β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The trend to the leading advantage of USB port control software :
Compared with similar domestic systems, the Da Shizhi computer file anti-leakage system has many advantages. It has the following leading advantages:
1) There is no need for users to encrypt computer files throughout the process. At present, similar computer file anti-leakage systems usually encrypt user computer files. This not only requires a lot of complex encryption and decryption operations, which increases the user's workload, but also easily destroys files due to the need to format the computer files themselves. However, the present invention does not perform any format conversion or encryption and decryption operations on computer files throughout the entire process, and only performs real-time monitoring of various channels for computer leakage, thereby protecting file security and preventing file leakage.
2) Based on HOOK and window filtering technology, the system can control all potentially leaky programs, URLs, and access behaviors, especially through the preset of program keywords, window class names, window names, and window process information, and Support users to make personalized presets, which can prevent various possible leaks.
3) Realize precise control of the use of USB storage devices. Currently, similar anti-leakage systems can only completely disable the use of USB storage devices, or only allow the use of specific USB storage devices. The present invention can not only realize the above-mentioned functions by making full use of the HOOK and window filtering technology, but also can further set the use authority of the USB storage device. It can only copy files from the USB storage device to the computer, and prohibit the computer to the USB storage device. Copying files, or entering a password from the computer to the USB storage device can be realized, so as to prevent the USB storage device from leaking, but also give full play to the file storage function of the USB storage device.
4) The traditional computer file anti-leakage system focuses on the control of the file itself, and the present invention realizes the key functions of the operating system, computer running programs, computer website access, computer external equipment, etc. by giving full play to the hook and window filtering technology. The position control can realize the overall and three-dimensional computer file anti-leakage control, which is convenient for realizing the realization of the computer file anti-leakage control function.
5) Traditional computer file anti-leakage systems are often based on the HOOK operating system clipboard to prevent file copying. However, many third-party software copy and cut operations are not cached by the operating system's clipboard. Instead, it is stored directly through the third-party software itself, which leads to the failure of the traditional control method of disabling the clipboard based on the HOOK clipboard and the global hook.
Written by
don't clone our tutorials
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The trend to the leading advantage of USB port control software :
Compared with similar domestic systems, the Da Shizhi computer file anti-leakage system has many advantages. It has the following leading advantages:
1) There is no need for users to encrypt computer files throughout the process. At present, similar computer file anti-leakage systems usually encrypt user computer files. This not only requires a lot of complex encryption and decryption operations, which increases the user's workload, but also easily destroys files due to the need to format the computer files themselves. However, the present invention does not perform any format conversion or encryption and decryption operations on computer files throughout the entire process, and only performs real-time monitoring of various channels for computer leakage, thereby protecting file security and preventing file leakage.
2) Based on HOOK and window filtering technology, the system can control all potentially leaky programs, URLs, and access behaviors, especially through the preset of program keywords, window class names, window names, and window process information, and Support users to make personalized presets, which can prevent various possible leaks.
3) Realize precise control of the use of USB storage devices. Currently, similar anti-leakage systems can only completely disable the use of USB storage devices, or only allow the use of specific USB storage devices. The present invention can not only realize the above-mentioned functions by making full use of the HOOK and window filtering technology, but also can further set the use authority of the USB storage device. It can only copy files from the USB storage device to the computer, and prohibit the computer to the USB storage device. Copying files, or entering a password from the computer to the USB storage device can be realized, so as to prevent the USB storage device from leaking, but also give full play to the file storage function of the USB storage device.
4) The traditional computer file anti-leakage system focuses on the control of the file itself, and the present invention realizes the key functions of the operating system, computer running programs, computer website access, computer external equipment, etc. by giving full play to the hook and window filtering technology. The position control can realize the overall and three-dimensional computer file anti-leakage control, which is convenient for realizing the realization of the computer file anti-leakage control function.
5) Traditional computer file anti-leakage systems are often based on the HOOK operating system clipboard to prevent file copying. However, many third-party software copy and cut operations are not cached by the operating system's clipboard. Instead, it is stored directly through the third-party software itself, which leads to the failure of the traditional control method of disabling the clipboard based on the HOOK clipboard and the global hook.
