Podcasts about webserver

  • 115PODCASTS
  • 152EPISODES
  • 41mAVG DURATION
  • ?INFREQUENT EPISODES
  • May 7, 2025LATEST
webserver

POPULARITY

20172018201920202021202220232024


Best podcasts about webserver

Latest podcast episodes about webserver

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Wednesday, May 7th: Infostealer with Webserver; Android Update; CISA Warning

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later May 7, 2025 6:44


Python InfoStealer with Embedded Phishing Webserver Didier found an interesting infostealer that, in addition to implementing typical infostealer functionality, includes a web server suitable to create local phishing sites. https://isc.sans.edu/diary/Python%20InfoStealer%20with%20Embedded%20Phishing%20Webserver/31924 Android Update Fixes Freetype 0-Day Google released its monthly Android update. As part of the update, it patched a vulnerability in Freetype that is already being exploited. Android is not alone in using Freetype. Freetype is a very commonly used library to parse fonts like Truetype fonts. https://source.android.com/docs/security/bulletin/2025-05-01 CISA Warns of Unsophistacted Cyber Actors CISA released an interesting title report warning operators of operational technology networks of ubiquitous attacks by unsophisticated actors. It emphasizes how important it is to not forget basic security measures to defend against these attacks. https://www.cisa.gov/news-events/alerts/2025/05/06/unsophisticated-cyber-actors-targeting-operational-technology

Talk Python To Me - Python conversations for passionate developers
#463: Running on Rust: Granian Web Server

Talk Python To Me - Python conversations for passionate developers

Play Episode Listen Later May 25, 2024 64:51


So you've created a web app with Python using Flask, Django, FastAPI, or even Emmett. It works great on your machine. How do you get it out to the world? You'll need a production-ready web server. On this episode, we have Giovanni Barillari to tell us about his relatively-new server named Granian. It promises better performance and much better consistency than many of the more well known ones today. Episode sponsors Neo4j Talk Python Courses Links from the show New spaCy course: talkpython.fm Giovanni: @gi0baro Granian: github.com Emmett: emmett.sh Renoir: github.com Watch this episode on YouTube: youtube.com Episode transcripts: talkpython.fm --- Stay in touch with us --- Subscribe to us on YouTube: youtube.com Follow Talk Python on Mastodon: talkpython Follow Michael on Mastodon: mkennedy

Tux Flash
Das smarte Gerät auf dem Land ist doch der Stalljunge?

Tux Flash

Play Episode Listen Later Apr 15, 2024 74:04


Wieder zu dritt kommen wir auf Umwegen auf die XZ Utils Lücke,XtoGo und andere remote Lösungen, smarte Geräte auf dem Land, Webseiten CMS und Webserver zu Srechen.

The Laravel Podcast
Cashier vs. Spark, Pest vs. PHPUnit, and How We Manage Remote Teams

The Laravel Podcast

Play Episode Listen Later Jan 16, 2024 41:02


In this episode of the Laravel Podcast we are packing it in! We're diving into the freshest drops, like FrankenPHP, Cashier Quickstarts, and the buzz about the upcoming Laravel Worldwide Meetup. We'll also weigh Cashier against Spark, discuss boot service providers for all your apps, pit Pest versus PHPUnit for testing, and get into the details of how we manage our teams.Taylor Otwell's Twitter - https://twitter.com/taylorotwellMatt Stauffer's Twitter - https://twitter.com/stauffermattLaravel Twitter - https://twitter.com/laravelphpLaravel Website - https://laravel.com/Tighten.co - https://tighten.com/Taylor and Ramus Tweet - https://x.com/taylorotwell/status/1732607829239116057?s=20Chris Fidao Frankenphp video - https://youtu.be/q6FQaaFZVy4?si=MU1AAi7-UNgLH-NiLaravel Worldwide Meetup - meetup.laravel.comColin DeCarlo Twitter -  https://twitter.com/colindecarloVehikl Twitter -  https://twitter.com/vehiklCashier Quick Start -  https://laravel.com/docs/10.x/billing#quickstartDries Vints Twitter - https://twitter.com/driesvintsIan Landsman Twitter - https://twitter.com/ianlandsmanIan Boot Service Tweet: https://x.com/ianlandsman/status/1744903740329443588?s=20Eric Barnes Twitter - https://twitter.com/ericlbarnesTaylor Test Runner Poll Tweet -  https://x.com/taylorotwell/status/1744729110163988949?s=20Lambo - https://github.com/tighten/lamboMatt's video Pest as a Test Runner - https://www.youtube.com/watch?v=W3tfEtbMTEIRemote - https://basecamp.com/books/remoteLastlings - https://www.lastlings.com/Harry Styles - https://www.hstyles.co.uk/Don't Worry Darling - https://www.imdb.com/title/tt10731256/Spider Man soundtracks - https://music.apple.com/us/album/spider-man-into-the-spider-verse-soundtrack-from/1453876765 & https://music.apple.com/us/album/metro-boomin-presents-spider-man-across-the-spider/1690685331Jamila Woods - https://www.jamila-woods.com/-----Editing and transcription sponsored by Tighten.

Der ichbindochnichthierumbeliebtzusein.com PodCast - Technik, Gadgets, Meinungen und aktuelle Themen, die das Netz und die We
291 Mein Erfahrungsbericht zu wix.com – kurz gesagt teuer und wehe, man braucht den Kundendienst oder will da wieder weg… ui ui ui ui ui!!!

Der ichbindochnichthierumbeliebtzusein.com PodCast - Technik, Gadgets, Meinungen und aktuelle Themen, die das Netz und die We

Play Episode Listen Later Jan 16, 2024 16:46


291 Mein Erfahrungsbericht zu wix.com – kurz gesagt teuer und wehe, man braucht den Kundendienst oder will da wieder weg… ui ui ui ui ui!!! Ich bin in einer Zeit im Internet groß geworden, wo man zu Hause seine eigene Sun oder Silicon Graphics mit einem, idealerweise schnellen, Kabel, das über Modem das Internet gebracht hat, verbunden hat. Um dann herauszufinden, was von den Unix-Kenntnissen im Informatikstudium noch übrig waren. Leichter wurde es, als der erste Apple einzog - aber der größte Flaschenhals damals in Deutschland waren die Internetgeschwindigkeiten: Wer will und wollte schon eine 56k-Leitung für einen Webserver benutzen? Das alles änderte sich, als nicht mehr nur AOL und die Telekom das Internet ins Haus brachten, da kamen die ersten Server-Mieten und Domainkäufe zu erschwinglichen Preisen. Und diverse Softwareprodukte wie GoLive und Dreamweaver ermöglichten ohne viele Vorkenntnisse und mit wenigen Klicks eine ansehnliche Webseite zu erstellen. Davon ist nicht mehr viel übrig, aber die sogenannten Webbaukästen sind noch da... und wie immer gibt es schwarze Schafe... und einer, der mit viel Werbedruck arbeitet, musste ich miterleben: wix.com. Leider ist die maximale Zeichenanzahl für die Shownotes dank einer neuen Norm auf 4.000 Zeichen begrenzt. Daher kann ich den kompletten Blogtext und auch die Bilder nicht mehr in voller Länge in die Shownotes bringen. Daher ist hier mit dem Text bedauerlicherweise schon Schluss. Aber auf... https://ibdnhubzs.de ...geht es auf meinem Blog direkt weiter mit dem Text und in vielen Fällen auch mit begleitendem Bildmaterial - viel Spaß! Und wöchentlich eine neue Anregung mehr! Meinen Podcast abonnieren: | direkt | iTunes | Spotify | Google | amazon STOLZ PRODUZIERT UND AUFGENOMMEN MIT ULTRASCHALL5! Folge direkt herunterladen

programmier.bar – der Podcast für App- und Webentwicklung
Deep Dive 133 – End-to-End Testing mit Raphael Knecht

programmier.bar – der Podcast für App- und Webentwicklung

Play Episode Listen Later Oct 19, 2023 66:40


In dieser Ausgabe haben Fabi und Jan im Studio Besuch von Raphael Knecht. Raphael ist Entwickler bei funk und werkelt dort an der Videolandschaft und Content Delivery.Zusammen mit Raphael sprechen wir über End-to-End-Testing und wie es ihm und seinem Team die tägliche Arbeit erleichtert. Raphael berichtet, wie sein Team Akzeptanztests nutzt, um seine Microservice-Landschaft nicht nur stetig weiterzuentwickeln, sondern auch zu dokumentieren. Es geht um Fallstricke und die Herausforderung, trotzdem agil zu bleiben.Mit End-to-End-Tests sollen Systeme aus Anwendungssicht ganzheitlich gecheckt werden können. Dabei werden möglichst produktionsnahe Umgebungen genutzt, um Szenarien von Input bis Output automatisiert zu überprüfen.Picks of the Day: Jan Gregor: Panther – Panther ist ein framework-agnostisches PHP Library zum Scrapen von Websites und zum Ausführen von End-to-End-Tests unter Verwendung echter Webbrowser. Mit Hilfe des W3C WebDriver-Protokolls ermöglicht es die Nutzung nativer Webbrowser wie Google Chrome und Firefox. Panther erkennt lokale Installation von Chrome oder Firefox und nutzt diese, sodass Sie nichts weiter zu installieren ist - die Nutzung erfolgt ohne Selenium Server! Für Tests startet Panther die App automatisch mit dem in PHP integrierten Webserver, sodass man nur noch die eigenen Test Szenarien schreiben muss. Fabi: OMR Rabbit Hole: Die Samwer-Story – "Niemand hat die deutsche Startup-Szene so sehr geprägt [...] Und niemand hat daran vermutlich so viel verdient. Und doch gibt es in der Geschichte dunkle Schatten." Dieser neue Podcast von OMR beleuchtet in zehn Folgen die Geschichte der Brüder Marc, Oliver und Alexander Samwer. Durch Firmen wie Zalando und Hellofresh aber auch mit StudiVZ und Jamba! haben die Brüder die deutsche Internet-Story maßgeblich beeinflusst. Durch Gespräche mit Mitarbeitenden, Konkurrenz und Wegbegleitenden der drei Brüder ergibt sich ein interessantes Bild zu den letzten 20 Jahren der deutschen Start-up Geschichte. Schreibt uns! Schickt uns eure Themenwünsche und euer Feedback: podcast@programmier.barFolgt uns! Bleibt auf dem Laufenden über zukünftige Folgen und virtuelle Meetups und beteiligt euch an Community-Diskussionen. TwitterInstagramFacebookMeetupYouTubeMusik: Hanimo

