Samhain is an open-source multiplatform application for POSIX systems (Unix, Linux, Cygwin/Windows).
http://la-samhna.de/samhain/index.html


  • HIDS vs NIDS and which one is better and why?

It’s just that the placement in different. HIDS is placed on each host whereas NIDS is placed in the network. For an enterprise, NIDS is preferred as HIDS is difficult to manage, plus it consumes processing power of the host as well.
https://www.greycampus.com/blog/information-security/top-cyber-security-interview-questions

  • Snort

Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire.
http://www.snort.org/

  • Differences Between IPS and Firewalls


An IPS will inspect content of the request and be able to drop, alert, or potentially clean a malicious network request based on that content.
A firewall will block traffic based on network information such as IP address, network port and network protocol. 

https://its.umich.edu/enterprise/wifi-networks/network-security/ips-vs-firewalls

  • A firewall permits and blocks traffic by port/protocol rules.  However, an attacker can use legitimate ports to send illegitimate traffic.  An IPS looks at the contents of the packets and/or can correlate over time to determine if an attack is happening.  An IPS works in tandem with a firewall to make sure that the traffic the firewall permitted is actual legitimate traffic.
https://learningnetwork.cisco.com/s/question/0D53i00000KstPg/ips-vs-firewall







Thursday, September 4, 2014

Terms,Organizations

  • The Single Euro Payments Area (SEPA) is a payment-integration initiative of the European Union for simplification of bank transfers denominated in euro. As of February 2014, SEPA consists of the 28 EU member states, the four members of the EFTA (Iceland, Liechtenstein, Norway and Switzerland), Monaco and San Marino
  •  The European Free Trade Association (EFTA) is a free trade organisation between four European countries that operates in parallel with – and is linked to – the European Union (EU). The EFTA was established on 3 May 1960 as a trade bloc-alternative for European states who were either unable or unwilling to join the then-European Economic Community (EEC) which has now become the EU  

credit card

  • AVS (Address Verification Service): determines if the address provided by the customer matches the address of the credit card


  • CVV (Code Verification Value): the three or four digit number on the back of a credit card
providing these numbers ensures that the card is in the hand of its owner
This is also known as CSC (Card Security Code), CVC (Card Verification Code), and V-Code,depending on the card scheme norms and region

Backend as a service (BaaS)

These services are provided via the use of custom software development kits (SDKs) and application programming interfaces (APIs)

Platform as a service (PaaS)

  • Minishift is a tool that helps you run OpenShift locally by launching a single-node OpenShift cluster inside a virtual machine. With Minishift you can try out OpenShift or develop with it, day-to-day, on your local machine.

  • https://www.openshift.org/minishift/

  • OpenShift Online is Red Hat’s public cloud application development and hosting service. On-Demand Access.

  •     OpenShift Dedicated is Red Hat’s managed private cluster offering for Enterprises. Own OpenShift cluster + operated by Red Hat.
        OpenShift Container Platform  is Red Hat’s on-premise private PaaS product. Whether it’s on premise in customer data center or private cloud.

    OpenShift Origin is the upstream community project used in OpenShift Online, OpenShift Dedicated, and OpenShift Container Platform.

    There are 3 quick installation methods:
        1Running in a Container (from DockerHub) – Only for Red Hat based distributions, RHEL, Fedora and CentOS.
        2Download a Binary (GitHub). This is an all-in-one version. Pay attention with this option, because versions for Windows and Mac are limited.
    3Building from source, locally or using Vagrant.

        Minishift is an upstream community project that is intended for OpenShift Origin. Minishift is a tool that helps you run OpenShift locally by launching a single-node OpenShift Origin cluster inside a virtual machine.


    https://blog.novatec-gmbh.de/getting-started-minishift-openshift-origin-one-vm/


  • Openshift Origin is the upstream community project that builds up OpenShift platform. Openshift origin is built around a core of Docker container, using Kubernetes for cluster containers orchestration. Openshift origin includes also a functional Web application and a CLI interface to build up and manage your applications.
  • http://www.mastertheboss.com/soa-cloud/openshift/openshift-installation-quick-tutorial

  • Docker and OpenShift Origin must run on the Linux operating system.

  • If you wish to run the server from a Windows or Mac OS X host, you should start a Linux VM first.
     
    OpenShift Origin and Docker use iptables to manage networking.
    Ensure that local firewall rules and other software making iptable changes do not alter the OpenShift Origin and Docker service setup.

    Installation Methods
    Method 1: Running in a Container

    https://docs.openshift.org/latest/getting_started/administrators.html

  • Minimum Hardware Requirements


  • OpenShift Origin only supports servers with the x86_64 architecture.

    Masters
    Physical or virtual system, or an instance running on a public or private IaaS.
    Base OS: Fedora 21, CentOS 7.3, RHEL 7.3, or RHEL 7.4 with the "Minimal" installation option and the latest packages from the Extras channel, or RHEL Atomic Host 7.3.6 or later.
    2 vCPU.
    Minimum 16 GB RAM.
    Minimum 40 GB hard disk space for the file system containing /var/.
    Minimum 1 GB hard disk space for the file system containing /usr/local/bin/.
    Minimum 1 GB hard disk space for the file system containing the system’s temporary directory


    Nodes
    Physical or virtual system, or an instance running on a public or private IaaS.
    Base OS: Fedora 21, CentOS 7.3, RHEL 7.3, or RHEL 7.4 with "Minimal" installation option, or RHEL Atomic Host 7.3.6 or later.
    NetworkManager 1.0 or later.
    1 vCPU.
    Minimum 8 GB RAM.
    Minimum 15 GB hard disk space for the file system containing /var/.
    Minimum 1 GB hard disk space for the file system containing /usr/local/bin/.
    Minimum 1 GB hard disk space for the file system containing the system’s temporary directory
    An additional minimum 15 GB unallocated space to be used for Docker’s storage back end


    External etcd Nodes
    Minimum 20 GB hard disk space for etcd data.

    Configuring Core Usage
    For example, run the following before starting the server to make OpenShift Origin only run on one core:
    # export GOMAXPROCS=1
    Alternatively, if you plan to run OpenShift in a container, add -e GOMAXPROCS=1 to the docker run command when launching the server.

    SELinux
    Security-Enhanced Linux (SELinux) must be enabled on all of the servers before installing OpenShift Origin or the installer will fail. Also, configure SELINUXTYPE=targeted in the /etc/selinux/config file:
    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    #     enforcing - SELinux security policy is enforced.
    #     permissive - SELinux prints warnings instead of enforcing.
    #     disabled - No SELinux policy is loaded.
    SELINUX=enforcing
    # SELINUXTYPE= can take one of these three values:
    #     targeted - Targeted processes are protected,
    #     minimum - Modification of targeted policy. Only selected processes are protected.
    #     mls - Multi Level Security protection.
    SELINUXTYPE=targeted

    NTP
    You must enable Network Time Protocol (NTP) to prevent masters and nodes in the cluster from going out of sync.
    Set openshift_clock_enabled to true in the Ansible playbook to enable NTP on masters and nodes in the cluster during Ansible installation.
    # openshift_clock_enabled=true

    Environment Requirements
    Adding entries into the /etc/hosts file on each host is not enough. This file is not copied into containers running on the platform.