Written by
don't clone our tutorials
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to find out the last modified date of a file on Linux ?
1) Using stat command
The ls -l command gives you basic information about a file, such as file ownership and permissions, file size and creation date.
The stat command returns the attributes of a file with detailed information, such as when the file was last opened and modified.
The syntax is pretty straightforward.
Stat is followed by the file name or full path to this file.
$ stat filename
2) From the above output, we can clearly see when the file was last accessed (Access Date), Modified Date, Modified Date of other parameters.
If you want to view only the modified date and omit all other information, run the following command:
$ stat -c '% y' file1.txt
3) The -c option is used to return the date in a custom format, and the "% y" flag displays the time it was last modified.
For catalogs, the syntax remains the same.
Just replace the filename with the directory name.
4) Using the date command
The date command displays the current date in basic syntax.
However, when used with the -r option, you can display the last modified date of the file as follows:
$ date -r filename
for instance
$ date -r file1.txt
5) Using the ls -l command
The ls -l command is commonly used to display additional information about files, such as file ownership and permissions, size and creation date.
To list and display the last modified time, use the lt parameter as shown below.
$ ls -lt filename
6) Using httpie
Another way to check the last modified date is to use the httpie command line client tool.
HTTPie is a modern HTTP client similar to Curl and Wget commands
The tool is commonly used to interact with HTTP servers and APIs and can also check when a file residing on a web server was last modified.
7) But first you need to install it using the command:
$ pip3 install httpie --user
Ubuntu / Debian / Mint:
$ sudo apt install httpie
To check when a file was last modified on the web server, use the syntax:
$ http -h [url] | grep 'Last-Modified'
For instance:
$ http -h https://itsecforu.ru/wp-content/uploads/2020/09/Fedora.png | grep -i 'Last-Modified'
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to find out the last modified date of a file on Linux ?
1) Using stat command
The ls -l command gives you basic information about a file, such as file ownership and permissions, file size and creation date.
The stat command returns the attributes of a file with detailed information, such as when the file was last opened and modified.
The syntax is pretty straightforward.
Stat is followed by the file name or full path to this file.
$ stat filename
2) From the above output, we can clearly see when the file was last accessed (Access Date), Modified Date, Modified Date of other parameters.
If you want to view only the modified date and omit all other information, run the following command:
$ stat -c '% y' file1.txt
3) The -c option is used to return the date in a custom format, and the "% y" flag displays the time it was last modified.
For catalogs, the syntax remains the same.
Just replace the filename with the directory name.
4) Using the date command
The date command displays the current date in basic syntax.
However, when used with the -r option, you can display the last modified date of the file as follows:
$ date -r filename
for instance
$ date -r file1.txt
5) Using the ls -l command
The ls -l command is commonly used to display additional information about files, such as file ownership and permissions, size and creation date.
To list and display the last modified time, use the lt parameter as shown below.
$ ls -lt filename
6) Using httpie
Another way to check the last modified date is to use the httpie command line client tool.
HTTPie is a modern HTTP client similar to Curl and Wget commands
The tool is commonly used to interact with HTTP servers and APIs and can also check when a file residing on a web server was last modified.
7) But first you need to install it using the command:
$ pip3 install httpie --user
Ubuntu / Debian / Mint:
$ sudo apt install httpie
To check when a file was last modified on the web server, use the syntax:
$ http -h [url] | grep 'Last-Modified'
For instance:
$ http -h https://itsecforu.ru/wp-content/uploads/2020/09/Fedora.png | grep -i 'Last-Modified'
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Running the Cloud Resource Operator :
#Requested
Operator to provision resources such as Postgres, Redis and storage for you, either in-cluster or through a cloud provider such as Amazon AWS.
This operator depends on the Cloud Credential Operator for creating certain resources such as Amazon AWS Credentials. If using the AWS provider, ensure the Cloud Credential Operator is running
Due to a change in how networking is configured for Openshift >= v4.4.6 the use of cro <= v0.16.1 with these Openshift versions is unsupported. Please use >= v0.17.x of CRO for Openshift >= v4.4.6.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Prerequisites:
1) go
make
2) git-secrets - for preventing cloud-provider credentials being included in commits
3) Ensure you are running at least Go 1.13.