Flyover Conservatives
Project Vertias: CCP DATA LEAK - Source Exposes Chinese Web Server Detailing CCP Five-Year-Plans for Bioengineering, Military Technology & More - David and Stacy Whited | Flyover Clips

Flyover Conservatives

Play Episode Listen Later Jul 26, 2023 9:43


TO WATCH ALL FLYOVER CLIPS -https://flyover.live/media/series/hxk7rym/flyover-clipsFor LIFE-SAVING Information about the VACCINE/COVID: text the word VAX to 40509(Message and data rates may apply. Terms/privacy: 40509-info.com)ALL Links in Interview:- https://www.projectveritas.com/news/breaking-confidential-pfizer-documents-reveal-pharmaceutical-giant-had/- https://nypost.com/2023/07/25/bronny-james-suffers-cardiac-arrest-a-usc-practice/- https://twitter.com/DC_Draino/status/1683943547479945218- https://twitter.com/TexasLindsay_/status/1683925221462654976- https://www.projectveritas.com/news/ccp-data-leak/ SPONSORS FOR TODAY'S VIDEO► ReAwaken America- text the word EVENTS to 40509(Message and data rates may apply. Terms/privacy: 40509-info.com)► Kirk Elliott PHD - http://FlyoverGold.com ► My Pillow - https://MyPillow.com/Flyover► Z-Stack - https://flyoverhealth.com ► Dr. Jason Dean (BraveTV) - https://parakiller.com Want to help spread the Wake Up • Speak Up • Show Up -https://shop.flyoverconservatives.com/-------------------------------------------Follow our Social Media so we can be best friends

BSD Now
516: Computer Time Origins

BSD Now

Play Episode Listen Later Jul 20, 2023 46:07


Linux and FreeBSD Firewalls Part 1, Why Netflix Chose NGINX as the Heart of Its CDN, Protect your web servers against PHP shells and malwares, Installing and running Gitlab howto, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Linux vs. FreeBSD : Linux and FreeBSD Firewalls – The Ultimate Guide : Part 1 (https://klarasystems.com/articles/freebsd-linux-and-freebsd-firewalls/) Why Netflix Chose NGINX as the Heart of Its CDN (https://www.nginx.com/blog/why-netflix-chose-nginx-as-the-heart-of-its-cdn/) News Roundup FreeBSD: Protect your web servers against PHP shells and malwares (https://ozgurkazancci.com/freebsd-protect-your-web-server-against-php-shells-and-malwares/) HowTo: Installing and running Gitlab (https://forums.FreeBSD.org/threads/howto-installing-and-running-gitlab.89436/) Beastie Bits • [World built in 36 hours on a Pentium 4!](https://www.reddit.com/r/freebsd/comments/13undl9/world_built_in_36_hours_on_a_pentium_4/) • [Fart init](https://x61.sh/log/2023/05/23052023153621-fart-init.html](https://x61.sh/log/2023/05/23052023153621-fart-init.html) • [Organized Freebies](https://mwl.io/archives/22832) • [OpenSMTPD 7.3.0p0 released](http://undeadly.org/cgi?action=article;sid=20230617111340) • [shutdown/reboot now require membership of group _shutdown](http://undeadly.org/cgi?action=article;sid=20230620064255) • [Where does my computer get the time from?](https://dotat.at/@/2023-05-26-whence-time.html) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. *** Feedback/Questions sam - fav episodes (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/515/feedback/sam%20-%20fav%20episodes.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

Compilado do Código Fonte TV
30mi de usuários em 24h no Threads; Novo web server no Deno; ChatGPT perde acesso a web mas ganha interpretador de código; Gorilla gera códigos para APIs; Kotlin mais performático [Compilado #108]

Compilado do Código Fonte TV

Play Episode Listen Later Jul 8, 2023 67:03


Compilado do Código Fonte TV
30mi de usuários em 24h no Threads; Novo web server no Deno; ChatGPT perde acesso a web mas ganha interpretador de código; Gorilla gera códigos para APIs; Kotlin mais performático [Compilado #108]

Compilado do Código Fonte TV

Play Episode Listen Later Jul 8, 2023 67:03


Legal Bits
40 Fragen entknoten 1

Legal Bits

Play Episode Listen Later May 17, 2023 65:49


Frank und Tim Wiengarten (rabbit mobile) entknoten drei Fragen aus der Praxis, die sich auch, aber nicht nur um Datenschutz drehen. Es geht um unsichere E-Mail-Server in den USA, um ungesicherte Web-Server und "alle meine Daten löschen".

Bitcoin Audible.DE - Die besten Bitcoin-Artikel, vorgelesen in deutscher Sprache!

von LN_Capital, Originaltitel: “BOLT 12 – A Sleeping Giant“ “BOLT 12 ist ein schlafender Riese. Aber 99% der Bitcoiner haben das noch nicht realisiert.” BOLT 12 beschreibt den Designentwurf einer Spezifikation (genannt BOLT: “Basis Of Lightning Technology”) für das Lightning Network, mit welcher sich statische Lightning-Rechnungen auf Spendenseiten oder Preisschilder erstellen lassen, ohne einen Webserver, TLS-Zertifikat oder Domänennamen verwenden zu müssen. Der von uns heute vorgelesene Einführungsartikel befasst sich sowohl mit den Grundlagen von BOLT 12 als auch mit den Privacy-Implikationen dieser Erweiterung. Weitere Informationsquellen zum Thema findest Du auf unserer Website beim Eintrag zu dieser Episode: https://www.bitcoinaudible.de/bolt12/ Vergesst nicht, BitcoinAudible.de zu abonnieren und jenen zu empfehlen, die sich für Bitcoin interessieren. Helft ihnen, Bitcoin von einem starken monetären, wirtschaftlichen und philosophischen Fundament aus zu erkunden. Value4Value! ;) Wenn Dir dieser Podcast gefällt, dann unterstütze ihn bitte: Sats via Lightning ⚡ senden [andere Optionen] Unser Podcast unterstützt Podcast 2.0 und kann damit auf den entsprechenden Plattformen wie Breez, Fountain oder Castamatic angehört werden. Tipps für Bitcoin-Sparer und HODL'er: auf HodlHodl.com kannst Du Bitcoin KYC-frei kaufen (wer kauft noch identifiziert über Exchanges?!) – eine Anmeldung über diesen Link reduziert die Spesen für Deinen ersten Kauf.

Thinking Elixir Podcast
128: Speedy like a Bandit

Thinking Elixir Podcast

Play Episode Listen Later Dec 6, 2022 60:08


The Phoenix 1.7 announcement blog post mentioned the ability to swap out Cowboy for another webserver like Bandit. We talked with Mat Trudel to learn more about his pure-Elixir webserver and find out how it works with Phoenix. We learn Bandit can be up to 5x faster by narrowly focusing on turning a request into a Plug connection and much more! Show Notes online - http://podcast.thinkingelixir.com/128 (http://podcast.thinkingelixir.com/128) Elixir Community News - https://github.com/features/security/ (https://github.com/features/security/) – Github's Dependabot now supports private hex repositories. - https://twitter.com/sorentwo/status/1595526317436452864 (https://twitter.com/sorentwo/status/1595526317436452864) – Parker Selbert brought this to our attention. - https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#hex-repository (https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#hex-repository) - https://hexdocs.pm/mix/Mix.Tasks.Deps.Unlock.html (https://hexdocs.pm/mix/Mix.Tasks.Deps.Unlock.html) – CI tip to check for unused mix lock entries - https://twitter.com/RudManusachi/status/1597341690653999106 (https://twitter.com/RudManusachi/status/1597341690653999106) – Shared by Rudolf on Twitter - mix deps.unlock --check-unused - https://fly.io/phoenix-files/github-actions-for-elixir-ci/ (https://fly.io/phoenix-files/github-actions-for-elixir-ci/) – CI resource for Elixir projects on Github - https://twitter.com/TechRecHayden/status/1595776257513373699 (https://twitter.com/TechRecHayden/status/1595776257513373699) – Hayden Evans spotted that Zoom is using Erlang in production for their chat platform. - Mastadon instances to consider if looking for a Twitter alternative... - https://genserver.social/about (https://genserver.social/about) - https://hachyderm.io/explore (https://hachyderm.io/explore) - https://fosstodon.org/ (https://fosstodon.org/) - https://mastodon.social/explore (https://mastodon.social/explore) - https://www.lambdadays.org/lambdadays2023 (https://www.lambdadays.org/lambdadays2023) – Lambda Days conference returns as an in-person only event to Kraków on 5-6 June 2023. Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Discussion Resources - https://phoenixframework.org/blog/phoenix-1.7-released (https://phoenixframework.org/blog/phoenix-1.7-released) – Phoenix 1.7 blog post described at the end - “Alternative Webserver Support” - https://github.com/mtrudel/bandit (https://github.com/mtrudel/bandit) – “Bandit is a pure Elixir HTTP server for Plug & WebSock applications” - https://github.com/mtrudel/thousand_island (https://github.com/mtrudel/thousand_island) – “Thousand Island is a pure Elixir socket server, powering the layer underneath Bandit” - https://ninenines.eu/docs/en/cowboy/2.9/guide/ (https://ninenines.eu/docs/en/cowboy/2.9/guide/) – Cowboy docs - https://www.pagerduty.com/ (https://www.pagerduty.com/) - https://github.com/ninenines/cowlib (https://github.com/ninenines/cowlib) - https://www.youtube.com/watch?v=ZLjWyanLHuk (https://www.youtube.com/watch?v=ZLjWyanLHuk) - https://github.com/crossbario/autobahn-testsuite (https://github.com/crossbario/autobahn-testsuite) - https://en.wikipedia.org/wiki/Cyclicredundancycheck (https://en.wikipedia.org/wiki/Cyclic_redundancy_check) - https://en.wikipedia.org/wiki/Cyclicredundancycheck#CRC-32_algorithm (https://en.wikipedia.org/wiki/Cyclic_redundancy_check#CRC-32_algorithm) - https://github.com/phoenixframework/websock (https://github.com/phoenixframework/websock) - https://hexdocs.pm/plug/Plug.Conn.html#upgrade_adapter/3 (https://hexdocs.pm/plug/Plug.Conn.html#upgrade_adapter/3) - https://podcast.thinkingelixir.com/57 (https://podcast.thinkingelixir.com/57) – Scaling Live Chat with Cade Ward episode - https://en.wikipedia.org/wiki/HTTP/3 (https://en.wikipedia.org/wiki/HTTP/3) - https://github.com/mtrudel/talks/blob/main/2022-05-EMPEX-MTX-a-funny-thing-happened-on-the-way-to-the-phoenix.pdf (https://github.com/mtrudel/talks/blob/main/2022-05-EMPEX-MTX-a-funny-thing-happened-on-the-way-to-the-phoenix.pdf) – 2022 EMPEX presentation slides - https://github.com/mtrudel/talks/blob/main/2021-10-ElixirConf-bandit-on-the-loose.pdf (https://github.com/mtrudel/talks/blob/main/2021-10-ElixirConf-bandit-on-the-loose.pdf) – 2021 Elixir Conf presentation slides Guest Information - https://twitter.com/mattrudel (https://twitter.com/mattrudel) – on Twitter - https://github.com/mtrudel/ (https://github.com/mtrudel/) – on Github - https://mat.geeky.net (https://mat.geeky.net) – Blog Find us online - Message the show - @ThinkingElixir (https://twitter.com/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen - @brainlid (https://twitter.com/brainlid) - David Bernheisel - @bernheisel (https://twitter.com/bernheisel) - Cade Ward - @cadebward (https://twitter.com/cadebward)