    Key components of OpenShift Origin run themselves inside of containers and use the following process for name resolution:
    By default, containers receive their DNS configuration file (/etc/resolv.conf) from their host.
    OpenShift Origin then inserts one DNS value into the pods (above the node’s nameserver values). That value is defined in the /etc/origin/node/node-config.yaml file by the dnsIP parameter, which by default is set to the address of the host node because the host is using dnsmasq
    If the dnsIP parameter is omitted from the node-config.yaml file, then the value defaults to the kubernetes service IP, which is the first nameserver in the pod’s /etc/resolv.conf file.

    DNSMSQ must be enabled (openshift_use_dnsmasq=true) or the installation will fail and critical features will not function


    The following is an example set of DNS records for the Single Master and Multiple Nodes scenario:

    master    A   10.64.33.100
    node1     A   10.64.33.101
    node2     A   10.64.33.102

    Configuring Hosts to Use DNS
    The configuration for hosts' DNS resolution depend on whether DHCP is enabled.

    If DHCP is:
    Disabled, then configure your network interface to be static, and add DNS nameservers to NetworkManager.

    If DHCP is:
    Enabled, then the NetworkManager dispatch script automatically configures DNS based on the DHCP configuration.

    To verify that hosts can be resolved by your DNS server:
    Check the contents of /etc/resolv.conf:
    $ cat /etc/resolv.conf
    # Generated by NetworkManager
    search example.com
    nameserver 10.64.33.1
    # nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh

    Test that the DNS servers listed in /etc/resolv.conf are able to resolve host names to the IP addresses of all masters and nodes in your OpenShift Origin environment:
    $ dig <node_hostname> @<IP_address> +short
    $ dig master.example.com @10.64.33.1 +short
    10.64.33.100
    $ dig node1.example.com @10.64.33.1 +short
    10.64.33.101


    Configuring a DNS Wildcard
    Optionally, configure a wildcard for the router to use, so that you do not need to update your DNS configuration when new routes are added.


    https://docs.openshift.org/latest/install_config/install/prerequisites.html#install-config-install-prerequisites

  • To simplify the task of setting up and operating containers, the use of a container management tool is essential. These solutions, known as container orchestration tools, help operations staff decide where to run containers, how to run them in production, and which systems to put them on

  • OpenShift, Red Hat’s PaaS solution for enterprise applications, uses Docker and Kubernetes as its underlying container management engines. OpenShift is a powerful resource for orchestrating containerization at the enterprise level.

    The OpenShift Online Starter plan, which can handle one project, is free.

    Docker is the leading provider of containerization tools.
    Docker has helped foster the DevOps revolution by facilitating collaboration between developers and operators, accelerating the process of creating and deploying applications.
    Kubernetes is a container orchestration engine.
    It offers an open source platform to manage the deployment and use of containers across your IT infrastructure.
    https://shadow-soft.com/open-source-container-management-tools/

  • OpenShift Online has been completely rewritten, enabling you to rapidly build and deploy Docker images and manage them on a robust, scalable platform. The power of Docker containers and the Kubernetes container cluster manager optimized for enterprise app development and deployment.OpenShift is Red Hat's Platform-as-a-Service (PaaS) that allows developers to quickly develop, host, and scale applications in a cloud environment.
https://www.openshift.com

  • Source-to-Image (S2I) is a toolkit and workflow for building reproducible Docker images from source code.
S2I produces ready-to-run images by injecting source code into a Docker container and letting the container prepare that source code for execution.
By creating self-assembling builder images, you can version and control your build environments exactly like you use Docker images to version your runtime environments.
https://github.com/openshift/source-to-image

  • OpenShift is designed to run any existing Docker images. Additionally, you can define builds that will produce new Docker images using a Dockerfile.
https://github.com/openshift/origin

  • Source-to-Image (S2I) is a mechanism for building custom Docker images. It produces ready-to-run images by injecting application source into a Docker image and assembling a new Docker image. The new image incorporates the base image and built source

So let's say you want to load the image "openshift/wildfly-100-centos7" and produce a new image using the source code available on https://github.com/fmarchioni/mastertheboss in the folder "openshift-demo"
(Have a look at the application here: https://github.com/fmarchioni/mastertheboss/tree/master/openshift-demo)
http://www.mastertheboss.com/soa-cloud/openshift/deploy-docker-images-on-openshift


  • Openshift uses Image Streams to reference a Docker image. An image stream comprises one or more Docker images identified by tags. It presents a single virtual view of related images, similar to a Docker image repository, and may contain images from any of the following:
    Its own image repository in OpenShift’s integrated Docker Registry
    Other image streams
    Docker image repositories from external registries 
http://www.mastertheboss.com/soa-cloud/openshift/using-wildfly-on-openshift

  • When deployed on OpenStack, OpenShift Origin can be configured to access OpenStack infrastructure, including using OpenStack Cinder volumes as persistent storage for application data.

https://docs.openshift.org/latest/install_config/configuring_openstack.html#install-config-configuring-openstack

  • OpenShift can build Docker images from your source code, deploy them, and manage their lifecycle. To enable this, OpenShift provides an internal, integrated Docker registry that can be deployed in your OpenShift environment to locally manage images.

https://docs.openshift.com/enterprise/3.1/install_config/install/docker_registry.html

  • geard is a command-line client and agent for integrating and linking Docker containers into systemd across multiple hosts. It is the core of the next generation of OpenShift Origin and helps administrators install and manage the components of their developers' applications
http://openshift.github.io/geard/

  • Use immutable infrastructure to deploy and scale your containerized applications. Project Atomic builds OSes, tools, and containers for cloud native platforms.
Atomic Host provides "immutable infrastructure" for deploying to hundreds or thousands of servers in your private or public cloud.
http://www.projectatomic.io/

direct debit

A direct debit or direct withdrawal is a financial transaction in which one person withdraws funds from another person's bank account. Formally, the person who directly draws the funds ("the payee") instructs his or her bank to collect (i.e., debit) an amount directly from another's ("the payer's") bank account designated by the payer and pay those funds into a bank account designated by the payee.
Before the payer's banker will allow the transaction to take place, the payer must have advised the bank that he or she has authorized the payee to directly draw the funds. It is also called pre-authorized debit (PAD) or pre-authorized payment (PAP)

In countries where setting up authorization is easy enough, direct debits can also be used for irregular payments, such as for mail order transactions or at a point of sale.

payee

payee
the person or organization to whom money, especially a cheque, must be paid

payment service provider (PSP)

A payment service provider (PSP) offers (web) shops online services for accepting electronic payments by a variety of payment methods including credit card, bank-based payments such as direct debit, bank transfer, and real-time bank transfer based on online banking.

Typically, they use a software as a service model and form a single payment gateway for their clients (merchants) to multiple payment methods

Saturday, July 19, 2014

cd dvd formats

  • CD-R (compact disc recordable)
CD-RW (compact disc re-writable)
DVD (Digital Versatile Disc)
DVD-RW    Digital Versatile Disc - Rewriteable


  • The DVD-R DVD+R difference can easily be summarized by the following:

* The DVD-R/RW standard was developed by Pioneer, and is used primarily
by Apple and Pioneer. These “minus” discs can only be written to in one
layer on the discs surface. In addition, this format is supported by the DVD
forum, but is in no way an industry standard. DVD-R/RW discs are cheaper
than the “plus” format.
* The DVD+R/RW format is supported by Philips, Dell, Sony, HP, and Mcft.
These discs can be written to in multiple layers, giving them s1
Slightly better and more disc storage than the “minus” format. Because of this additional capacity, they are slightly more expensive than “minus” discs.
http://faalacademy.wordpress.com/2013/05/10/the-difference-between-dvd-r-dvdr-dvdrw-and-dvd-rw/

  • Overview of DVD Recordable: +R Versus -R
1) The DVD-R (pronounced "DVD dash R") and -RW media formats are officially approved by the standards group DVD Forum. The DVD Forum was founded by Mitsubishi, Sony, Hitachi, and Time Warner, so it has tremendous industry support for its technical standards.
2) DVD+R ("DVD plus” R) and +RW formats are not approved by the DVD Forum standards group, but are instead supported by the DVD+RW Alliance. The DVD+RW Alliance is supported by Sony, Yamaha, Philips, Dell, and JP, so it also has tremendous industry support for its technical standards. Note that Sony supports both organizations.

