Freedom-is-a-humans-natural-state-Alive-Again-Positive-Living-1024x684

Cloud – From Freedom to Jail, then back to Freedom

Freedom and flexibility are the main reasons people move to cloud, especially when there are tools like AWS RDBMS. They allow you to move to cloud and freed from your current on-premise vendor. With a BONUS! They also provide the tool that can help you to convert your database from one platform to another, FREEDOM!!! But without realizing it, we are merely switching from one vendor, to another. Meaning from an on-premise vendor to AWS or other cloud service provider. So what? It save costs! Switching to cloud provider will also switch your steady and paid-off budget to an unpredictable one. The…
Capture

Cloud – Who stolen my vCPU ?

As discussed in previous posts like public vs private cloud, you are getting vCPU for your public cloud servers, which is shared among other VMs in the same hypervisor. But how do you know if the hypervisor,  the physical hardware CPU itself is being overpopulated? What you need to do is: SSH to your server Run the top command: type top and press enter Take a look at the %st, yap, st stands for steal, the value should remain at 0%: It’s impossible to monitor it by human eyes, for us we add it to Zabbix monitoring by using the Zabbix-agent…
Public-vs-Private-Cloud

Public cloud and Private cloud

What’s the difference between Public and Private The only main difference between the two is simple: Using public cloud: Sharing the physical hardware with other user Using private cloud: All the VM is sitting on your dedicated servers, sharing resource with no others but your own VM A wider definition of ‘Cloud’ itself could simply be – Offsite infrastructure / Public vs. Private == Shared hosting vs. Dedicated hosting Due to the maturity of virtualisation technology, sharing the same piece of hardware is will no longer be a security concern. Unless you are going for compliance such as PCI-DSS, then…
AWS_Auto_Scaling_using_EC2_Management_Console

Scaling on the Cloud – How and When ? Part 2

We have discussed about the HOW of scaling in Part 1, let’s discuss on the WHEN of scaling. 1. Preemptive Scaling In other words, manual scaling. You are expecting an increase of traffic like: A crazy product promotion with huge discount on your e-commerce site Marketing spending to draw huge traffic, such as LINE events, Facebook campaigns, etc. Your guts telling you your site is going viral tomorrow What’s good is this manual thing? Well, there are a few: Run load tests on the manual preemptive infra, tell your marketing team, management team with prove that the infra is ready…
Capture

Scaling on the Cloud – How and When ? Part 1

Cloud computing has been known for its flexibility, it can scale anytime. I will scale it down when traffic is low to save my cost, with just a button. I will scale it up when traffic is high to handle my traffic spike, with just a button. But in real world implementation, is it really just with a button? There are two types of scaling: Vertically and Horizontally, of course there are a fresh and new way – Serverless cloud, we will get to that later, due to lack of application support, at least in local market.   Vertical Scaling…

Hyper-V clone to multiple new VM

With the Hyper-V GUI manager, its just too headache to copy a freshly installed OS to multiple new VM, especially while testing clustering software like DRBD or Ceph. Here’s a quick powershell script to copy a Centos7  source VM into 5 new VM: ForEach ($number in 1..5){ #Path to our source VHD $srcVHDPath = "D:\Hyper-V\Centos7-Ori.vhdx" #Path to create new VHDs $newVHDPath = "D:\Hyper-V\Centos7-$number.vhdx" copy $srcVHDPath $newVHDPath New-vm -Name "Centos7-0$number" -MemoryStartupBytes 2048MB -VHDPath $newVHDPath }

Enable HTTPS on wordpress + Fix the Mix Content HTTPS alert

Google Chrome is going to show the Non-Secure alert for all Non-HTTPS sites, after hitting a few bad reference, we have finalize the following works fine: Use Let’sEncrypt to generate yourself a valid SSL, or just use CloudFlare’s FlexiSSL Make sure you backup your web files and DB before changing the site URL from http:// to https://, you will want to have a easy way to recover it without problem accessing to https://yoursite.com/wp-admin Once you get https up and running, your site could look very bad as browsers refuse to load CSS and JS with http:// URL instead of https://…

Blacknurse DoS attack on Cisco ASA

Cisco ASA config: Outside: 192.168.9.136/24 Inside: 192.168.1.1/24 How to attack it: 1. Get a ubuntu or any Linux server, install hping3 (apt-get install hping3) 2. attack it: hping3 -1 -C 3 -K 3 -i u20 192.168.9.136 Monitoring from Cisco ASA ASDM, the CPU load spike to 100% in just few second time, and services in the inside zone start to have packet lost to outside zone, and the attacking Ubuntu is just sending 5kbps of traffic: ICMP type 3 has been set in access rule to drop but do not mitigate the issue, sadly Cisco is not going to patch…

Free malicious script scanner – AI-Borit

It’s been a common issue for PHP sites especially unpatched CMS like WordPress / Magento becoming a victim of web defacement, where hackers have uploaded malicious codes into the application, hidden in the PHP / CSS / JS / HTML files. AI-Borit is a great tool to scan and locate those code, make developers life easier to clean them up, in case if there’s no clean backup available. # Download the Unix zip from https://www.revisium.com/ai/ # unzip, put ai-borit.php one level up from your web files, eg. /var/www/ai-borit.php unzip ai-bolit.zip mv ai-bolit/ai-bolit.php /var/www #run it, a report in HTML format…