Cyber Security Today
Cyber Security Today, Nov. 23, 2022 - Lessons from the hack of officials in Moldova, a different phone scam and a warning about an abandoned web server

Cyber Security Today

Play Episode Listen Later Nov 23, 2022 7:01


This episode reports on why Telegram may not be the text service for you, the latest version of a phone scam, a warning about a the abandoned Boa web server and more

Configuration Examples with KevTechify for the Cisco Certified Network Associate (CCNA)
Configure Named Standard IPv4 ACLs - ACLs for IPv4 Configuration - Configuration Examples for Enterprise Networking, Security, and Automation - CCNA - KevTechify | podcast 70

Configuration Examples with KevTechify for the Cisco Certified Network Associate (CCNA)

Play Episode Listen Later Nov 2, 2022 19:19


In this episode we are going to look at Configure Named Standard IPv4 ACLs.The senior network administrator has asked us to create a standard named ACL to prevent access to a file server. The file server contains the data base for the web applications. Only the Web Manager workstation PC1 and the Web Server need to access the File Server. All other traffic to the File Server should be denied.We will be discussing Configure and Apply a Named Standard ACL and Verify the ACL Implementation.Thank you so much for listening to this episode of my series on Enterprise Networking, Security, and Automation for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.com-------------------------------------------------------Cisco Certified Network Associate (CCNA)Configuration Examples for Enterprise Networking, Security, and Automation v3 (ENSA)ACLs for IPv4 ConfigurationLab 5.1.9 - Configure Named Standard IPv4 ACLsPodcast Number: 70Season: 1-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment 

The [Un]Sanctioned Citizen
The Ghost of Hillary Clinton's Webserver

The [Un]Sanctioned Citizen

Play Episode Listen Later Nov 1, 2022 41:07


Perkins Coie!! BOooOH! Where is Jason Leopold, VICE News FOIA terrorist who carried Assange's cables hiding now? No one forgets 3 years of Sean Hannity crowing about “bleached bit Blackberries”!! Will Bradley Cooper survive his tryst with Huma Abedin? I know you shall be haunted.. oh yes… Download the Callin app for iOS and Android to listen to this podcast live, call in, and more! Also available at callin.com

One More Thing
56: Dropout TV, iPod Web Server, Cloud Cuckoo Land

One More Thing

Play Episode Listen Later Jun 13, 2022 56:37


E is slightly incorrect, Brian is discontinued, and Ed turns into a donkey.

IrgendWasser - Der Podcast
1776B - SmartNAS als Download- und Webserver auf Knopfdruck

IrgendWasser - Der Podcast

Play Episode Listen Later May 11, 2022 57:14


Ein beherzter Enter-Tastendruck macht aus BLINDzeln Geräten einen Download-, Web- und PHP-Scriptserver im Browser sofort nutzbar.

web browsers knopfdruck webserver blindzeln blindzelnmedia
NosillaCast Apple Podcast
NC #882 Mac Geek Gab, Folge on ScreenCastsOnline, Making of NosillaCastAway Shanty, Cognixion, Security Bits

NosillaCast Apple Podcast

Play Episode Listen Later Apr 4, 2022 103:57


The Cost-Mart in Kasketchewan Mac Geek Gab 922 Watch ScreenCastsOnline Tutorial about Folge for Free! CCATP #721 – Bart Busschots on PBS Tibit 4 of Y — Rethinking a Web App – from Web Server to Cloud Stack Making the NosillaCastAway Shanty CSUN ATC 2022: Cognixion ONE Assisted Reality Headset Support the Show Security Bits — 3 April 2022 Join the Conversation: allison@podfeet.com podfeet.com/slack Support the Show: Patreon Donation PayPal one-time donation Podfeet Podcasts Mugs at Zazzle Podfeet 15-Year Anniversary Shirts Affiliate Links: Parallels Toolbox Affiliate - get 3 mos free Learn through MacSparky Field Guides Backblaze One Free Month

Programming By Stealth
PBS Tibit 4 of Y — Rethinking a Web App – from Web Server to Cloud Stack

Programming By Stealth

Play Episode Listen Later Apr 1, 2022 86:17


Over the past few months, podfeet.com went through a period of really poor performance. My site hadn't been snappy in the last few years with page loads of up to 6 seconds, but it hit a tipping point where it was taking in excess of 40 seconds for pages to load. William Reveal and Bart migrated the services behind podfeet.com that improved performance to where most pages load in less than a quarter of a second. In this Programming By Stealth adjacent episode, Bart wanted to walk through the structure of what makes up a web server, what a web server does, what all of the components are, and then walk us through how these things have changed in the nearly 17 years podfeet.com has been around. As we continue our journey in Programming By Stealth we are moving from the client-side to the server-side, so this lesson is quite relevant to helping our fellow learners understand what's behind the next steps we'll be taking. There's no homework in this episode but it's also challenging to keep the pieces straight in your head so get ready for a fun and instructive "Tidbit". You can find Bart's fabulous tutorial shownotes at pbs.bartificer.net.

Power Bytes
Connecting Made Easy with Caterpillar's Webserver Built-In!

Power Bytes

Play Episode Listen Later Apr 1, 2022 7:12 Transcription Available


Know what a webserver is?  Boy have we got a surprise for you!  Here all about it in this episode with Caterpillar's Amanda Wilke DiazFeedback? Send us a note at powerbytes@cat.com

Chit Chat Across the Pond
CCATP #721 – Bart Busschots on PBS Tibit 4 of Y — Rethinking a Web App – from Web Server to Cloud Stack

Chit Chat Across the Pond

Play Episode Listen Later Apr 1, 2022 86:17


Over the past few months, podfeet.com went through a period of really poor performance. My site hadn't been snappy in the last few years with page loads of up to 6 seconds, but it hit a tipping point where it was taking in excess of 40 seconds for pages to load. William Reveal and Bart migrated the services behind podfeet.com that improved performance to where most pages load in less than a quarter of a second. In this Programming By Stealth adjacent episode, Bart wanted to walk through the structure of what makes up a web server, what a web server does, what all of the components are, and then walk us through how these things have changed in the nearly 17 years podfeet.com has been around. As we continue our journey in Programming By Stealth we are moving from the client-side to the server-side, so this lesson is quite relevant to helping our fellow learners understand what's behind the next steps we'll be taking. There's no homework in this episode but it's also challenging to keep the pieces straight in your head so get ready for a fun and instructive "Tidbit". You can find Bart's fabulous tutorial shownotes at pbs.bartificer.net.

Inside Java
#22 - “The Simple Web Server”

Inside Java

Play Episode Listen Later Mar 4, 2022 26:41


David remotely sat down with Julia Boes, Senior Member of Technical Staff in Dublin, to discuss the Simple Web Server (SWS). The SWS, introduced in JDK 18, is a minimal web server that serves static files. It comes with a command-line tool and an API. In this episode, Julia explains why another web server might be useful. She explains its goals, its features, who it is for but also what it is not!. She then goes over the command-line tool, its API, etc.

Sophos Podcasts
S3 Ep72: AirTag stalking, web server coding woes and Instascams

Sophos Podcasts

Play Episode Listen Later Mar 3, 2022 24:36


How good is Apple's AirTag stalker detection? Why are web coders still making Y2K-like blunders? And how many Instagram scams can you get in one weekend? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

Sophos Podcasts
S3 Ep72: AirTag stalking, web server coding woes and Instascams

Sophos Podcasts

Play Episode Listen Later Mar 3, 2022 24:36


How good is Apple's AirTag stalker detection? Why are web coders still making Y2K-like blunders? And how many Instagram scams can you get in one weekend? https://nakedsecurity.sophos.com/apple-airtag-anti-stalking https://nakedsecurity.sophos.com/did-we-learn-nothing-from-y2k https://nakedsecurity.sophos.com/instagram-scammers-as-busy-as-ever With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge (https://www.edithmudge.com) Got questions/suggestions/stories to share? Email: tips@sophos.com Twitter: NakedSecurity (https://twitter.com/nakedsecurity) Instagram: NakedSecurity (https://instagram.com/nakedsecurity)

Neulich im Netz - Der Internet-Podcast
Digitale Souveränität vs. Apple iCloud Private Relay

Neulich im Netz - Der Internet-Podcast

Play Episode Listen Later Jan 26, 2022 72:08


Apples neuer Dienst iCloud Private Relay soll die Privatsphäre im Web schützen, wurde aber gleichzeitig von einigen Netzbetreibern heftig kritisiert, da es angeblich die Europäische digitale Souveränität gefährden soll. In dieser Folge von Neulich im Netz erklären wir, wie iCloud Private Relay technisch funktioniert und welche Vor- und Nachteile es mit sich bringt. Woher rühren die Vorwürfe der Netzbetreiber, und sind sie berechtigt? Sollte man iCloud Private Relay nutzen oder lieber nicht? Diese und weitere Fragen diskutieren wir ausführlich in einer neuen Folge von Neulich im Netz. Mehr zu Neulich im Netz auf https://www.neulich-im.net/ music by scottholmesmusic.com Quellen: Virtual Private Networks IPSec-VPN, OpenVPN, ShadowSocks, ToR Network, Apple-Informationen zu iCloud Private Relay iCloud Private Relay Overview, Prepare Your Network or Web Server for iCloud Private Relay, iCloud Private Relay Presentation at IRTF PEARG, About iCloud Private Relay, Get ready for iCloud Private Relay, Video bei WWDC-2021, Apple's privacy pillars in focus, iCloud Private Relay Egress IP Ranges, Operator-Reaktion Apple under fire over iPhone encryption tech, Wer hat das Sagen in den Netzen?, iCloud Private Relay: Mobilfunker mögen Apples VPN-Dienst nicht, Rechtliches EU Gesetz über digitale Märkte, EuGH: Zero Rating von Telekom und Vodafone verstößt gegen Netzneutralität --- Send in a voice message: https://podcasters.spotify.com/pod/show/neulich-im-netz/message

INSiDER - Dentro la Tecnologia
Comprare un NAS, può essere una buona idea?