The main functional differences between DVD-R and DVD+R are:
1) the DVD recorder's built-in defects management,
2) the way the recorders format and rewrite DVDs,
3) the price.

According to the claims of the DVD Alliance, using a DVD+R/+RW recorder will let you do the following:

1. Instantly eject without having to wait for finalized formatting.

2. Ability to record one DVD disc partially on PC and partially on television.

3. Background formatting: while the disc is being formatted, you can simultaneously record on already-formatted portions of the same disc.

4. Enhanced ability to edit filenames, movie and song titles, and playlists.

5. 100% compatibility with all other DVD players, while still enjoying these extra recording features.
http://netforbeginners.about.com/cs/multimedia/a/DVD_explained_2.htm

Thursday, July 10, 2014

literal

  • In computer science, a literal is a notation for representing a fixed value in source code.
In contrast to literals, variables or constants are symbols that can take on one of a class of fixed values, the constant being constrained not to change.
Literals are often used to initialize variables, for example, in the following, 1 is an integer literal and the three letter string in "cat" is a string literal:
 int a = 1;
 String s = "cat";

 http://en.wikipedia.org/wiki/Literal_%28computer_programming%29

Static Import in Java


  • import static java.lang.Math.PI;
double r = cos(PI * theta);

http://viralpatel.net/blogs/static-import-java-example-tutorial/

  • Static import can reduce code size and allow you to freely use static field of external class without prefixing class name on that
http://javarevisited.blogspot.com/2012/10/what-is-static-import-in-java-5-example-tutorial.html#ixzz370mlCrPP

BigDecimal

  • How to Use Java BigDecimal
Ability to specify a scale, which represents the number of digits after the decimal place
Ability to specify a rounding method
The java.math.BigDecimal class handles both of these considerations.

suppose we have a product which costs 10.00 in a given currency and the local sales tax is 0.0825, or 8.25%. If we work it out on paper, the tax amount is,
10.00 * 0.0825 = 0.825
Because our precision for the currency is two digits after the decimal, we need to round the 0.825 figure. Also, because this is a tax, it is good practice to always round up to the next highest cent. That way when the accounts are balanced at the end of the day, we never find ourselves underpaying taxes.
0.825 -> 0.83
so the total we charge to the customer is 10.83 in the local currency and pay 0.83 to the tax collector. Note that if we sold 1000 of these, we would have overpaid the collector by this much,
1000 * (0.83 - 0.825) = 5.00

http://www.opentaps.org/docs/index.php/How_to_Use_Java_BigDecimal:_A_Tutorial


  • The java.math.BigDecimal class provides operations for arithmetic, scale manipulation, rounding, comparison, hashing, and format conversion.
Two types of operations are provided for manipulating the scale of a BigDecimal:

    scaling/rounding operations
    decimal point motion operations.
http://www.tutorialspoint.com/java/math/java_math_bigdecimal.htm

CamelCase Java Naming Convention

CamelCase Java Naming Convention
CamelCase (also known as Upper CamelCase) is where each new word begins with a capital letter (e.g., CamelCase, CustomerAccount, PlayingCard).
http://java.about.com/od/javasyntax/a/nameconventions.htm

Monday, July 7, 2014

association vs composition

COMPOSITION
Imagine a software firm that is composed of different Business Units (or departments) like Storage BU, Networking BU. Automobile BU. The life time of these Business Units is governed by the lifetime of the organization. In other words, these Business Units cannot exist independently without the firm. This is COMPOSITION. (ie the firm is COMPOSED OF business units)

ASSOCIATION
The software firm may have external caterers serving food to the employees. These caterers are NOT PART OF the firm. However, they are ASSOCIATED with the firm. The caterers can exist even if our software firm is closed down. They may serve another firm! Thus the lifetime of caterers is not governed by the lifetime of the software firm. This is typical ASSOCIATION

http://stackoverflow.com/questions/731802/what-is-the-difference-between-composition-and-association-relationship

Wednesday, June 25, 2014

ARM architecture


  • ARM architecture
ARM is a family of instruction set architectures for computer processors based on a reduced instruction set computing (RISC) architecture developed by British company ARM Holdings.
A RISC-based computer design approach means ARM processors require significantly fewer transistors than typical CISC x86 processors in most personal computers.
This approach reduces costs, heat and power use.
These are desirable traits for light, portable, battery-powered devices—​including smartphones, laptops, tablet and notepad computers, and other embedded systems.
http://en.wikipedia.org/wiki/ARM_architecture

Tuesday, June 24, 2014

There are four different ways to create objects in java

  • There are four different ways to create objects in java

1. The new keyword
2. The Class.forName()
3. The clone() method
4. The object deserialization

https://www.linkedin.com/groups/What-are-all-different-ways-70526.S.5883998172040155140?view=&item=5883998172040155140&type=member&gid=70526&trk=eml-b2_anet_digest-null-75-null&fromEmail=fromEmail&ut=3f1ocViNIMOCg1

http://javabeginnerstutorial.com/core-java-tutorial/different-ways-to-create-an-object-in-java/

Personal Package Archives

  • Personal Package Archives (PPA) allow you to upload Ubuntu source packages to be built and published as an apt repository by Launchpad.
https://launchpad.net/ubuntu/+ppas

Saturday, June 14, 2014

Model View ViewModel

  • Model View ViewModel
Model View ViewModel
Model View ViewModel (MVVM) is an architectural pattern for software development.
MVVM is a variation of Martin Fowler's Presentation Model design pattern.
Model View ViewModel is also called model-view-binder, especially in implementations that don't involve the .NET platform

Components of the MVVM pattern
Model
Model refers either to a domain model, which represents the real state content (an object-oriented approach), or to the data access layer that represents that content (a data-centric approach)
View
As in the MVC and MVP patterns, the view is the user interface (UI).
View model
The view model is an abstraction of the view that exposes public properties and commands. Instead of the controller of the MVC pattern, or the presenter of the MVP pattern, MVVM has a binder. In the view model, this binder mediates communication between the view and the data binder.The view model has been described as a state of the data in the model.
Binder
Declarative data- and command-binding are implicit in the MVVM pattern. In the Microsoft solution stack, the binder is a markup language called XAML.[7] The binder frees the developer from being obliged to write boiler-plate logic to synchronise the view model and view. When implemented outside of the Microsoft stack the presence of a declarative databinding technology is a key enabler of the pattern
http://en.wikipedia.org/wiki/Model_View_ViewModel

Monday, May 26, 2014

New features in Java 1.8

  •     Lambda expressions
    Remove the Permanent Generation
    Small VM
    Parallel Array Sorting
    Bulk Data Operations for Collections
    Define a standard API for Base64 encoding and decoding
    New Date & Time API
    Provide stronger Password-Based-Encryption (PBE) algorithm implementations in the SunJCE provider

   
    http://ttux.net/post/java-8-new-features-release-performance-code/

Wednesday, May 21, 2014

SOLID

  • SOLID
In computer programming, SOLID (Single responsibility, Open-closed, Liskov substitution, Interface segregation and Dependency inversion) is a mnemonic acronym
The principles when applied together intend to make it more likely that a programmer will create a system that is easy to maintain and extend over time


