18.8 C
London
Sunday, August 20, 2017
Home Tags SSH

Tag: SSH

Git, Mercurial, SVN patched; CVS hasn't got around to it yet Users of the world's most popular software version control systems can be attacked when cloning a repository over SSH.…
Being a malware researcher means you are always busy with the struggle against mountains of malware and cyberattacks around the world. Over the past decade, the number of daily new malware findings raised up to unimaginable heights: with hundreds of thousands of malware samples per day!
Years ago, all you needed to be a developer was an editor, a compiler, and hopefully some kind of revision control system. (Sadly, many developers still donrsquo;t use revision control systems properly.)These days, you need to know more even for basic software development. Herersquo;s the top 10 list of tools every modern developer should know and use:[ The art of programming moves rapidly.
InfoWorld helps you navigate whatrsquo;s running hot and what's going cold. | Keep up with hot topics in programming with InfoWorld's App Dev Report newsletter. ]
Git and GitHub: Although there are companies that still use Subversion or CVS even, let alone the awful Clearcase, you probably shouldnrsquo;t work at one of them.

Git is now a basic skill like tying your shoes or spell checking. SSH: Yeah, I know: Yoursquo;re a Windows developer and you donrsquo;t know no stinking shell.

But yoursquo;re going to run into having to create an SSH key or do other SSH stuff.
So you may as well learn now. Terminal Services or remote login: Even if yoursquo;re a Linux or Mac person, sooner or later yoursquo;ll have to deal with Windows.

These tools are how you will connect in. Amazon Web Services: AWS isnrsquo;t just cloud, it is the reason you donrsquo;t have to wait on IT.

There are other cloud providers, but yoursquo;ll have to deal with AWS sooner or later.

AWS has gotten so big that you canrsquo;t know all of AWS any more, but you do need to know at least the EC2 stuff. JavaScript: You donrsquo;t need to know it cold, but this is the scripting language of the now.
If a product or tool is going to add a scripting API, it will probably be for JavaScript. Bash and PowerShell: Sure, more modern devops tools are handy, but sooner or later something isnrsquo;t going to work and it wonrsquo;t have quite what you need.
So, expect to need to know how to write a basic restart script, grab an error code from an exiting command, or do a few things in a loop.

Thatrsquo;s what Bash (in Linux, many Unixes, MacOS, and Windows 10) and Microsoftrsquo;s PowerShell let you do.

Bonus: Add a tool like Grep (PowerShellrsquo;s equivalent Select-String is more wordy) and yoursquo;ll be an even more powerful deity. MongoDB: You need to know how to work with at least one document database. MongoDB is the easiest to learn. Whether yoursquo;re ultimately going to use MongoDB isnrsquo;t relevant; what matters is learning how to deal with a new-generation database.
If yoursquo;re going to use an index like Apache Solr, which is document-shaped, or yoursquo;re going to work with a more columnar structured database, the MongoDB skills will transfer. Curl and Invoke-RestMethod: Most software now has a REST API. On Mac and Linux, Curl is the command-line tool that lets you test and tweak and even script against a REST API.
In PowerShell, it is Invoke-RestMethod (although like everything on PowerShell, it requires more typing).

There are GUI tools like Postman that accomplish the same work, but a serious developer needs to be able to move past a point-and-click interface for efficiencyrsquo;s sake. Markdown: This is the format of the README.md file in GitHub. You should be able to read and write a simple Markdown document.

And thatrsquo;s easy because it has just seven symbols: (# is a header, ## is a subheader, * is a bullet, __ and ** are bold, _ and * are italics, ` is monospace, and --- is a break or rule). Markdown editors often have extensions but those are the basics.

From that basic markup language, you can get slides, PDFs, and HTML. Often these output formats can be consistently formatted with CSS or some other way.

Best of all, you donrsquo;t end up with smart quotes in your code samples. Basic HTML: I canrsquo;t make a decent-looking web page to save my life; Irsquo;m a back-end developer.

But whether yoursquo;re going to stub something out or have to parse HTML, you will need to know basics of the web markup language. To read this article in full or to leave a comment, please click here
Rapid7 warned this week that its Nexpose appliances were shipped with a SSH configuration that could have let obsolete algorithms be used for key exchange.
Booz Allen Hamilton engineer posted geospatial intelligence to Amazon S3 bucket.
Telnet security flaw fix finally lands – or just use SSH, yeah? Cisco has patched a critical security flaw in its switches that can be potentially exploited by miscreants to hijack networks – a flaw disclosed in the Vault 7 leak of CIA files.…
Technologies based on Intel Active Management Technology may be vulnerable to remote privilege escalation,which may allow a remote,unauthenticated attacker to execute arbitrary code on the system.
SSH... it's Shishiga Hackers have unleashed a new malware strain that targets Linux-based systems.…
Gravitational, maker of a software-as-a-service support system built with Kubernetes, has released the latest open source iteration of a key part of that system.Teleport, an SSH server that provides support teams with a simpler way to remotely manag...
Get patching, friends Cisco's discovered that its Mobility Express Software, shipped with Aironet 1830 Series and 1850 Series access points, has a hard-coded admin-level SSH password.…
A vulnerability in Cisconbsp;Aironet 1830 Series and Cisconbsp;Aironet 1850 Series Access Points running Cisconbsp;Mobility Express Software could allow an unauthenticated, remote attacker to take complete control of an affected...
New service puts logic closer to users, aims to be "global load balancer" for apps.