INSiDER - Dentro la Tecnologia

Play Episode Listen Later Nov 6, 2021 16:51


Ormai siamo dipendenti da Internet o, per meglio dire, dai servizi che sono stati creati e diffusi proprio grazie ad esso. Tramite i servizi online abbiamo la possibilità di portare sempre con noi tantissime immagini, foto e documenti grazie al Cloud. Questo luogo, apparentemente così intangibile, è formato da oggetti materiali, i server, e che come tali possono smettere di funzionare improvvisamente. Cosa succederebbe quindi, se alcuni o molti di questi server smettessero di funzionare, o si scollegassero dal resto dell'Internet? Oggi cercheremo di capire quali sono le soluzioni per accedere ai nostri dati anche senza bisogno di una connessione. Nella sezione delle notizie invece parleremo di Facebook, che ha deciso di non utilizzare più tecnologie di riconoscimento facciale, di una retina artificiale impiantata in Italia e infine della possibile apertura dei Supercharger di Tesla per tutti i veicoli elettrici. --Indice-- • Facebook elimina il riconoscimento facciale (00:55) - IlPost.it - Matteo Gallo • La prima retina artificiale in Italia (02:15) - IlMessaggero.it - Luca Martinelli • I Tesla Supercharger per tutti? (03:33) - DMove.it - Davide Fasoli • Comprare un NAS, può essere una buona idea? (05:01) - Luca Martinelli --Contatti-- • www.dentrolatecnologia.it • Instagram (@dentrolatecnologia) • Telegram (@dentrolatecnologia) • YouTube • redazione@dentrolatecnologia.it --Brani-- • Ecstasy by Rabbit Theft • Omen by Cartoon x Time To Talk (Ft. Asena)

c't uplink (SD-Video)
Mein eigener Server | c't uplink 39.5

c't uplink (SD-Video)

Play Episode Listen Later Sep 4, 2021


Viele Wege führen zum eigenen Server: Mit Containern und VMs, vom Raspi bis hin zum Root-Server. Über die Vor- und Nachteile sprechen wir in c't uplink. "Es gibt gar keine Cloud, sondern nur Computer anderer Leute". Der Spruch zeigt ein Problem auf: Wem vertraue ich meine Daten an. Naheliegend ist es, einen eigenen Server aufzusetzen, denn wem vertraut man mehr, als einem selbst? Und das war auch noch nie so einfach wie heute. Es gibt eine Vielzahl von Hardware, auf der man eigene Server-Dienste laufen lassen kann. Angefangen vom Kleinstcomputer Raspberry Pi über NAS-Geräte bis hin zu Mini-PCs als Server für Zuhause oder das Büro. Und auch gemietete Root-Server im Rechenzentrum bieten mehr Autonomie, obwohl sie streng genommen auch Computer anderer Leute sind. Ganz gleich für welche Hardware man sich entscheidet, den Betrieb vereinfachen moderne Technologien. Spezielle Betriebssysteme bieten komfortable Weboberflächen und mit Docker installiert man Dienste wie Nextcloud oder Webserver einfach als Container. Dank Virtualisierung trennt man verschiedene Systeme voneinander, ohne dass man einen ganzen Serverpark benötigt. Es gibt aber auch Nachteile: Mit den Freiheiten kommt die Verantwortung. Für Updates und das Stopfen von Sicherheitslücken ist man selbst verantwortlich. Bei der Konfiguration muss man aufpassen, dass man nicht ungewollt einen Dienst oder gar sensible Daten der Internet-Öffentlichkeit preisgibt. Die Vor- und Nachteile der verschiedenen Optionen erläutern die c't-Experten Niklas Dierking, Peter Siering und Christof Windeck diese Woche in c't uplink. Über ihre eigenen Erfahrungen spricht mit ihnen Moderator Keywan Tonekaboni, der gerade selbst einen kleinen Home-Server aufbauen will. Die c't 19/2021 gibt's am Kiosk, im Browser und in der c't-App für iOS und Android. Artikel zur Sendung: Wege zum eigenen Server (c't 19/2020, S. 62) Sparsame Hardware für den eigenen Server (c't 19/2020, S. 62) Dienste aus dem eigenen Netz ins Internet bringen (c't 19/2020, S. 62) Übrigens: Unser neuer YouTube-Channel c't 3003 ist ab sofort abonnierbar; in der aktuellen Folge fasst ⁨Jan-Keno Janssen⁩ die Neuland-Interviews von heise online und c't mit Digital-Politiker:innen der Parteien zusammen. === Anzeige / Sponsorenhinweis === Airbus CyberSecurity ist eine 100%ige Tochtergesellschaft von Airbus und ein europäischer Experte für Cyber-Sicherheit. Infos unter https://airbus-cyber-security.com/jobs/ === Anzeige / Sponsorenhinweis Ende ===

c't uplink (HD-Video)
Mein eigener Server | c't uplink 39.5

c't uplink (HD-Video)

Play Episode Listen Later Sep 4, 2021


Viele Wege führen zum eigenen Server: Mit Containern und VMs, vom Raspi bis hin zum Root-Server. Über die Vor- und Nachteile sprechen wir in c't uplink. "Es gibt gar keine Cloud, sondern nur Computer anderer Leute". Der Spruch zeigt ein Problem auf: Wem vertraue ich meine Daten an. Naheliegend ist es, einen eigenen Server aufzusetzen, denn wem vertraut man mehr, als einem selbst? Und das war auch noch nie so einfach wie heute. Es gibt eine Vielzahl von Hardware, auf der man eigene Server-Dienste laufen lassen kann. Angefangen vom Kleinstcomputer Raspberry Pi über NAS-Geräte bis hin zu Mini-PCs als Server für Zuhause oder das Büro. Und auch gemietete Root-Server im Rechenzentrum bieten mehr Autonomie, obwohl sie streng genommen auch Computer anderer Leute sind. Ganz gleich für welche Hardware man sich entscheidet, den Betrieb vereinfachen moderne Technologien. Spezielle Betriebssysteme bieten komfortable Weboberflächen und mit Docker installiert man Dienste wie Nextcloud oder Webserver einfach als Container. Dank Virtualisierung trennt man verschiedene Systeme voneinander, ohne dass man einen ganzen Serverpark benötigt. Es gibt aber auch Nachteile: Mit den Freiheiten kommt die Verantwortung. Für Updates und das Stopfen von Sicherheitslücken ist man selbst verantwortlich. Bei der Konfiguration muss man aufpassen, dass man nicht ungewollt einen Dienst oder gar sensible Daten der Internet-Öffentlichkeit preisgibt. Die Vor- und Nachteile der verschiedenen Optionen erläutern die c't-Experten Niklas Dierking, Peter Siering und Christof Windeck diese Woche in c't uplink. Über ihre eigenen Erfahrungen spricht mit ihnen Moderator Keywan Tonekaboni, der gerade selbst einen kleinen Home-Server aufbauen will. Die c't 19/2021 gibt's am Kiosk, im Browser und in der c't-App für iOS und Android. Artikel zur Sendung: Wege zum eigenen Server (c't 19/2020, S. 62) Sparsame Hardware für den eigenen Server (c't 19/2020, S. 62) Dienste aus dem eigenen Netz ins Internet bringen (c't 19/2020, S. 62) Übrigens: Unser neuer YouTube-Channel c't 3003 ist ab sofort abonnierbar; in der aktuellen Folge fasst ⁨Jan-Keno Janssen⁩ die Neuland-Interviews von heise online und c't mit Digital-Politiker:innen der Parteien zusammen. === Anzeige / Sponsorenhinweis === Airbus CyberSecurity ist eine 100%ige Tochtergesellschaft von Airbus und ein europäischer Experte für Cyber-Sicherheit. Infos unter https://airbus-cyber-security.com/jobs/ === Anzeige / Sponsorenhinweis Ende ===

c’t uplink
Mein eigener Server | c't uplink 39.5

c’t uplink

Play Episode Listen Later Sep 4, 2021 60:42


Viele Wege führen zum eigenen Server: Mit Containern und VMs, vom Raspi bis hin zum Root-Server. Über die Vor- und Nachteile sprechen wir in c't uplink. "Es gibt gar keine Cloud, sondern nur Computer anderer Leute". Der Spruch zeigt ein Problem auf: Wem vertraue ich meine Daten an. Naheliegend ist es, einen eigenen Server aufzusetzen, denn wem vertraut man mehr, als einem selbst? Und das war auch noch nie so einfach wie heute. Es gibt eine Vielzahl von Hardware, auf der man eigene Server-Dienste laufen lassen kann. Angefangen vom Kleinstcomputer Raspberry Pi über NAS-Geräte bis hin zu Mini-PCs als Server für Zuhause oder das Büro. Und auch gemietete Root-Server im Rechenzentrum bieten mehr Autonomie, obwohl sie streng genommen auch Computer anderer Leute sind. Ganz gleich für welche Hardware man sich entscheidet, den Betrieb vereinfachen moderne Technologien. Spezielle Betriebssysteme bieten komfortable Weboberflächen und mit Docker installiert man Dienste wie Nextcloud oder Webserver einfach als Container. Dank Virtualisierung trennt man verschiedene Systeme voneinander, ohne dass man einen ganzen Serverpark benötigt. Es gibt aber auch Nachteile: Mit den Freiheiten kommt die Verantwortung. Für Updates und das Stopfen von Sicherheitslücken ist man selbst verantwortlich. Bei der Konfiguration muss man aufpassen, dass man nicht ungewollt einen Dienst oder gar sensible Daten der Internet-Öffentlichkeit preisgibt. Die Vor- und Nachteile der verschiedenen Optionen erläutern die c't-Experten Niklas Dierking, Peter Siering und Christof Windeck diese Woche in c't uplink. Über ihre eigenen Erfahrungen spricht mit ihnen Moderator Keywan Tonekaboni, der gerade selbst einen kleinen Home-Server aufbauen will. Die c't 19/2021 gibt's am Kiosk, im Browser und in der c't-App für iOS und Android. Artikel zur Sendung: Wege zum eigenen Server (c't 19/2020, S. 62) Sparsame Hardware für den eigenen Server (c't 19/2020, S. 62) Dienste aus dem eigenen Netz ins Internet bringen (c't 19/2020, S. 62) Übrigens: Unser neuer YouTube-Channel c't 3003 ist ab sofort abonnierbar; in der aktuellen Folge fasst ⁨Jan-Keno Janssen⁩ die Neuland-Interviews von heise online und c't mit Digital-Politiker:innen der Parteien zusammen. === Anzeige / Sponsorenhinweis === Airbus CyberSecurity ist eine 100%ige Tochtergesellschaft von Airbus und ein europäischer Experte für Cyber-Sicherheit. Infos unter https://airbus-cyber-security.com/jobs/ === Anzeige / Sponsorenhinweis Ende ===