Single responsibility principle
a class should have only a single responsibility (i.e. only one potential change in the software's specification should be able to affect the specification of the class)
Open/closed principle
“software entities … should be open for extension, but closed for modification.”
Liskov substitution principle
“objects in a program should be replaceable with instances of their subtypes without altering the correctness of that program.
Interface segregation principle
“many client-specific interfaces are better than one general-purpose interface
Dependency inversion principle
one should “Depend upon Abstractions. Do not depend upon concretions.


http://en.wikipedia.org/wiki/SOLID_(object-oriented_design)

Friday, May 9, 2014

IPv5

  • What Happened to IPv5?
IPv5 never became an official protocol.
Internet Stream Protocol (ST) was considered IP version five by industry researchers, but ST was abandoned before ever becoming a standard or widely known as
IPv5
http://stackoverflow.com/questions/4880182/where-did-ipv5-go

  • The Internet Stream Protocol (ST and later ST-II) is a family of experimental protocols first defined in Internet Experiment Note IEN-119
Its second version, known variously as ST-II or ST2, was drafted by Claudio Topolcic and others in 1987 and specified in 1990
ST2 distinguishes its own packets with an Internet Protocol version number 5, although it was never known as IPv5
http://en.wikipedia.org/wiki/Internet_Stream_Protocol

Monday, May 5, 2014

Cost-Benefit Analysis


  • Performing a Cost-Benefit Analysis
Cost-benefit analyses help you to

    Decide whether to undertake a project or decide which of several projects to undertake.

    Frame appropriate project objectives.

    Develop appropriate before and after measures of project success.

    Prepare estimates of the resources required to perform the project work.

Everything gets a dollar value in a cost-benefit analysis
Whenever possible, express benefits and costs in monetary terms to facilitate the assessment of a project’s net value.
Consider costs for all phases of the project. Such costs may be nonrecurring (such as labor, capital investment, and certain operations and services) or recurring (such as changes in personnel, supplies, and materials or maintenance and repair). I


Cost-benefit analysis: Weighing future values today
For example, you may expect to reap benefits for years from a new computer system, but changing technology may make your new system obsolete after only one year.
http://www.dummies.com/how-to/content/performing-a-costbenefit-analysis.html


  • How to Do a Cost Analysis
A cost analysis (also called cost-benefit analysis, or CBA) is a detailed outline of the potential risks and gains of a projected venture.

1 Define your CBA's unit of cost  benefit
CBA measures literal cost in terms of money, but, in cases where money is not an issue, CBAs can measure cost in terms of time, energy usage, and more.

2 Itemize the tangible costs of the intended project.
Costs can be one-time events or ongoing expenses

3 Itemize any and all intangible costs.
Usually, CBAs also take into account a project's intangible demands - things like the time and energy required to complete the project.

4 Itemize the projected benefits.

5 Add up and compare the project's costs and benefits
we determine whether the benefits of our project outweigh the costs

6 Calculate a payback time for the venture

7 Use your CBA to inform your decision about whether to pursue your project
if it's not clear that a project can generate additional profit in the long run or pay for itself in a reasonable amount of time, you will probably want to reconsider the project or even scrap it all together.

Server Form Factors

  • Server Form Factors

form factor refers to the size, shape, and packaging of a hardware device. Server computers typically come in one of three form factors:

Tower case: Most servers are housed in a traditional tower case, similar to the tower cases used for desktop computers.

Rack-mount servers are designed to save space when you need more than a few servers in a confined area. A rack-mount server is housed in a small chassis that’s designed to fit into a standard 19-inch equipment rack. The rack allows you to vertically stack servers in order to save space.

Blade servers: Blade servers are designed to save even more space than rack-mount servers
A blade server is a server on a single card that can be mounted alongside other blade servers in a blade chassis, which itself fits into a standard 19-inch equipment rack. A typical blade chassis holds six or more servers, depending on the manufacturer.
One of the key benefits of blade servers is that you don’t need a separate power supply for each server.
the blade enclosure provides KVM switching so that you don’t have to use a separate KVM switch.
With rack-mount servers, each server requires its own power cable, keyboard cable, video cable, mouse cable, and network cables. With blade servers, a single set of cables can service all the servers in a blade enclosure.v

http://www.dummies.com/how-to/content/network-basics-server-form-factors.html

Total Cost of Ownership

  • Total Cost of Ownership (TCO) is an analysis meant to uncover all the lifetime costs that follow from owning certain kinds of assets. Ownership brings purchase costs, of course, but ownership can also bring costs for installing, deploying, operating, upgrading, and maintaining the same assets. For this reason, TCO is sometimes called life cycle cost analysis. For many kinds of acquisitions, TCO analysis finds a very large difference between purchase price and total long term cost, especially when viewed across a long ownership period.

1. Obvious costs in TCO analysis
Obvious costs in TCO are the costs familiar to everyone involved during planning and vendor selection, such as:

    Purchase cost:  The actual price paid.
    Maintenance costs: warranty costs, maintenance labor, contracted maintenance services or other service contracts
  
2. Hidden costs in TCO analysis

The so-called hidden costs are the less obvious cost consequences that are easy to overlook or omit from acquisition decisions

    Acquisition costs: the costs of identifying, selecting, ordering, receiving, inventorying, or paying for something.
    Upgrade / Enhancement / Refurbishing costs.
    Reconfiguration costs.
    Set up / Deployment costs: costs of configuring space, transporting, installing, setting up, integrating with other assets, outside services.
    Operating costs: for example, human (operator) labor, or energy/fuel costs.
    Change management: costs:  for example, costs of user orientation, user training, workflow/process change design and implementation.
    Infrastructure support costs:  for example, costs brought by the acquisition for heating/cooling, lighting,  or IT support.
    Environmental impact costs: for example, costs of waste disposal/clean up, or pollution control, or the costs of environmental impact compliance reporting.
    Insurance costs.
    Security costs:
        Physical security, for example, security additions for a building, including new locks, secure entry doors, closed circuit television, and security guard services.
        Electronic security, for example, security software applications or systems, offsite data backup, disaster recovery services, etc.
    Financing costs: for example, loan interest and loan origination fees.
    Disposal / Decommission costs.
    Depreciation expense tax savings (a negative cost).
http://www.business-case-analysis.com/total-cost-of-ownership.html

open hardware

  • The servers themselves are 1.5U high, half again as high as the normal 1-U rack, Facebook executives said. That allows Facebook to build more space in the racks for cooling; the company used 60-mm fans to move more air with less power, they said. The racks are built on shelves, so they can be easily serviced.
Richard Fichera, an analyst at Forrester, claimed that the servers are divide into two categories: the Web tier, a high-power server that uses dual-socket, 8-core Xeon X5650 chips; and the Memcache tier, which uses less CPU, and more memory, and incorporates 8-core "Magny Cours" AMD processors, he said in a blog post. Each server can have up to 6 local disks.
The power supplies are more than 93 percent efficient, almost heard of in an industry where 90 percent efficiency is considered outstanding. For backup power, they use a modular 48V DC battery backup unit that supplies up to six servers through a DC-DC converter in each server. Each battery is connected via the network, so that the Facebook IT managers can monitor the health of the system.
http://www.pcmag.com/article2/0,2817,2383283,00.asp