$ go version
go version go1.13 darwin/amd64
4) If not, ensure Go Modules are enabled.
5) Clone this repository into your working directory, outside of $GOPATH. For example:
$ cd ~/dev
6) $ git clone git@github.com:integr8ly/cloud-resource-operator.git
7) Seed the Kubernetes/OpenShift cluster with required resources:
$ make cluster/prepare
8) Run the operator:
$ make run
9) Clean up the Kubernetes/OpenShift cluster:
$ make cluster/clean
π¦TUTORIALS :
1) Provider configmap
The cloud-resource-config configmap defines which provider should be used to provision a specific resource type. Different deployment types can contain different resource type > provider mappings. An example can be seen here. For example, a workshop deployment type might choose to deploy a Postgres resource type in-cluster (openshift), while a managed deployment type might choose AWS to deploy an RDS instance instead.
2) Strategy configmap
A config map object is expected to exist for each provider (Currently AWS or Openshift) that will be used by the operator. This config map contains information about how to deploy a particular resource type, such as blob storage, with that provider. In the Cloud Resources Operator, this provider-specific configuration is called a strategy. An example of an AWS strategy configmap can be seen here.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Running the Cloud Resource Operator :
#Requested
Operator to provision resources such as Postgres, Redis and storage for you, either in-cluster or through a cloud provider such as Amazon AWS.
This operator depends on the Cloud Credential Operator for creating certain resources such as Amazon AWS Credentials. If using the AWS provider, ensure the Cloud Credential Operator is running
Due to a change in how networking is configured for Openshift >= v4.4.6 the use of cro <= v0.16.1 with these Openshift versions is unsupported. Please use >= v0.17.x of CRO for Openshift >= v4.4.6.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Prerequisites:
1) go
make
2) git-secrets - for preventing cloud-provider credentials being included in commits
3) Ensure you are running at least Go 1.13.
$ go version
go version go1.13 darwin/amd64
4) If not, ensure Go Modules are enabled.
5) Clone this repository into your working directory, outside of $GOPATH. For example:
$ cd ~/dev
6) $ git clone git@github.com:integr8ly/cloud-resource-operator.git
7) Seed the Kubernetes/OpenShift cluster with required resources:
$ make cluster/prepare
8) Run the operator:
$ make run
9) Clean up the Kubernetes/OpenShift cluster:
$ make cluster/clean
π¦TUTORIALS :
1) Provider configmap
The cloud-resource-config configmap defines which provider should be used to provision a specific resource type. Different deployment types can contain different resource type > provider mappings. An example can be seen here. For example, a workshop deployment type might choose to deploy a Postgres resource type in-cluster (openshift), while a managed deployment type might choose AWS to deploy an RDS instance instead.
2) Strategy configmap
A config map object is expected to exist for each provider (Currently AWS or Openshift) that will be used by the operator. This config map contains information about how to deploy a particular resource type, such as blob storage, with that provider. In the Cloud Resources Operator, this provider-specific configuration is called a strategy. An example of an AWS strategy configmap can be seen here.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How can you get rid of the Reannewscomm.com virus?
The most effective way to remove any hacker software from your computer is to use a powerful antivirus program that can deal with many system problems, including the activity of malware such as the "Reannewscomm.com" virus.
A complete system scan can take a very long time, depending on the hardware configuration, but this method allows you to get rid of almost any threats and prevent them from occurring in the future.
You can also use alternative removal options for "Reannewscomm.com":
1) If you are sure that there is a browser cracker on your PC, then it is better to immediately disable or remove all suspicious extensions from your browser. This process is slightly different in the applications "Safari" and "Google Chrome", especially since in the second case you can use the special utility "Chrome Cleanup Tool" for this.
2) You can independently find this malicious object through the Task Manager and try to remove it manually, but in most cases it will not work that easily, so you still have to install anti-virus software.