Cyber Security Today
Cyber Security Today Aug 9, 2021 - Gigabyte recovering from ransomware, warnings about Exchange Server exploits and tighten access to Windows' web server

Cyber Security Today

Play Episode Listen Later Aug 9, 2021 6:00


Today's episode reports on a major motherboard manufacturer recovering from ransomware, warnings about Exchange Server exploits and why admins need to tighten access to Windows' web server

DNEWS24
30 Jahre Homepages. DNEWS24-Podcast

DNEWS24

Play Episode Listen Later Aug 6, 2021 3:40


Heute vor 30 Jahren ging die erste Homepage des World Wide Web in die Öffentlichkeit. Der britische Physiker Tim Berners-Lee wollte so das Informationschaos beim Europäischen Kernforschungszentrum (Cern) eindämmen. Im März 1989 schlug er seinem Arbeitgeber ein Projekt auf Basis des Hypertexts vor, um den Datenaustausch zwischen den Forschern weltweit zu vereinfachen. Weihnachten 1990 legte Berners-Lee mit info.cern.ch den ersten Web-Server der Welt an. Am 6. August 1991 machte der damals 36-Jährige die erste Webseite im Internet öffentlich. DNEWS24Radio-Podcast am 6.8.2021 von Uwe-Matthias Müller. DNEWS24-Podcast - überall, wo es gute Podcasts zu hören gibt Spotify Apple Podcasts Google Podcasts Die Intro-Musik stammt mit freundlicher Genehmigung von Ronald Kah.

INNOQ Security Podcast
TLS richtig konfigurieren

INNOQ Security Podcast

Play Episode Listen Later Jun 16, 2021 61:37


In dieser Folge spricht Lisa mit Christoph darüber, wie man TLS im Webserver richtig konfiguriert. Denn dabei gibt es viel zu beachten: von der richtigen Cypher Suite über Perfect Forward Secrecy bis hin zu Certificate Stapling.

RaDiHum20
vDHd2021 bei RaDiHum20: Simple Image Presentation Interface (SIPI) – Bilder IIIF kompatibel speichern und publizieren

RaDiHum20

Play Episode Listen Later May 24, 2021 7:45


Für diese Folge der vDHd2021 Sonderstaffel haben wir mit Julien A. Raemy vom Data & Service Center for the Humanities (DaSCH) in Basel gesprochen. Nach seiner Vorstellung präsentiert uns Julien ab Minute 1:46 das Konzept für seinen vDHd2021-Beitrag: Das DaSCH hat die Software SIPI entwickelt – das ist ein IIIF-fähiger Webserver und diese Software will Julien auf der vDHd demonstrieren, die wesentlichen Funktionen erläutern und dann darüber diskutieren. “IIIF” steht für International Image Interoperability Framework und es handelt sich dabei um einen Standard zur Ausgabe von Bilddaten, der sich in den letzten Jahren zu einem der wichtigsten Datenstandards in den Digital Humanities überhaupt entwickelt hat. Die Shownotes zur Folge findest du hier: https://radihum20.de/sipi/

Codestammtisch
CST072 — Offline Webserver und mehr Geld

Codestammtisch

Play Episode Listen Later May 10, 2021 54:04


Hallo und herzlich Willkommen zur zweiwöchentlichen Gruppentherapie. Max trinkt ein Azubier der Feldschlösschen-Brauerei und Nathan eine Yuzuka-Limonade. Und wo wir schon bei Drogen sind: Don't do Brausepulver! Kurze Werbeeinblendung: Wenn du uns auf Steady unterstützt, bekommst du längere Folgen, Bierdeckel und Sticker. Und dieser Werbehinweis entfällt! In dieser Folge reden wir über Kurzarbeit und Webserver, die von der Welt abgekoppelt sind. Dafür hat Nathan seinen Raspberry Pi aus der Pi-Hole-Hölle geholt und musste ein paar Tage schmerzlich auf den netzwerkweiten Werbeblocker verzichten. Mittlerweile läuft der aber wieder. Außerdem berichtet Max von einem Konstrukt, dass sein Gehalt alle paar Jahre an den Markt angepasst wird, natürlich nur nach oben. An dieser Stelle sei noch auf den Reddit-Thread zum Thema Gehalt verwiesen. Ihr redet jetzt auch mal mit euren Chefs, oder?! Oh, und für dieses Schmerzensgeld darf er mit einer halbfertigen Plattform arbeiten, was sich alles eher so mittelgeil anhört. Aber hört selbst! Und am Schluss geht es noch kurz um Notizen mit dem iPad. Wir bedanken uns wie immer für's Zuhören und freuen uns immer über eure Verbesserungsvorschläge, Getränkeempfehlungen, Fragen, Feedback und Bewertungen bei iTunes. Feedback einfach wie immer via Twitter an @codestammtisch oder diskret per Mail an hallo-at-codestammtis.ch. Kommentare könnt ihr uns auch gerne auf unser Band quatschen!

Podcasting for Dummies - News and Companion Podcast
PFD Companion Podcast: S4E15 – Move it on up (to your web server)

Podcasting for Dummies - News and Companion Podcast

Play Episode Listen Later Apr 20, 2021 36:12


The dynamic duo is back to take you through the penultimate step in creating your masterpiece podcast episode and changing the world. We break down the finer points of artwork, file naming conventions best practices, and touch on how to get your files to your server. Listening on your mobile device? Find the artwork at […]

IGeometry
What happens when your Backend Web Server Certificate Private Key is Leaked?

IGeometry

Play Episode Listen Later Mar 28, 2021 24:32


We have been told to take care of our private key that we use on backend servers without clear instructions as to what could happen when that key is leaked. In today’s backend engineering show I discuss exactly what could go wrong when your backend server private key is leaked. Let us discuss Intro 0:00 What is a Certificate? 1:10 Where is the Private Key used? 4:10 TLS 1.2 with RSA 4:20 Why RSA no longer used 9:00 TLS 1.3 & TLS 1.2 Digital Signature 12:00 How often should you recycle Private Keys 19:00 Resources https://blog.cloudflare.com/advanced-certificate-manager/ https://heartbleed.com/ https://cabforum.org/ https://en.wikipedia.org/wiki/DigiNotar https://www.ibm.com/support/knowledgecenter/en/SSFKSJ_9.0.0/com.ibm.mq.sec.doc/q009960_.html --- Send in a voice message: https://anchor.fm/hnasr/message

IGeometry
High severity flaw can crash your WebServer when using OpenSSL - Let us discuss

IGeometry

Play Episode Listen Later Mar 26, 2021 17:49


On Thursday, OpenSSL maintainers released a fix for two high severity vulnerabilities, let us discuss the impact. OpenSSL two major vulnerabilities 0:00 why OpenSSL 1:00 Bug 1 - Renegotiating TLS 1.2 (CVE-2021-3449) 3:50 Bug 2 - Cert verification bypass (CVE-2021-3450) 8:42 Update to OpenSSL 1.1.1k 12:30 Resources https://www.openssl.org/news/vulnerabilities.html https://arstechnica.com/gadgets/2021/03/openssl-fixes-high-severity-flaw-that-allows-hackers-to-crash-servers/ --- Send in a voice message: https://anchor.fm/hnasr/message

WHAT IS A COMPUTER ? Easy + Short definition
Which web server is recommended HTTP or HTTPS ?

WHAT IS A COMPUTER ? Easy + Short definition

Play Episode Listen Later Feb 5, 2021 0:12


COMPTIA A+ Terminology made easy for you !

Security Bits
Covid 19 Vaccine Info Leaks, Siemens releases multiple vulnerabilities, Ubiquiti tells its users to secure their account and more!