  • Why Open Hardware?
By releasing Open Compute Project technologies as open hardware, our goal is to develop servers and data centers following the model traditionally associated with open source software projects.
http://www.opencompute.org/

blade servers

  • A server architecture that houses multiple server modules ("blades") in a single chassis.
It is widely used in datacenters to save space and improve system management
Either self-standing or rack mounted, the chassis provides the power supply, and each blade has its own CPU, memory and hard disk

Diskless Blades
With enterprise-class blade servers, disk storage is external, and the blades are diskless.
This approach allows for more efficient failover because applications are not tied to specific hardware and a particular instance of the operating system.
The blades are anonymous and interchangeable
http://www.answers.com/topic/blade-server

  • The Next Evolution of the Blade Server – External I/O Expansion




  • Blade System Series Part-1
Chassis:- Consider this as a empty box with 8 to 10 unit in height which is the building block of the entire system.
BackPlane :- This component is assembled inside the chassis to provide high speed IO (input/output) path to Blade Server via I/O Bays.
Bays :- Consider this as a slot  where you can install blades. Bays can be customized to allow full/Half height blades installation or Mixture of both.
I/O Interconnect Bays :- These are again empty slots where you can install switches (Fiber or Ethernet) to connect Blade Servers with external Fiber or Ethernet networks. unlike rack servers which connects directly to Fiber or Ethernet network. Blade servers connects with High speed BackPlanes  which further connects with I/O Bays - and the switches installed inside I/O bays would allow further connectivity.
Blades:- Well, its the actual compute power which you install in bays. The reason they are called blades is because its highly dense in form factor and takes very less space

Having Management Module and I/O switches in every chassis increases Management as well as cabling that's why Cisco splits Management Module & I/O switches from the chassis
This design increases efficiency by sharing I/O switches with multiple chassis , which is not possible when switches are mounted inside the chassis. so lets understand this design with examples.
http://panksthought.blogspot.com.tr/2012/09/blade-system-series-part-1.html


  • Blade System Series Part-2
Cisco UCS (Unified Computing System)
Having Management Module and I/O switches in every chassis increases Management as well as cabling that's why Cisco splits Management Module & I/O switches from the chassis

http://panksthought.blogspot.com.tr/2012/09/blade-system-series-part-2.html

Sunday, May 4, 2014

Bitcoin

  • Bitcoin
Bitcoin is a peer-to-peer payment system introduced as open source software in 2009 by developer Satoshi Nakamoto
The digital currency created and used in the system is also called bitcoin and is alternatively referred to as a virtual currency, electronic money, or cryptocurrency

Bitcoins are created as a reward for payment processing work in which users who offer their computing power verify and record payments into a public ledger
Called mining, individuals engage in this activity in exchange for transaction fees and newly minted bitcoins
Besides mining, bitcoins can be obtained in exchange for other currencies, products, and services.
Users can buy, send, and receive bitcoins electronically for a nominal fee using wallet software on a personal computer, mobile device, or a web application.
http://en.wikipedia.org/wiki/Bitcoin


  • Bitcoin
Bitcoin uses peer-to-peer technology to operate with no central authority or banks; managing transactions and the issuing of bitcoins is carried out collectively by the network.
Bitcoin is open-source; its design is public, nobody owns or controls Bitcoin and everyone can take part
https://bitcoin.org/en/

  • Bitcoin network
The Bitcoin network is a peer-to-peer payment network that operates on a cryptographic protocol. Users send bitcoins, the unit of currency, by broadcasting digitally signed messages to the network using Bitcoin wallet software.
Transactions are recorded into a distributed public database known as the block chain, with consensus achieved by a proof-of-work system called "mining".
The block chain is distributed internationally using peer-to-peer filesharing technology similar to BitTorrent
The protocol was designed in 2008 and released in 2009 as open source software by "Satoshi Nakamoto", the pseudonym of the original developer or group of developers.
The network timestamps transactions by including them in blocks that form an ongoing chain called the block chain
Such blocks cannot be changed without redoing the work that was required to create each block since the modified block.    
The longest chain serves not only as proof of the sequence of events but also records that this sequence of events was verified by a majority of the Bitcoin network's computing power

Bitcoin mining
To form a distributed timestamp server as a peer-to-peer network, Bitcoin uses a proof-of-work system similar to Adam Back's Hashcash and the internet rather than newspaper or Usenet posts.
The work in this system is what is often referred to as Bitcoin mining.
The mining process involves scanning for a value that when hashed twice with SHA-256, begins with a number of zero bits. While the average work required increases exponentially with the number of leading zero bits required, a hash can always be verified by executing a single round of double SHA-256

Timestamps
The Bitcoin specification starts with the concept of a distributed timestamp server
A timestamp server works by taking a SHA256 hash function of some data and widely publishing the hash
The timestamp proves that the data must have existed at the time, in order to produce the hash
For Bitcoin, each timestamp includes the previous timestamp hash as input for its own hash
This dependency of one hash on another is what forms a chain, with each additional timestamp providing evidence that each of the previous timestamp hashes existed.

http://en.wikipedia.org/wiki/Bitcoin_mining#Bitcoin_mining

  • Namecoin
Namecoin is a cryptocurrency which also acts as an alternative, decentralized DNS, which would avoid domain name censorship by making a new top level domain outside of ICANN control, and in turn, make internet censorship much more difficult, as well as reduce outages.
http://en.wikipedia.org/wiki/Namecoin


  • fiat money
Fiat money is money that derives its value from government regulation or law

fiat currency
The term fiat currency is used when a fiat money is used as the main currency of the country.

The Nixon Shock of 1971 ended the convertibility of the United States dollar to gold. Since then, all reserve currencies have been fiat currencies, including the U.S. dollar and the Euro

A central bank typically introduces new money into circulation in the economy by purchasing financial assets or lending money to financial institutions
Commercial banks then multiply this base money by credit creation through fractional reserve banking, which expands the total supply of broad money (cash plus demand deposits). The amount of money in circulation is reduced by the opposite process. The value of fiat currencies is influenced by monetary policy

Fractional reserve banking
Fractional-reserve banking is the practice whereby a bank holds reserves in an amount equal to only a portion of the amount of its customers' deposits to satisfy potential demands for withdrawals. Reserves are held at the bank as currency, or as deposits reflected in the bank's accounts at the central bank.

Demand deposit
Demand deposits, bank money or scriptural money are funds held in demand deposit accounts in commercial banks.
These account balances are usually considered money and form the greater part of the narrowly defined money supply of a country

Exorbitant privilege
The term exorbitant privilege refers to the alleged benefit the United States has due to its own currency (i.e., the US dollar) being the international reserve currency.
Accordingly, the US would not face a balance of payments crisis, because it purchased imports in its own currency

Reserve currency
A reserve currency (or anchor currency) is a currency that is held in significant quantities by governments and institutions as part of their foreign exchange reserves, and that is commonly used in international transactions.
Persons who live in a country that issues a reserve currency can purchase imports and borrow across borders more cheaply than persons in other nations because they need not exchange their currency to do so.
As of 2014 the United States dollar is the world's reserve currency, and the world's need for dollars has allowed the United States government as well as Americans to borrow at lower costs, granting them an advantage in excess of $100 billion per year

hyperinflation
hyperinflation occurs when a country experiences very high and usually accelerating rates of monetary and price inflation, causing the population to minimize their holdings of money.
Hyperinflation is often associated with wars, their aftermath, sociopolitical upheavals, or other crises that make it difficult for the government to tax the population, as a sudden and sharp decrease in tax revenue coupled with a strong effort to maintain the status quo can be a direct trigger of hyperinflation.
http://en.wikipedia.org/wiki/Fiat_money

