2019 - Penetration Testing Tools

Setup

docker run -it --rm kalilinux/kali-linux-docker 
apt-get install nmap nikto -y

Nmap

nmap news.rt-mart.com.tw
nmap -Pn --script vuln news.rt-mart.com.tw
nmap -Pn --script vuln 13.229.50.230

Nikto

nikto -host https://news.rt-mart.com.tw/main
nikto -host https://news.rt-mart.com.tw

testssl.sh

docker run -ti --rm drwetter/testssl.sh feversocial.com
docker run -ti --rm drwetter/testssl.sh news.rt-mart.com.tw
docker run -ti --rm drwetter/testssl.sh https://news.rt-mart.com.tw/main

Reference

如何 Debug GitLab CI

有時候明明沒有更動 .gitlab-ci.yml,但是 GitLab CI 卻突然 Build Fail。看 Build Log 會發現一些以前沒有出現過的錯誤。如果 .gitlab-ci.yml 都是使用 lastest 的 tag,這時候可能會懷疑是版本升級產生的錯誤。不論是 Docker, Image, Python, pip, awscli,都有可能因為版本升級而出錯,如下面的 Log。

Failed building wheel for PyYAML
  Running setup.py clean for PyYAML
Failed to build PyYAML
Installing collected packages: colorama, docutils, six, python-dateutil, jmespath, botocore, s3transfer, PyYAML, pyasn1, rsa, awscli
  Running setup.py install for PyYAML: started
    Running setup.py install for PyYAML: finished with status 'error'
    Complete output from command /usr/local/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-ni_3hnnt/PyYAML/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-g_q8xwm4/install-record.txt --single-version-externally-managed --compile:
error: command 'gcc' failed with exit status 1
    
    ----------------------------------------
Command "/usr/local/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-ni_3hnnt/PyYAML/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-g_q8xwm4/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-install-ni_3hnnt/PyYAML/
ERROR: Job failed: exit code 1

Solution

這時候可以根據你在 .gitlab-ci.yml 使用到的 image,跑起來,並且一步一步 Run Scripts,確認哪個環節出錯,再 Run 比較舊版本的 image,交叉比對是不是版本升級造成 Build Fail。

Read More

AWS summit 2018 Note

Container比較

Auto scaling, how to rebalance?

Nope.

每次新的Image 都要新的 task definition,目前有清理舊的 task definition 的機制嗎?

Nope.

Keyword:
EKS, Fargate

Fargate:不能微調,gpu, spot
EKS:helm

資安 by 趨勢科技

業配.. deep security
大概防護措施:
sha1 防竄改 -> recovery -> alert
firewall

AWS 良好架構概述

5 Pillars in AWS well-architected framework

  1. Operational excellence
    • 如果我的 panel 都是綠燈,但伺服器還是壞的?! 修正/補足 alert
  2. Security
    • IAM -> detective control -> infrastructure/data protection -> incident response
  3. Reliability
    • high avalibility
  4. Performance Efficiency
    • selection -> review -> monitoring -> trade-off
    • load testing
  5. Cost Optimization

問題:

怎麼知道哪些 region 連線速度?測試方法?

http://www.cloudping.info/

EKS

CoreOS ingress
Traefik ingress
Ingress doc 控制

放置避開
Taint -> node
Tolerance -> pod

區塊鍊

Cloudtrail 檢查 compliance