Security Bits

Play Episode Listen Later Jan 23, 2021 5:01


Simplified Security - E6 - Covid 19 Vaccine Info Leaks, Siemens releases multiple vulnerabilities, Ubiquiti tells its users to secure their account and more!Headlines:Leaked information surfaces from the December attack on European Medicines Agency on COVID-19 Vaccine.EMA Original Post:https://www.ema.europa.eu/en/news/cyberattack-european-medicines-agencyBleeping Computer's Posthttps://www.bleepingcomputer.com/news/security/hackers-leak-stolen-pfizer-covid-19-vaccine-data-online/ Siemens releases multiple Vulnerabilities in Web Server for Scalance X Products and Solid Edge.Siemens Scalance X Advisory:https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf Siemens Solid Edge Advisory:https://cert-portal.siemens.com/productcert/txt/ssa-979834.txt SEPA, Scottish Environment Protection Agency attacked on Christmas Eve.https://www.sepa.org.uk/about-us/cyber-attack/ Ubiquiti News,  https://community.ui.com/questions/Account-Notification/96467115-49b5-4dd6-9517-f8cdbf6906f3 Naked Security article for Homeschooling and how to stay secure. https://nakedsecurity.sophos.com/2021/01/13/home-schooling-how-to-stay-secure/ Symantec, Threat Intelligence Blog article on Solar Winds Attack.https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence ---Connect with me:Simply follow me on LinkedIn or Twitter.Subscribe to my Podcast Simplified Security:Google Podcasthttps://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGVyLmZtLzk3NTgvcnNzLnhtbA Apple Podcasthttps://podcasts.apple.com/us/podcast/security-bits/id1542309317 For all other platforms such as Spotify, TuneIn, Amazon,Go to  https://icsbits.com/simplified/ Do not forget to Subscribe to my YouTube Channel and Enable Notifications:https://www.youtube.com/channel/UC9gRPRXg3s3ZPZZafouzOWA?sub_confirmation=1

Investorideas -Trading & News
AI Eye Podcast #509: GBT Developing Web Server App for qTerm, and Qualcomm Technologies (NasdaqGS: $QCOM) is Acquiring NUVIA

Investorideas -Trading & News

Play Episode Listen Later Jan 15, 2021 5:53


AI Eye Podcast #509: GBT Developing Web Server App for qTerm, and Qualcomm Technologies (NasdaqGS: $QCOM) is Acquiring NUVIA

The AI Eye: stock news & deal tracker
AI Eye Podcast #509: GBT Developing Web Server App for qTerm, and Qualcomm Technologies (NasdaqGS: $QCOM) is Acquiring NUVIA

The AI Eye: stock news & deal tracker

Play Episode Listen Later Jan 15, 2021 5:53


AI Eye Podcast #509: GBT Developing Web Server App for qTerm, and Qualcomm Technologies (NasdaqGS: $QCOM) is Acquiring NUVIA

Kurz informiert – die IT-News des Tages von heise online
Cyberattacken, Webserver, Volvo VNR Electric, Drohne | Kurz informiert vom 04.12.2020 by heise online

Kurz informiert – die IT-News des Tages von heise online

Play Episode Listen Later Dec 4, 2020


Heute mit: Cyberattacken, Webserver, Volvo VNR Electric, Drohne ***SPONSOR-HINWEIS*** Die heutige Sendung wird Ihnen präsentiert von NFON, Europas führendem Business-Cloud-Telefonanbieter. Mit „Cloudya“, unserer intuitiven Cloud-Telefonanlage bieten wir Ihrem Unternehmen die clevere Lösung für moderne Cloud-Businesskommunikation. Kostensparend, kompatibel und auch in Zeiten von Home Office extrem zuverlässig. So sind Sie etwa mit der praktischen Erweiterung „Nvoice for MS Teams“ auch innerhalb der Microsoft Teams Software ganz normal unter Ihrer gewohnten Rufnummer erreichbar. Erfahren Sie jetzt mehr – auf www.nfon,com ***SPONSOR-HINWEIS ENDE***

David Bombal
#195: Your WiFi Is Mine!

David Bombal

Play Episode Listen Later Sep 29, 2020 8:43


Don't trust just any cable! I just got all your WiFi details when you plugged in this cable to charge your phone! Need help? Join my Discord: http://discord.davidbombal.com Menu: Overview: 0:00 Plug in cable: 1:21 Connect to Access point: 2:05 Connect to Webserver: 2:30 Load: 2:51 Run keyboard: 3:18 Look at WiFi Information: 4:15 Warning! 6:31 Get the cable from Hak5: https://shop.hak5.org/products/o-mg-c... OMG cable setup: https://o.mg.lol/setup Script/payload used: https://github.com/JeffTadashi/OMDuck... Python Server: https://gist.github.com/fabiand/5628006 ================ Connect with me: ================ Discord: http://discord.davidbombal.com Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal ================ Support me: ================ Join thisisIT: https://bit.ly/thisisitccna Or, buy my CCNA course and support me: DavidBombal.com: CCNA ($10): https://bit.ly/ccnafor10 Udemy CCNA Course: https://bit.ly/ccnafor10dollars GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10 ====================== Special Offers: ====================== Cisco Press: Up to 50% discount Save every day on Cisco Press learning products! Use discount code BOMBAL during checkout to save 35% on print books (plus free shipping in the U.S.), 45% on eBooks, and 50% on video courses and simulator software. Offer expires December 31, 2020. Shop now. Link: bit.ly/ciscopress50 ITPro.TV: https://itpro.tv/davidbombal 30% discount off all plans Code: DAVIDBOMBAL Boson software: 15% discount Link: bit.ly/boson15 Code: DBAF15P kali linux wifi kali linux 2020 hak5 Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #kali #hak5 #wifi

The History of Computing
The Apache Web Server

The History of Computing

Play Episode Listen Later Oct 29, 2019 12:52


Welcome to the History of Computing Podcast, where we explore the history of information technology. Because understanding the past prepares us for the innovations of the future! Today we're going to cover one of the most important and widely distributed server platforms ever: The Apache Web Server. Today, Apache servers account for around 44% of the 1.7 Billion web sites on the Internet. But at one point it was zero. And this is crazy, it's down from over 70% in 2010. Tim Berners-Lee had put the first website up in 1991 and what we now know as the web was slowly growing. In 1994 and begins with the National Center for Supercomputing Applications, University of Illinois, Urbana-Champaign. Yup, NCSA is also the organization that gave us telnet and Mosaic, the web browser that would evolve into Netscape. After Rob leaves NCSA, the HTTPdaemon goes a little, um, dormant in development. The distress had forked and the extensions and bug fixes needed to get merged into a common distribution. Apache is a free and open source web server that was initially created by Robert McCool and written in C in 1995, the same year Berners-Lee coined the term World Wide Web. You can't make that name up. I'd always pictured him as a cheetah wearing sunglasses. Who knew that he'd build a tool that would host half of the web sites in the world. A tool that would go on to be built into plenty of computers so they can spin up sharing services. Times have changed since 1995. Originally the name was supposedly a cute name referring to a Patchy server, given that it was based on lots of existing patches of craptostic code from NCSA. So it was initially based on NCSA HTTPd is still alive and well all the way up to the configuration files. For example, on a Mac these are stored at /private/etc/apache2/httpd.conf. The original Apache group consisted of * Brian Behlendorf * Roy T. Fielding * Rob Hartill * David Robinson * Cliff Skolnick * Randy Terbush * Robert S. Thau * Andrew Wilson And there were additional contributions from Eric Hagberg, Frank Peters, and Nicolas Pioch. Within a year of that first shipping, Apache had become the most popular web server on the internet. The distributions and sites continued to grow to the point that they formed the Apache Software Foundation that would give financial, legal, and organizational support for Apache. They even started bringing other open source projects under that umbrella. Projects like Tomcat. And the distributions of Apache grew. Mod_ssl, which brought the first SSL functionality to Apache 1.17, was released in 1998. And it grew. The Apache Foundation came in 1999 to make sure the project outlived the participants and bring other tools under the umbrella. The first conference, ApacheCon came in 2000. Douglas Adams was there. I was not. There were 17 million web sites at the time. The number of web sites hosted on Apache servers continued to rise. Apache 2 was released in 2004. The number of web sites hosted on Apache servers continued to rise. By 2009, Apache was hosting over 100 million websites. By 2013 Apache had added that it was named “out of a respect for the Native American Indian tribe of Apache”. The history isn't the only thing that was rewritten. Apache itself was rewritten and is now distributed as Apache 2.0. there were over 670 million web sites by then. And we hit 1 billion sites in 2014. I can't help but wonder what percentage collections of fart jokes. Probably not nearly enough. But an estimated 75% are inactive sites. The job of a web server is to serve web pages on the internet. Those were initially flat HTML files but have gone on to include CGI, PHP, Python, Java, Javascript, and others. A web browser is then used to interpret those files. They access the .html or .htm (or other one of the other many file types that now exist) file and it opens a page and then loads the text, images, included files, and processes any scripts. Both use the http protocol; thus the URL begins with http or https if the site is being hosted over ssl. Apache is responsible for providing the access to those pages over that protocol. The way the scripts are interpreted is through Mods. These include mod_php, mod_python, mod_perl, etc. The modular nature of Apache makes it infinitely extensible. OK, maybe not infinitely. Nothing's really infinite. But the Loadable Dynamic Modules do make the system more extensible. For example, you can easily get TLS/SSL using mod_ssl. The great thing about Apache and its mods are that anyone can adapt the server for generic uses and they allow you to get into some pretty really specific needs. And the server as well as each of those mods has its source code available on the Interwebs. So if it doesn't do exactly what you want, you can conform the server to your specific needs. For example, if you wanna' hate life, there's a mod for FTP. Out of the box, Apache logs connections, includes a generic expression parser, supports webdav and cgi, can support Embedded Perl, PHP and Lua scripting, can be configured for public_html per-user web-page, supports htaccess to limit access to various directories as one of a few authorization access controls and allows for very in depth custom logging and log rotation. Those logs include things like the name and IP address of a host as well as geolocations. Can rewrite headers, URLs, and content. It's also simple to enable proxies Apache, along with MySQL, PHP and Linux became so popular that the term LAMP was coined, short for those products. The prevalence allowed the web development community to build hundreds or thousands of tools on top of Apache through the 90s and 2000s, including popular Content Management Systems, or CMS for short, such as Wordpress, Mamba, and Joomla. * Auto-indexing and content negotiation * Reverse proxy with caching * Multiple load balancing mechanisms * Fault tolerance and Failover with automatic recovery * WebSocket, FastCGI, SCGI, AJP and uWSGI support with caching * Dynamic configuration * Name- and IP address-based virtual servers * gzip compression and decompression * Server Side Includes * User and Session tracking * Generic expression parser * Real-time status views * XML support Today we have several web servers to choose from. Engine-X, spelled Nginx, is a newer web server that was initially released in 2004. Apache uses a thread per connection and so can only process the number of threads available; by default 10,000 in Linux and macOS. NGINX doesn't use threads so can scale differently, and is used by companies like AirBNB, Hulu, Netflix, and Pinterest. That 10,000 limit is easily controlled using concurrent connection limiting, request processing rate limiting, or bandwidth throttling. You can also scale with some serious load balancing and in-band health checks or with one of the many load balancing options. Having said that, Baidu.com, Apple.com, Adobe.com, and PayPal.com - all Apache. We also have other web servers provided by cloud services like Cloudflare and Google slowly increasing in popularity. Tomcat is another web server. But Tomcat is almost exclusively used to run various Java servers, servelets, EL, webscokets, etc. Today, each of the open source projects under the Apache Foundation has a Project Management committee. These provide direction and management of the projects. New members are added when someone who contributes a lot to the project get nominated to be a contributor and then a vote is held requiring unanimous support. Commits require three yes votes with no no votes. It's all ridiculously efficient in a very open source hacker kinda' way. The Apache server's impact on the open-source software community has been profound. It iis partly explained by the unique license from the Apache Software Foundation. The license was in fact written to protect the creators of Apache while giving access to the source code for others to hack away at it. The Apache License 1.1 was approved in 2000 and removed the requirement to attribute the use of the license in advertisements of software. Version two of the license came in 2004, which made the license easier for projects that weren't from the Apache Foundation. This made it easier for GPL compatibility, and using a reference for the whole project rather than attributing software in every file. The open source nature of Apache was critical to the growth of the web as we know it today. There were other projects to build web servers for sure. Heck, there were other protocols, like Gopher. But many died because of stringent licensing policies. Gopher did great until the University of Minnesota decided to charge for it. Then everyone realized it didn't have nearly as good of graphics as other web servers. Today the web is one of the single largest growth engines of the global economy. And much of that is owed to Apache. So thanks Apache, for helping us to alleviate a little of the suffering of the human condition for all creatures of the world. By the way, did you know you can buy hamster wheels on the web. Or cat food. Or flea meds for the dog. Speaking of which, I better get back to my chores. Thanks for taking time out of your busy schedule to listen! You probably get to your chores as well though. Sorry if I got you in trouble. But hey, thanks for tuning in to another episode of the History of Computing Podcast. We're lucky to have you. Have a great day!