ICANN

  • ICANN
The Internet Corporation for Assigned Names and Numbers  is a nonprofit organization that coordinates the Internet's global domain name system.
The Internet Assigned Numbers Authority (IANA) is a department of ICANN responsible for managing the DNS Root and the numbering system for IP addresses.
http://en.wikipedia.org/wiki/ICANN

Proof-of-work

  • Proof-of-work
A proof-of-work (POW) system (or protocol, or function) is an economic measure to deter denial of service attacks and other service abuses such as spam on a network by requiring some work from the service requester, usually meaning processing time by a computer

A key feature of these schemes is their asymmetry: the work must be moderately hard (but feasible) on the requester side but easy to check for the service provider. This idea is also known as a CPU cost function, client puzzle, computational puzzle or CPU pricing function. It is distinct from a CAPTCHA, which is intended for a human to solve quickly, rather than a computer

http://en.wikipedia.org/wiki/Proof-of-work
  • Hashcash
Hashcash is a proof-of-work system designed to limit email spam and denial-of-service attacks.
Hashcash is a method of adding a textual stamp to the header of an email to prove the sender has expended a modest amount of CPU time calculating the stamp prior to sending the email
In other words, as the sender has taken a certain amount of time to generate the stamp and send the email, it is unlikely that they are a spammer
The receiver can, at negligible computational cost, verify that the stamp is valid

The theory is that spammers, whose business model relies on their ability to send large numbers of emails with very little cost per message, cannot afford this investment into each individual piece of spam they send. Receivers can verify whether a sender made such an investment and use the results to help filter email.

http://en.wikipedia.org/wiki/Hashcash

Denial of Service attack

  • Layer 7 DDoS attack (L7 DDoS attack)
  • Layer 7 DDoS attacks are some of the most difficult attacks to mitigate against because they mimic human behavior as they interact with the user interface. For example, some types of Layer 7 DDoS attacks will target website elements, like your logo or a button, and repeatedly download resources hoping to exhaust the server.

    Here are some of the ways to stop a DDoS attack:
        Block spoofed TCP attacks before they enter your network.
        Don’t let dark address packets pass your perimeter.
        Block unused protocols and ports.
        Limit the number of access per second per source IP.
        Limit numbers of concurrent connections per source IP.
        Filter foreign TCP packets.
        Do not forward packets with header anomalies.
        Monitor self-similarity in traffic.
        Keep unwanted guests away.
        Use specialized DDoS mitigation equipment.


    http://ddosattackprotection.org/blog/layer-7-ddos-attack/

    • To understand what a layer 7 DDoS attack is you must first understand what is meant by the application layer.
    There are seven layers in total, each fulfilling its own purpose in a connected networking framework called the Open System Interconnection Model. The short version being referred to as the OSI Model.
    http://ddosattackprotection.org/blog/wp-content/uploads/2013/12/OSI-Model.jpg

    the breakdown of the function of each layer
    http://ddosattackprotection.org/blog/wp-content/uploads/2013/12/OSI-Layer-Functions.jpg


    • There are three types of DDoS attacks
    Layer 3 / 4 DDoS attacks
    The majority of DDoS attacks focus on targeting the transport and network layers. These types of attacks are usually comprised of volumetric attacks that aim to overwhelm the target machine, denying or consuming resources until the server goes offline. In these types of DDoS attacks, malicious traffic (TCP / UDP) is used to flood the victim. Taking it one step further, these attacks also drive to saturate the entire network with malicious traffic until it is rendered temporarily obsolete. While these types of attacks can be a disruptive force for businesses, once the attack ceases or has been mitigated, there is no lasting damage.
    http://ddosattackprotection.org/blog/layer-7-ddos-attack/

    • Types of DDoS Attacks
    Websites are vulnerable to DDoS because of the way machines communicate online.

    SYN Flood
    UDP Flood
    Reflected Attack
    Nuke
    Slowloris
    Peer-to-Peer Attacks
    Unintentional DDoS
    Degradation of Service Attacks
    Application Level Attacks
    Multi-Vector Attacks
    Zero Day DDoS

    http://ddosattackprotection.org/blog/types-of-ddos-attacks/



    • Layer 4 vs Layer 7 DoS Attack

    A Layer 7 DoS attack is often perpetrated through the use of HTTP GET. This means that the 3-way TCP handshake has been completed, thus fooling devices and solutions which are only examining layer 4 and TCP communications. The attacker looks like a legitimate connection and is therefore passed on to the web or application server. At that point, the attacker begins requesting large numbers of files/objects using HTTP GET.


    When rate-limiting was used to stop this type of attack, the bad guys moved to use a distributed system of bots (zombies) to ensure that the requests (attack) was coming from myriad IP addresses and was therefore not only more difficult to detect, but more difficult to stop. The attacker uses malware and trojans to deposit a bot on servers and clients, and then remotely includes them in his attack by instructing the bots to request a list of objects from a specific site or server. The attacker might not use bots but instead might gather enough evil friends to launch an attack against a site that has annoyed them for some reason.

    Layer 7 DoS attacks are more difficult to detect because the TCP connection is valid and so are the requests. The trick is to realize when there are multiple clients requesting large numbers of objects at the same time and to recognize that it is, in fact, an attack.

    Defending against Layer 7 DoS attacks usually involves some sort of rate-shaping algorithm that watches clients and ensures that they request no more than a configurable number of objects per time period, usually measured in seconds or minutes. If the client requests more than the configurable number, the client's IP address is blacklisted for a specified time period and subsequent requests are denied until the address has been freed from the blacklist.
    https://devcentral.f5.com/articles/layer-4-vs-layer-7-dos-attack


    • these types of DDoS attacks require less bandwidth to take the site down and are harder to detect and block.
    To be more exact, he was getting 5,233 HTTP requests every single second. From different IP addresses around the world. The client’s website was built on WordPress. The uniqueness of the requests was bypassing the caching system, forcing the system to render and respond to every request.
    here is a quick geographic distribution of the IP’s hitting the site. This is for 1 second in the attack. Yes, every second these IP’s were changing.

    By default, they were not passing our anomaly check, causing the requests to get blocked at the firewall. One of the many anomalies we look for are valid user agents, and if you look carefully you see that the requests didn’t have one. Hopefully, you’ll also notice that the referrers were dynamic and the packets were the same size, another very interesting signature. This triggered one of our rules, and within minutes his site was back and the attack blocked.

    After we blocked the original requests and banned the IP addresses involved, everything went quiet, at least for a day. In less than 24 hours though, the attacks resumed with a higher intensity. Remember the caching bypass discussion above? Well, it happened again, and this time it wasn’t blocked automatically as it was operating as a wolf in sheep’s skin.

    What the logs show us is that the attack was doing random searches for dictionary keywords (eg: news, gov, faith, etc ). This time they were using a valid browser (Firefox, Chrome, Safari, etc), user agents, and a valid referrer.

    You see, they were leveraging normal user search habits. How do you block valid search requests without blocking valid users?
    we noticed another anomaly, or what we’d classify as a signature in the new DDoS pattern. The attacker was rotating IP’s within a few seconds of each other, rotating referrers and user agents, all the while performing search requests. Finally, something we could build a rule for, thanks for that. Now each time we see the same IP with a different user agent/referrer within a small period of time, we’re able to block access. Within minutes, the attack was contained.