3) If the problem in question occurs on a mobile device, then you will need to use alternative methods to remove viruses from Android or IOS.
4) If none of these steps helped resolve the problem, then it would be wise to roll back to an earlier backup point using the System Restore module. In this case, it is very important to select the time period in which the "Reannewscomm.com" virus was not yet active.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How can you get rid of the Reannewscomm.com virus?
The most effective way to remove any hacker software from your computer is to use a powerful antivirus program that can deal with many system problems, including the activity of malware such as the "Reannewscomm.com" virus.
A complete system scan can take a very long time, depending on the hardware configuration, but this method allows you to get rid of almost any threats and prevent them from occurring in the future.
You can also use alternative removal options for "Reannewscomm.com":
1) If you are sure that there is a browser cracker on your PC, then it is better to immediately disable or remove all suspicious extensions from your browser. This process is slightly different in the applications "Safari" and "Google Chrome", especially since in the second case you can use the special utility "Chrome Cleanup Tool" for this.
2) You can independently find this malicious object through the Task Manager and try to remove it manually, but in most cases it will not work that easily, so you still have to install anti-virus software.
3) If the problem in question occurs on a mobile device, then you will need to use alternative methods to remove viruses from Android or IOS.
4) If none of these steps helped resolve the problem, then it would be wise to roll back to an earlier backup point using the System Restore module. In this case, it is very important to select the time period in which the "Reannewscomm.com" virus was not yet active.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π₯ What is AAA (Authentication, Authorization and Accounting)?
π¦What is Authentication?
1) Authentication is the process of identifying a user or instance.
2) A simple way to verify a user is usually user-supplied data, which is usually a username and password.
3) For example, when logging into Gmail, we will need to enter the correct existing username and password for authentication.
4) Authentication is also important for security, because without identifying users, there will be no security restrictions and associated restrictions.
5) There are also various authentication methods such as certificates, public / private keys, tokens, images, etc., as well as biometrics.
6) Authentication usually requires one verification method to go through, but more recently, multiple methods can be used for one authentication, commonly referred to as two-factor authentication or multi-factor authentication.
A) TACACS and AAA
Tacacs or Tacacs + is an AAA protocol created by Cisco for use with its networking products.
Tacacs is the first generation of the protocol and Tacacs + is the next generation AAA protocol with advanced features.
B) RADIUS and AAA
Radius is another AAA protocol that provides features and services very similar to Tacac.
Radius is an open standard and widely used protocol that is defined by the RFC.
C) LDAP and AAA
LDAP is another popular authentication and authorization protocol associated with AAA.
The popular LDAP protocol provides authentication and authorization in an open manner that is supported by many different devices, systems, and software.
LDAP stores user information such as username, ID, password, home directory, certificate, etc. and verifies authentication with the provided credentials and returns the result.
LDAP also provides users with authorization information.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π₯ What is AAA (Authentication, Authorization and Accounting)?
π¦What is Authentication?
1) Authentication is the process of identifying a user or instance.
2) A simple way to verify a user is usually user-supplied data, which is usually a username and password.
3) For example, when logging into Gmail, we will need to enter the correct existing username and password for authentication.
4) Authentication is also important for security, because without identifying users, there will be no security restrictions and associated restrictions.
5) There are also various authentication methods such as certificates, public / private keys, tokens, images, etc., as well as biometrics.
6) Authentication usually requires one verification method to go through, but more recently, multiple methods can be used for one authentication, commonly referred to as two-factor authentication or multi-factor authentication.
A) TACACS and AAA
Tacacs or Tacacs + is an AAA protocol created by Cisco for use with its networking products.
Tacacs is the first generation of the protocol and Tacacs + is the next generation AAA protocol with advanced features.
B) RADIUS and AAA
Radius is another AAA protocol that provides features and services very similar to Tacac.
Radius is an open standard and widely used protocol that is defined by the RFC.
C) LDAP and AAA
LDAP is another popular authentication and authorization protocol associated with AAA.
The popular LDAP protocol provides authentication and authorization in an open manner that is supported by many different devices, systems, and software.