brightonSEO's podcast
Aysun Akarsu - Web Server Logs As Technical SEO Key Data Source

brightonSEO's podcast

Play Episode Listen Later Oct 10, 2019 21:17


What are web servers? What are main web servers today? What are web server logs? What type of SEO data can be found in web server logs? How web server logs can be helpful in crawl-first SEO? Which crawl-first SEO metrics can be calculated by web server logs? How to identify web server of your clients before receiving them? Which questions to ask your client before collecting logs? How to be sure of the quality of collected SEO data through them? What do we need to analyse web server logs? What is crawl distribution? How to deal with missing data in crawl data analysis? How to decide how many days of logs needed to calculate principal crawl-first SEO metrics? These are the quick questions which came to my mind when I think about web server logs as technical SEO key data source. I will answer them in my talk.

The PeopleSoft Administrator Podcast

This week on the podcast we discuss Event Mapping for App Engines that was teased in a PeopleSoft Talk. Then Kyle shares what learned about Portal Registries and security, and the new Reload Web Profile feature in 8.57. Show Notes PS Talk with Rebekah Jackson @ 2:30 Allow Unregistered Content @ 6:00 8.57 Reload Web Profile @ 17:30 Reload Web Profile without Restarting the Web Server

BSD Now
53: It's HAMMER Time

BSD Now

Play Episode Listen Later Sep 3, 2014 78:27


It's our one year anniversary episode, and we'll be talking with Reyk Floeter about the new OpenBSD webserver - why it was created and where it's going. After that, we'll show you the ins and outs of DragonFly's HAMMER FS. Answers to viewer-submitted questions and the latest headlines, on a very special BSD Now - the place to B.. SD. This episode was brought to you by Headlines FreeBSD foundation's new IPSEC project (http://freebsdfoundation.blogspot.com/2014/08/freebsd-foundation-announces-ipsec.html) The FreeBSD foundation, along with Netgate, is sponsoring some new work on the IPSEC code With bandwidth in the 10-40 gigabit per second range, the IPSEC stack needs to be brought up to modern standards in terms of encryption and performance This new work will add AES-CTR and AES-GCM modes to FreeBSD's implementation, borrowing some code from OpenBSD The updated stack will also support AES-NI for hardware-based encryption speed ups It's expected to be completed by the end of September, and will also be in pfSense 2.2 *** NetBSD at Shimane Open Source Conference 2014 (http://mail-index.netbsd.org/netbsd-advocacy/2014/08/31/msg000667.html) The Japanese NetBSD users group held a NetBSD booth at the Open Source Conference 2014 in Shimane on August 23 One of the developers has gathered a bunch of pictures from the event and wrote a fairly lengthy summary They had NetBSD running on all sorts of devices, from Raspberry Pis to Sun Java Stations Some visitors said that NetBSD had the most chaotic booth at the conference *** pfSense 2.1.5 released (https://blog.pfsense.org/?p=1401) A new version of the pfSense 2.1 branch is out Mostly a security-focused release, including three web UI fixes and the most recent OpenSSL fix (which FreeBSD has still not patched (https://lists.freebsd.org/pipermail/freebsd-security/2014-August/007875.html) in -RELEASE after nearly a month) It also includes many other bug fixes, check the blog post for the full list *** Systems, Science and FreeBSD (http://msrvideo.vo.msecnd.net/rmcvideos/227133/dl/227133.mp4) Our friend George Neville-Neil (http://www.bsdnow.tv/episodes/2014_01_29-journaled_news_updates) gave a presentation at Microsoft Research It's mainly about using FreeBSD as a platform for research, inside and outside of universities The talk describes the OS and its features, ports, developer community, documentation, who uses BSD and much more *** Interview - Reyk Floeter - reyk@openbsd.org (mailto:reyk@openbsd.org) / @reykfloeter (https://twitter.com/reykfloeter) OpenBSD's HTTP daemon Tutorial A crash course on HAMMER FS (http://www.bsdnow.tv/tutorials/hammer) News Roundup OpenBSD's rcctl tool usage (http://brynet.biz.tm/article-rcctl.html) OpenBSD recently got a new tool (http://undeadly.org/cgi?action=article&sid=20140820090351) for managing /etc/rc.conf.local in -current Similar to FreeBSD's "sysrc" tool, it eliminates the need to manually edit rc.conf.local to enable or disable services This blog post - from a BSD Now viewer - shows the typical usage of the new tool to alter the startup services It won't make it to 5.6, but will be in 5.7 (next May) *** pfSense mini-roundup (http://mateh.id.au/2014/08/stream-netflix-chromecast-using-pfsense/) We found five interesting pfSense articles throughout the week and wanted to quickly mention them The first item in our pfSense mini-roundup details how you can stream Netflix to in non-US countries using a "smart" DNS service The second post (http://theosquest.com/2014/08/28/ipv6-with-comcast-and-pfsense/) talks about setting ip IPv6, in particular if Comcast is your ISP The third one (http://news.softpedia.com/news/PfSense-2-1-5-Is-Free-and-Powerful-FreeBSD-based-Firewall-Operating-System-457097.shtml) features pfSense on Softpedia, a more mainstream tech site The fourth post (http://sichent.wordpress.com/2014/02/22/filtering-https-traffic-with-squid-on-pfsense-2-1/) describes how to filter HTTPS traffic with Squid and pfSense The last article (http://pfsensesetup.com/vpn-tunneling-with-tinc/) describes setting up a VPN using the "tinc (https://en.wikipedia.org/wiki/Tinc_%28protocol%29)" daemon and pfSense It seems to be lesser known, compared to things like OpenVPN or SSH tunnels, so it's interesting to read about This pfSense HQ website seems to have lots of other cool pfSense items, check it out *** OpenBSD's new buffer cache (http://www.tedunangst.com/flak/post/2Q-buffer-cache-algorithm) OpenBSD has traditionally used the tried-and-true LRU algorithm for buffer cache, but it has a few problems Ted Unangst (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) has just switched to a new algorithm in -current, partially based on 2Q, and details some of his work Initial tests show positive results in terms of cache responsiveness Check the post for all the fine details *** BSDTalk episode 244 (http://bsdtalk.blogspot.com/2014/08/bsdtalk244-lumina-desktop-environment.html) Another new BSDTalk is up and, this time around, Will Backman (http://www.bsdnow.tv/episodes/2014_03_05-bsd_now_vs_bsdtalk) interviews Ken Moore, the developer of the new BSD desktop environment They discuss the history of development, differences between it and other DEs, lots of topics If you're more of a visual person, fear not, because... We'll have Ken on next week, including a full "virtual walkthrough" of Lumina and its applications *** Feedback/Questions Ghislain writes in (http://slexy.org/view/s21G3KL6lv) Raynold writes in (http://slexy.org/view/s21USZdk2D) Van writes in (http://slexy.org/view/s2IWAfkDfX) Sean writes in (http://slexy.org/view/s2OBhezoDV) Stefan writes in (http://slexy.org/view/s22h9RhXUy) ***