    How we’re able to do this comes down to the technology around our Website Firewall. Just in the block list created by our log correlation tool, we banned 9,673 IP Addresses in the first few hours. During the following days, the list grew to almost 40,000 different IP addresses. That’s quite a respectable botnet.

    https://blog.sucuri.net/2014/02/layer-7-ddos-blocking-http-flood-attacks.html


    • DDoS  Quick Guide
    Attack Possibilities by OSI Layer
    possible DDoS Traffic Types

    Some DDoS Mitigation Actions and Hardware

    Stateful inspection firewalls
    Stateful SYN Proxy Mechanisms
    Limiting the number of SYNs per second per IP
    Limiting the number of SYNs per second per destination IP
    Set ICMP flood SCREEN settings (thresholds) in the firewall
    Set UDP flood SCREEN settings (thresholds) in the firewall
    Rate limit routers adjacent to the firewall and network
    https://www.us-cert.gov/sites/default/files/publications/DDoS%20Quick%20Guide.pdf


    • a valuable part of a DDoS attack mitigation solution. These features address a DDoS attack both by regulating the incoming traffic and by controlling the traffic as it is proxied to backend servers. It’s important not to assume that this traffic pattern always represents a DDoS attack. The use of forwarding proxies can also create this pattern because the forward proxy server’s IP address is used as the client address for requests from all the real clients it serves. However, the number of connections and requests from a forward proxy is typically much lower than in a DDoS attack


        Because the traffic is generated by bots and is meant to overwhelm the server, the rate of traffic is much higher than a human user can generate.
        The User‑Agent header is sometimes set to a non‑standard value.
        The Referer header is sometimes set to a value you can associate with the attack.

    https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/


    • Layer 7 HTTP/HTTPS attacks. Hoping to exhaust the server, the attackers flooded the target organization with a large number of HTTPS GET/POST requests using the following methods, amongst others:

        Basic HTTP Floods: Requests for URLs with an old version of HTTP no longer used by the latest browsers or proxies
        WordPress Floods: WordPress pingback attacks where the requests bypassed all caching by including a random number in the URL to make each request appear unique
        Randomized HTTP Floods: Requests for random URLs that do not exist – for example, if example.com is the valid URL, the attackers were abusing this by requesting pages like www.example.com/loc id=12345, etc.

    https://blog.verisign.com/security/defending-against-layer-7-ddos-attacks/

    • The challenge with a Layer 7 DDoS attack lies in the ability to distinguish human traffic from bot traffic. Layer 7 attacks continue to grow in complexity with ever-changing attack signatures and patterns, organizations and DDoS mitigation providers will need to have a dynamic mitigation strategy in place. Layer 7 visibility along with proactive monitoring and advanced alerting are critical to effectively defend against increasing Layer 7 threats.
    https://blog.verisign.com/security/defending-against-layer-7-ddos-attacks/



    • a stateful firewall is a network firewall that tracks the operating state and characteristics of network connections traversing it. 

    The firewall is configured to distinguish legitimate packets for different types of connections. Only packets matching a known active connection are allowed to pass the firewall.
    • https://en.wikipedia.org/wiki/Stateful_firewall


    • How a Stateful Firewall Works


    The stateful firewall spends most of its cycles examining packet information in Layer 4 (transport) and lower. However, it also offers more advanced inspection capabilities by targeting vital packets for Layer 7 (application) examination, such as the packet that initializes a connection. If the inspected packet matches an existing firewall rule that permits it, the packet is passed and an entry is added to the state table. From that point forward, because the packets in that particular communication session match an existing state table entry, they are allowed access without a call for further application layer inspection. Those packets only need to have their Layer 3 and 4 information (IP address and TCP/UDP port number) verified against the information stored in the state table to confirm that they are indeed part of the current exchange. This method increases overall firewall performance (versus proxy-type systems, which examine all packets) because only initiating packets need to be unencapsulated the whole way to the application layer.

    Conversely, because these firewalls use such filtering techniques, they don't consider the application layer commands for the entire communications session, as a proxy firewall would. This equates to an inability to really control sessions based on application-level traffic, making it a less secure alternative to a proxy.
    http://www.informit.com/articles/article.aspx?p=373120


  • Unlike a Denial of Service (DoS) attack, in which one computer and one internet connection is used to flood targeted resource with packets, a DDoS attack uses many computers and many Internet connections, often distributed globally in what is referred to as a botnet.

DDoS attacks can be broadly divided into three types:

Volume Based Attacks
Includes UDP floods, ICMP floods, and other spoofed-packet floods. The attack’s goal is to saturate the bandwidth of the attacked site, and magnitude is measured in bits per second (Bps).

Protocol Attacks
Includes SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and more. This type of attack consumes actual server resources, or those of intermediate communication equipment, such as firewalls and load balancers, and is measured in Packets per second.

Application Layer Attacks
Includes Slowloris, Zero-day DDoS attacks, DDoS attacks that target Apache, Windows or OpenBSD vulnerabilities and more. Comprised of seemingly legitimate and innocent requests, the goal of these attacks is to crash the web server, and the magnitude is measured in Requests per second.


Specific DDoS Attacks Types

Some specific and particularly popular and dangerous types of DDoS attacks include:
UDP Flood

This DDoS attack leverages the User Datagram Protocol (UDP), a sessionless networking protocol. This type of attack floods random ports on a remote host with numerous UDP packets, causing the host to repeatedly check for the application listening at that port, and (when no application is found) reply with an ICMP Destination Unreachable packet. This process saps host resources, and can ultimately lead to inaccessibility.
ICMP (Ping) Flood

Similar in principle to the UDP flood attack, an ICMP flood overwhelms the target resource with ICMP Echo Request (ping) packets, generally sending packets as fast as possible without waiting for replies. This type of attack can consume both outgoing and incoming bandwidth, since the victim’s servers will often attempt to respond with ICMP Echo Reply packets, resulting in a significant overall system slowdown.
SYN Flood

A SYN flood DDoS attack exploits a known weakness in the TCP connection sequence (the “three-way handshake”), wherein a SYN request to initiate a TCP connection with a host must be answered by a SYN-ACK response from that host, and then confirmed by an ACK response from the requester. In a SYN flood scenario, the requester sends multiple SYN requests, but either does not respond to the host’s SYN-ACK response or sends the SYN requests from a spoofed IP address. Either way, the host system continues to wait for an acknowledgment for each of the requests, binding resources until no new connections can be made, and ultimately resulting in a denial of service.
Ping of Death

A ping of death ("POD") attack involves the attacker sending multiple malformed or malicious pings to a computer. The maximum packet length of an IP packet (including header) is 65,535 bytes. However, the Data Link Layer usually poses limits to the maximum frame size - for example, 1500 bytes over an Ethernet network. In this case, a large IP packet is split across multiple IP packets (known as fragments), and the recipient host reassembles the IP fragments into the complete packet. In a Ping of Death scenario, following malicious manipulation of fragment content, the recipient ends up with an IP packet which is larger than 65,535 bytes when reassembled. This can overflow memory buffers allocated for the packet, causing a denial of service for legitimate packets.
Slowloris

Slowloris is a highly-targeted attack, enabling one web server to take down another server, without affecting other services or ports on the target network. Slowloris does this by holding as many connections to the target web server open for as long as possible. It accomplishes this by creating connections to the target server but sending only a partial request. Slowloris constantly sends more HTTP headers, but never completes a request. The targeted server keeps each of these false connections open. This eventually overflows the maximum concurrent connection pool and leads to a denial of additional connections from legitimate clients.
Zero-day DDoS

“Zero-day” are simply unknown or new attacks, exploiting vulnerabilities for which no patch has yet been released. The term is well-known amongst the members of the hacker community, where the practice of trading Zero-day vulnerabilities has become a popular activity.


http://www.incapsula.com/ddos/ddos-attacks/



  • Denial-of-service attack

In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users.
It generally consists of the efforts of one or more people to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

Methods of attack
There are two general forms of DoS attacks: those that crash services and those that flood services.


