Tag:security policy
-
Time:2021-4-20
1. Preface Welcome to readSpring security combat dry goodsA series of articles. Recently, an interesting question was raised by a small development partner. He is doing a project, involving two styles, one is to give small program interface, the use of stateless securityJWT TokenThe other is the management backgroundFreemarkerThat is, the front and rear ends […]
-
Time:2021-4-11
1. SELinux background knowledge 1.1 DAC and MAC Before SELinux appeared, the security model on Linux was called DAC, whose full name was discrete access control, translated as autonomous access control. The core idea of DAC is very simple, that is: the process theoretically has the same permissions as the user who executes it. For […]
-
Time:2020-12-16
Foreword: the magic Google browser, recently encountered the input HTTP link, will automatically force the jump of HTTPS, the original advanced continue to visit also disappeared, magic very!!! Only Baidu, try the following scheme: In the address field of Chrome’s new tab, enter: chrome://net-internals/#hsts Press enter to find the menu at the bottom: delete […]
-
Time:2020-11-12
install Install MySQL:brew install mysql Start MySQL:mysql.server start Check MySQL service status:systemctl status mysql.service Security settings:myqsl_secure_installation, prompt security policy after execution: There are three levels of password validation policy: LOW Length >= 8 MEDIUM Length >= 8, numeric, mixed case, and special characters STRONG Length >= 8, numeric, mixed case, special characters and dictionary file […]
-
Time:2020-9-16
Kubernetes is the most popular container choreography platform in today’s cloud native ecosystem. Therefore, the security of kubernetes has attracted more and more attention. In this blog post, I will first discuss the pod security policy admission controller. Then we’ll see how the open policy agent implements the pod security policy. In fact, open policy […]
-
Time:2020-8-10
Some time ago, riusksk official account was shared by the Google security team‘s new book, good book, all English original edition, open source free.Free download address: https://static.googleusercontent.com/media/landing.google.com/zh-CN//sre/static/pdf/SRS.pdfIntroduction to riuksk: https://mp.weixin.qq.com/s/HztqUAeAfuobvXzOfZ6CFA This paper mainly introduces the four main tasks of Google SRE team in the process of building a safe and reliable system design strategy Practical […]
-
Time:2020-7-4
Through IP Security Policy (take closing port 135 as an example) (1) Open Control Panel > system and Security > Management Tools > local security policy > IP security policy in turn (2) In the right margin of the local Group Policy Editor Right click the mouse and select “create IP security policy” […]
-
Time:2020-6-15
XSS Cross Site ScriptingCross site script What can scripting do? Get page data —- steal any data of the website Get cookies —- steal user data Hijacking front-end logic: stealing user password and login status Send request – Cheat user …. XSS attack classification Reflexivity URL parameter direct injection Storage Inject when reading after storing […]
-
Time:2020-5-28
At present, CentOS 6.5 and CentOS 7 are widely used, but they are quite different in various aspects. Therefore, CentOS 6.5 and CentOS 7 are introduced separately.This section introduces the installation of CentOS 6.5. If you are using CentOS 7, you do not need to see this section. If you have no requirements for the […]
-
Time:2020-5-23
Copy codeThe code is as follows: REM ================ start================netsh ipsec static ^ add policy name=bim REM adds 2 actions, block and limitnetsh ipsec static ^ add filteraction name=Permit action=permit netsh ipsec static ^ add filteraction name=Block action=block REM first prohibits all accessnetsh ipsec static ^ add filterlist name=AllAccess netsh ipsec static ^ add filter filterlist=AllAccess […]
-
Time:2020-3-1
First, make sure you have permission to modify the server profile Search apt packages apt search ‘python-certbot*’ Download the certbot version of the corresponding server (take nginx as an example) python-certbot-nginx Modify the server name in the nginx configuration file to your domain name FunctioncertbotCommand, fill in information as prompted certbot After running, the files […]