BSD Now
51: Engineering Nginx

BSD Now

Play Episode Listen Later Aug 20, 2014 87:27


Coming up on the show, we'll be showing you how to set up a secure, SSL-only webserver. There's also an interview with Eric Le Blan about community participation and FreeBSD's role in the commercial server space. All that and more, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Password gropers take spamtrap bait (http://bsdly.blogspot.com/2014/08/password-gropers-take-spamtrap-bait.html) Our friend Peter Hansteen (http://www.bsdnow.tv/episodes/2014_04_30-puffy_firewall), who keeps his eyes glued to his log files, has a new blog post He seems to have discovered another new weird phenomenon in his pop3 logs "yes, I still run one, for the same bad reasons more than a third of my readers probably do: inertia" Someone tried to log in to his service with an address that was known to be invalid The rest of the post goes into detail about his theory of why someone would use a list of invalid addresses for this purpose *** Inside the Atheros wifi chipset (https://www.youtube.com/watch?v=WOcYTqoSQ68) Adrian Chadd - sometimes known in the FreeBSD community as "the wireless guy" - gave a talk at the Defcon Wireless Village 2014 He covers a lot of topics on wifi, specifically on Atheros chips and why they're so popular for open source development There's a lot of great information in the presentation, including cool (and evil) things you can do with wireless cards Very technical talk; some parts might go over your head if you're not a driver developer The raw video file is also available to download (https://archive.org/download/WirelessVillageAtDefCon22/20-Atheros.mp4) on archive.org Adrian has also recently worked on getting Kismet and Aircrack-NG to work better with FreeBSD, including packet injection and other fun things *** Trip report and hackathon mini-roundup (http://freebsdfoundation.blogspot.com/2014/08/bsdcan-trip-report-mark-linimon.html) A few more (late) reports from BSDCan and the latest OpenBSD hackathon have been posted Mark Linimon mentions some of the future plans for FreeBSD's release engineering and ports Bapt also has a BSDCan report (http://freebsdfoundation.blogspot.com/2014/08/bsdcan-trip-report-baptiste-daroussin.html) detailing his work on ports and packages Antoine Jacoutot writes about (http://undeadly.org/cgi?action=article&sid=20140812064946) his work at the most recent hackathon, working with rc configuration and a new /etc/examples layout Peter Hessler, a latecomer to the hackathon, details his experience (http://undeadly.org/cgi?action=article&sid=20140806125308) too, hacking on the installer and built-in upgrade function Christian Weisgerber talks about (http://undeadly.org/cgi?action=article&sid=20140803122705) starting some initial improvements of OpenBSD's ports infrastructure *** DragonFly BSD 3.8.2 released (http://lists.dragonflybsd.org/pipermail/commits/2014-August/270573.html) Although it was already branched, the release media is now available for DragonFly 3.8.2 This is a minor update, mostly to fix the recent OpenSSL vulnerabilities It also includes some various other small fixes *** Interview - Eric Le Blan - info@xinuos.com (mailto:info@xinuos.com) Xinuos' recent FreeBSD integration, BSD in the commercial server space Tutorial Building a hardened, feature-rich webserver (http://www.bsdnow.tv/tutorials/nginx) News Roundup Defend your network and privacy, FreeBSD version (http://networkfilter.blogspot.com/2014/08/defend-your-network-and-privacy-vpn.html) Back in episode 39 (http://www.bsdnow.tv/episodes/2014_05_28-the_friendly_sandbox), we covered a blog post about creating an OpenBSD gateway - partly based on our tutorial (http://www.bsdnow.tv/tutorials/openbsd-router) This is a follow-up post, by the same author, about doing a similar thing with FreeBSD He mentions some of the advantages and disadvantages between the two operating systems, and encourages users to decide for themselves which one suits their needs The rest is pretty much the same things: firewall, VPN, DHCP server, DNSCrypt, etc. *** Don't encrypt all the things (http://www.tedunangst.com/flak/post/dont-encrypt-all-the-things) Another couple of interesting blog posts from Ted Unangst (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) about encryption It talks about how Google recently started ranking sites with HTTPS higher in their search results, and then reflects on how sometimes encryption does more harm than good After heartbleed, the ones who might be able to decrypt your emails went from just a three-letter agency to any script kiddie He also talks a bit about some PGP weaknesses and a possible future replacement He also has another, similar post entitled "in defense of opportunistic encryption (http://www.tedunangst.com/flak/post/in-defense-of-opportunistic-encryption)" *** New automounter lands in FreeBSD (https://svnweb.freebsd.org/base?view=revision&revision=270096) The work on the new automounter has just landed in 11-CURRENT With help from the FreeBSD Foundation, we'll have a new "autofs" kernel option Check the SVN viewer online to read over the man pages if you're not running -CURRENT You can also read a bit about it in the recent newsletter (https://www.freebsdfoundation.org/press/2014jul-newsletter#Project3) *** OpenSSH 6.7 CFT (https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-August/032810.html) It's been a little while since the last OpenSSH release, but 6.7 is almost ready Our friend Damien Miller (http://www.bsdnow.tv/episodes/2013_12_18-cryptocrystalline) issued a call for testing for the upcoming version, which includes a fair amount of new features It includes some old code removal, some new features and some internal reworkings - we'll cover the full list in detail when it's released This version also officially supports being built with LibreSSL now Help test it out and report any findings, especially if you have access to something a little more exotic than just a BSD system *** Feedback/Questions David writes in (http://slexy.org/view/s20yIP7VXa) Lachlan writes in (http://slexy.org/view/s2DeeUjAn6) Francis writes in (http://slexy.org/view/s216imwEb0) Frank writes in (http://slexy.org/view/s2oc8vavWe) Sean writes in (http://slexy.org/view/s20wL61sSr) ***

BSD Now
48: Liberating SSL

BSD Now

Play Episode Listen Later Jul 30, 2014 59:52


Coming up in this week's episode, we'll be talking with one of OpenBSD's newest developers - Brent Cook - about the portable version of LibreSSL and how it's developed. We've also got some information about the FreeBSD port of LibreSSL you might not know. The latest news and your emails, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines FreeBSD quarterly status report (https://www.freebsd.org/news/status/report-2014-04-2014-06.html) FreeBSD has gotten quite a lot done this quarter Changes in the way release branches are supported - major releases will get at least five years over their lifespan A new automounter is in the works, hoping to replace amd (which has some issues) The CAM target layer and RPC stack have gotten some major optimization and speed boosts Work on ZFSGuru continues, with a large status report specifically for that The report also mentioned some new committers, both source and ports It also covers GNATS being replaced with Bugzilla, the new core team, 9.3-RELEASE, GSoC updates, UEFI booting and lots of other things that we've already mentioned on the show "Foundation-sponsored work resulted in 226 commits to FreeBSD over the April to June period" *** A new OpenBSD HTTPD is born (http://undeadly.org/cgi?action=article&sid=20140724094043) Work has begun on a new HTTP daemon in the OpenBSD base system A lot of people are asking (http://www.reddit.com/r/BSD/comments/2b7azm/openbsd_gets_its_own_http_server/) "why?" since OpenBSD includes a chrooted nginx already - will it be removed? Will they co-exist? Initial responses seem to indicate that nginx is getting bloated, and is a bit overkill for just serving content (this isn't trying to be a full-featured replacement) It's partially based on the relayd codebase and also comes from the author of relayd, Reyk Floeter This has the added benefit of the usual, easy-to-understand syntax and privilege separation There's a very brief man page (http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8) online already It supports vhosts and can serve static files, but is still in very active development - there will probably be even more new features by the time this airs Will it be named OpenHTTPD? Or perhaps... LibreHTTPD? (I hope not) *** pkgng 1.3 announced (https://lists.freebsd.org/pipermail/freebsd-ports-announce/2014-July/000084.html) The newest version of FreeBSD's second generation package management system (http://www.bsdnow.tv/tutorials/pkgng) has been released, with lots of new features It has a new "real" solver to automatically handle conflicts, and dynamically discover new ones (this means the annoying -o option is deprecated now, hooray!) Lots of the code has been sandboxed for extra security You'll probably notice some new changes to the UI too, making things more user friendly A few days later 1.3.1 (https://svnweb.freebsd.org/ports?view=revision&sortby=date&revision=362996) was released to fix a few small bugs, then 1.3.2 (https://svnweb.freebsd.org/ports?view=revision&revision=363108) shortly thereafter and 1.3.3 (https://svnweb.freebsd.org/ports?view=revision&revision=363363) yesterday *** FreeBSD after-install security tasks (http://twisteddaemon.com/post/92921205276/freebsd-installed-your-next-five-moves-should-be) A number of people have written in to ask us "how do I secure my BSD box after I install it?" With this blog post, hopefully most of their questions will finally be answered in detail It goes through locking down SSH with keys, patching the base system for security, installing packages and keeping them updated, monitoring and closing any listening services and a few other small things Not only does it just list things to do, but the post also does a good job of explaining why you should do them Maybe we'll see some more posts in this series in the future *** Interview - Brent Cook - bcook@openbsd.org (mailto:bcook@openbsd.org) / @busterbcook (https://twitter.com/busterbcook) LibreSSL's portable version and development News Roundup FreeBSD Mastery - Storage Essentials (https://www.tiltedwindmillpress.com/?product=freebsd-mastery-storage-essentials) MWL (http://www.bsdnow.tv/episodes/2013_11_06-year_of_the_bsd_desktop)'s new book about the FreeBSD storage subsystems now has an early draft available Early buyers can get access to an in-progress draft of the book before the official release, but keep in mind that it may go through a lot of changes Topics of the book will include GEOM, UFS, ZFS, the disk utilities, partition schemes, disk encryption and maximizing I/O performance You'll get access to the completed (e)book when it's done if you buy the early draft The suggested price is $8 *** Why BSD and not Linux? (http://www.reddit.com/r/BSD/comments/2buea5/why_bsd_and_not_linux_or_why_linux_and_not_bsd/) Yet another thread comes up asking why you should choose BSD over Linux or vice-versa Lots of good responses from users of the various BSDs Directly ripping a quote: "Features like Ports, Capsicum, CARP, ZFS and DTrace were stable on BSDs before their Linux versions, and some of those are far more usable on BSD. Features like pf are still BSD-only. FreeBSD has GELI and ipfw and is "GCC free". DragonflyBSD has HAMMER and kernel performance tuning. OpenBSD have upstream pf and their gamut of security features, as well as a general emphasis on simplicity." And "Over the years, the BSDs have clearly shown their worth in the nix ecosystem by pioneering new features and driving adoption of others. The most recent on OpenBSD were 2038 support and LibreSSL. FreeBSD still arguably rules the FOSS storage space with ZFS." Some other users share their switching experiences - worth a read *** More g2k14 hackathon reports (http://undeadly.org/cgi?action=article&sid=20140724161550) Following up from last week's huge list (http://www.bsdnow.tv/episodes/2014_07_23-des_challenge_iv) of hackathon reports, we have a few more Landry Breuil (http://undeadly.org/cgi?action=article&sid=20140724161550) spent some time with Ansible testing his infrastructure, worked on the firefox port and tried to push some of their patches upstream Andrew Fresh (http://undeadly.org/cgi?action=article&sid=20140728122850) enjoyed his first hackathon, pushing OpenBSD's perl patches upstream and got tricked into rewriting the adduser utility in perl Ted Unangst (http://undeadly.org/cgi?action=article&sid=20140729070721) did his usual "teduing" (removing of) old code - say goodbye to asa, fpr, mkstr, xstr, oldrdist, fsplit, uyap and bluetooth Luckily we didn't have to cover 20 new ones this time! *** BSDTalk episode 243 (http://bsdtalk.blogspot.com/2014/07/mandoc-with-ingo-schwarze.html) The newest episode of BSDTalk (http://www.bsdnow.tv/episodes/2014_03_05-bsd_now_vs_bsdtalk) is out, featuring an interview with Ingo Schwarze of the OpenBSD team The main topic of discussion is mandoc, which some users might not be familiar with mandoc is a utility for formatting manpages that OpenBSD and NetBSD use (DragonFlyBSD and FreeBSD include it in their source tree, but it's not built by default) We'll catch up to you soon, Will! *** Feedback/Questions Thomas writes in (http://slexy.org/view/s2xLRQytAZ) Stephen writes in (http://slexy.org/view/s21AYng20n) Sha'ul writes in (http://slexy.org/view/s2DwLRdQDS) Florian writes in (http://slexy.org/view/s2E05L31BC) Bob Beck writes in (http://slexy.org/view/s21Nmg3Jrk) - and note the "Caution" section that was added to libressl.org (http://www.libressl.org/) ***