A DoS attack can be perpetrated in a number of ways. The five basic types of attack are:
    Consumption of computational resources, such as bandwidth, disk space, or processor time.
    Disruption of configuration information, such as routing information.
    Disruption of state information, such as unsolicited resetting of TCP sessions.
    Disruption of physical network components.
    Obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.

A DoS attack may include execution of malware intended to:
    Max out the processor's usage, preventing any work from occurring.
    Trigger errors in the microcode of the machine.
    Trigger errors in the sequencing of instructions, so as to force the computer into an unstable state or lock-up.
    Exploit errors in the operating system, causing resource starvation and/or thrashing, i.e. to use up all available facilities so no real work can be accomplished or it can crash the system itself
    Crash the operating system itself.


Methods of attack of Denial-of-service attack

ICMP flood
A smurf attack is one particular variant of a flooding DoS attack on the public Internet
Ping of death is based on sending the victim a malformed ping packet, which might lead to a system crash.
Ping flood is based on sending the victim an overwhelming number of ping packets, usually using the "ping" command from unix-like hosts

(S)SYN flood
A SYN flood occurs when a host sends a flood of TCP/SYN packets, often with a forged sender address

Teardrop attacks
A Teardrop attack involves sending mangled IP fragments with overlapping, over-sized payloads to the target machine.

Low-rate Denial-of-Service attacks
The Low-rate DoS (LDoS) attack exploits TCP’s slow-time-scale dynamics of retransmission time-out (RTO) mechanisms to reduce TCP throughput

Peer-to-peer attacks
Attackers have found a way to exploit a number of bugs in peer-to-peer servers to initiate DDoS attacks.

Asymmetry of resource utilization in starvation attacks
An attack which is successful in consuming resources on the victim computer

Permanent denial-of-service attacks
A permanent denial-of-service (PDoS), also known loosely as flashing, is an attack that damages a system so badly that it requires replacement or reinstallation of hardware

Application-level floods
Various DoS-causing exploits such as buffer overflow can cause server-running software to get confused and fill the disk space or consume all available memory or CPU time.

Nuke
A Nuke is an old denial-of-service attack against computer networks consisting of fragmented or otherwise invalid ICMP packets sent to the target, achieved by using a modified ping utility to repeatedly send this corrupt data, thus slowing down the affected computer until it comes to a complete stop.

R-U-Dead-Yet? (RUDY)
This attack is one of many web application DoS tools available to directly attack web applications by starvation of available sessions on the web server.

Slow Read attack
Slow Read attack sends legitimate application layer requests but reads responses very slowly, thus trying to exhaust server's connection pool

Distributed attack
A distributed denial of service attack (DDoS) occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. This is the result of multiple compromised systems (for example a botnet) flooding the targeted system(s) with traffic. When a server is overloaded with connections, new connections can no longer be accepted

Reflected / Spoofed attack
A distributed reflected denial of service attack (DRDoS) involves sending forged requests of some type to a very large number of computers that will reply to the requests.

Unintentional denial of service
This describes a situation where a website ends up denied, not due to a deliberate attack by a single individual or group of individuals, but simply due to a sudden enormous spike in popularity. This can happen when an extremely popular website posts a prominent link to a second, less well-prepared site, for example, as part of a news story

Denial-of-Service Level II
In case of distributed attack or IP header modification (that depends on the kind of security behavior) it will fully block the attacked network from the Internet, but without system crash.
https://en.wikipedia.org/wiki/Denial-of-service_attack

  • DDoS mitigation
DDoS mitigation is a set of techniques for resisting distributed denial of service (DDoS) attacks on networks attached to the Internet by protecting the target and relay networks
This is done by passing network traffic addressed to the attacked network through high-capacity networks with "traffic scrubbing" filters
DDoS mitigation requires correctly identifying incoming traffic to separate human traffic from human-like bots and hijacked browsers
The process is done by comparing signatures and examining different attributes of the traffic, including IP addresses, cookie variations, http headers, and Javascript footprints
http://en.wikipedia.org/wiki/DDoS_mitigation

  • DDoS mitigation techniques

dark address prevention
white/black list
granular rate limiting
anomaly recognition
active verification
dynamic filtering
source rate limiting
aggressive aging
connection limiting
syn proxy


  • LOIC (Low Orbit Ion Cannon)
Low Orbit Ion Cannon (LOIC) was originally developed by Praetox Technologies as an open-source network stress testing tool. It allowed developers to subject their servers to heavy network traffic loads for diagnostic purposes, but it has since been modified in the public domain through various updates and been widely used by Anonymous as a DDoS tool.
The IRC-based “Hive Mind” mode enables a LOIC user to connect his or her copy of LOIC to an IRC channel in order to receive a target and other attack parameters via an IRC topic message. Using many copies of LOIC running in Hive Mind mode across many computers, a third party such as the “hacktivist” group Anonymous can take control of each copy of LOIC simultaneously.
http://security.radware.com/knowledge-center/DDoSPedia/loic-low-orbit-ion-cannon/





  • IP Flood
IP flooding occurs when a computer hacker floods your computer with information through your network connection and IP address. This uses up your network bandwidth and disables you from your online activities. To recover from being IP flooded, request a new IP address from your Internet Service Provider and manually configure your network connection.

  • The above scan by nmap is highly reliable, but its drawback is that it's also easily detectable. Nearly every system admin will know that you're scanning their network as it creates a full TCP connection, and this is logged with your IP address in the log files.
Nmap can also be an excellent denial of service (DOS) tool. If several individuals all send packets from nmap at a target simultaneously at high speed (nmap "insane" speed or -T5), they're likely to overwhelm the target and it will be unable to process new website requests effectively, rendering it useless.
https://null-byte.wonderhowto.com/how-to/hack-like-pro-conduct-active-reconnaissance-and-dos-attacks-with-nmap-0146950


  • How do NTP reflection attacks work?

Similar to DNS amplification attacks, the attacker sends a small forged packet that requests a large amount of data be sent to the target IP Address.
Monlist is a remote command in older version of NTP that sends the requester a list of the last 600 hosts who have connected to that server
For attackers the monlist query is a great reconnaissance tool
For a localized NTP server it can help to build a network profile.
as a DDoS tool, it is even better because a small query can redirect megabytes worth of traffic
Most scanning tools, such as NMAP, have a monlist module for gathering network information and many attack tools, including metasploit, have a monlist DDoS module.

[root@server ~]# ntpdc -c monlist [hostname]
https://www.symantec.com/connect/blogs/hackers-spend-christmas-break-launching-large-scale-ntp-reflection-attacks


  • Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes.
http://tools.kali.org/web-applications/skipfish

  • What’s a DoS attack, what’s a DDoS attack and what’s the difference?
A DoS attack is a denial of service attack where a computer is used to flood a server with TCP and UDP packets. A DDoS attack is where multiple systems target a single system with a DoS attack. The targeted network is then bombarded with packets from multiple locations.
https://www.comparitech.com/net-admin/dos-vs-ddos-attacks-differences-prevention/#:~:text=A%20DoS%20attack%20is%20a,with%20packets%20from%20multiple%20locations.