LDAP stores user information such as username, ID, password, home directory, certificate, etc. and verifies authentication with the provided credentials and returns the result.
LDAP also provides users with authorization information.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π How to choose a CCTV camera ?
A) Equipment selection criteria
1) Before you buy a security camera , you need to decide where it will be used - outdoors or indoors. For example, indoor units are characterized by a more compact size and aesthetic design. They can organically fit into the interior of the room. Outdoor use requires models equipped with a waterproof and dustproof housing. An outdoor camera can be used inside a building, but it may not fit the design.
2) If the equipment will be installed independently, it is better to choose wireless models. Wi-Fi technology assumes the ability to mount the device anywhere there is a wireless signal. The only thing that is required is a power connection. The disadvantage of wireless technology is the ability to limit transmission distance in the presence of buildings or other obstacles along the way.
3)Pay attention to the POE parameter if the transmission distance is significant. The main feature of this technology is that it can be implemented using a single Ethernet wire. This cable will connect power and also transmit the signal.
4)Separately, it should be said about the cost. As a rule, the higher the price, the more functional and better the equipment works. But today manufacturers offer good and inexpensive IP cameras with decent shooting quality and decent service.
5)If you decide to give preference to cheaper options, you need to remember the following nuances:
B) when buying, you always need to compare the characteristics and parameters of devices;
1) before purchasing, you should familiarize yourself with the software, as well as check the usability of the interface;
2) on the Internet, you can search for recordings made by a camera of a certain model in order to understand how high-quality the picture is;
you should clarify everything regarding service and warranty.
3)Many modern models provide the ability to save videos, but you can find more outdated devices on sale. After the information is recorded, it is uploaded to the FTP server.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π How to choose a CCTV camera ?
A) Equipment selection criteria
1) Before you buy a security camera , you need to decide where it will be used - outdoors or indoors. For example, indoor units are characterized by a more compact size and aesthetic design. They can organically fit into the interior of the room. Outdoor use requires models equipped with a waterproof and dustproof housing. An outdoor camera can be used inside a building, but it may not fit the design.
2) If the equipment will be installed independently, it is better to choose wireless models. Wi-Fi technology assumes the ability to mount the device anywhere there is a wireless signal. The only thing that is required is a power connection. The disadvantage of wireless technology is the ability to limit transmission distance in the presence of buildings or other obstacles along the way.
3)Pay attention to the POE parameter if the transmission distance is significant. The main feature of this technology is that it can be implemented using a single Ethernet wire. This cable will connect power and also transmit the signal.
4)Separately, it should be said about the cost. As a rule, the higher the price, the more functional and better the equipment works. But today manufacturers offer good and inexpensive IP cameras with decent shooting quality and decent service.
5)If you decide to give preference to cheaper options, you need to remember the following nuances:
B) when buying, you always need to compare the characteristics and parameters of devices;
1) before purchasing, you should familiarize yourself with the software, as well as check the usability of the interface;
2) on the Internet, you can search for recordings made by a camera of a certain model in order to understand how high-quality the picture is;
you should clarify everything regarding service and warranty.
3)Many modern models provide the ability to save videos, but you can find more outdated devices on sale. After the information is recorded, it is uploaded to the FTP server.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WHAT IS DDE EXPLOIT ?
1)DDE exploitation was also known as dynamic data exchange, it allows data to be transferred between applications without any user interaction.
2)Hackers have used this technique to execute malicious scripts to compromise data.
3) This was reported to Microsoft by Sensepost, Etienne Stalmans and Saif El-Sherei, but this has not been fixed as many applications use the DDE protocol.
4) This exploit does not require a macro feature to be enabled.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WHAT IS DDE EXPLOIT ?
1)DDE exploitation was also known as dynamic data exchange, it allows data to be transferred between applications without any user interaction.
2)Hackers have used this technique to execute malicious scripts to compromise data.
3) This was reported to Microsoft by Sensepost, Etienne Stalmans and Saif El-Sherei, but this has not been fixed as many applications use the DDE protocol.
4) This exploit does not require a macro feature to be enabled.
β β β Uππ»βΊπ«Δπ¬πβ β β β