Logstash is a service that accepts logs from a variety of systems, processes it and allows us to index it in Elasticsearch etc which can be visualised using Kibana. Our DevOps engineers have been using Logstash S3 plugin which simply puts all data in a S3 bucket location. Since we have configured files to be created in every hour on...
Most of the times when we need to run some Java, Node.js or python program in background, so it could stay running even after you leave console all we do is put "&" in the end of the command. $java -jar SimpleService.jar & The problem here is that when you leave the bash shell your process will become "Orphan" and it's up to...
In the recent past, software has seen a revolution of sorts. The emergence of Docker and the containerization paradigm has questioned the basis of some of the software delivery principles. The result? People are opting for things unheard of some two years back. What’s more, they are now using them successfully to deliver software faster...
In my previous post, we learnt about how to launch RDS Aurora instance. The storage space of RDS Aurora is automatically scalable up to 64 TB and the read scaling can be achieved by creating up to 15 replicas in the cluster. I had migrated database into RDS Aurora to avail fault tolerance feature. Once the migration was completed I came...
Encrypting RDS provides additional security by encrypting the underlying storage of your RDS data. Amazon uses AES-256 encryption algorithm to encrypt your RDS data on the devices on the servers hosting your database instances.The performance impact of the encryption is minimal on your DB instance. Your end application does not require...
Application Security, Technology
We have seen a lot of applications where some sub-domains or sub-directories are publicly exposed (intently or by mistake). So, with experience from our past pentests we have made a habit of testing for vulnerable or accessible sub-domains. During one of such testing, I was manually testing the URLs of different sub-domains of the...
In my last couple of blogs, I talked about Docker monitoring, why I would need Docker monitoring and how I can monitor Docker containers using AWS, Ruxit and Sysdig. Today, we are going to talk about another such tool which most of us already know about which also provides Docker monitoring. The tool is New Relic. How to...
Recently, I worked on a task wherein the users had to be authenticated based on existing Google credentials to get access of AWS Management Console. It took more time than expected to make it work as the documentation provided by Google is not complete. Let’s start by setting this up step by step. Scenario: Provide access of AWS...
Recently, I got a chance to dockerize a traditional MongoDB replica set. Currently, I am doing it for QA and UAT environment where MongoDB replica set is setup on a single host. So, in this blog, we will do it on a single host using Docker Networking and Docker Compose. Scenario: Set up a MongoDB replica using version 3.0.5 set...
I was recently searching for something on Google and came across this instance of what might be a logical vulnerability prevailing across multiple web applications. I was searching for publicly accessible Jenkins console through Google Dorking. My search query listed some of the websites that had Jenkins as a part of their domain...
Sysdig has been one of the most advanced cloud-based tools for monitoring your infrastructure. So, talking about Docker monitoring, Sysdig gives us a lot of insights about our containers, few of which we will be talking about in this blog. Docker is the most widely used and trending tool when it comes to DevOps. USE-CASE In this...
I have always loved using Docker the traditional way. Running commands like docker run etc. has been the way we use Docker. While surfing the internet, I found this chrome app which can be downloaded and installed via google chrome and easily be used for getting a user-interface for your Docker Engine. It simplifies the way we use Docker....