Post

Month 3 Journal

Posted
By Sumama Zaeem 13 min read

  • SSH, Client, Server: Secure Shell (SSH) is a cryptographic network protocol used for secure communication between a client and a server.

  • SSL: Secure Sockets Layer (SSL) is a security protocol used to establish encrypted links between a web server and a browser.

  • Public vs Private IP: Public IP addresses are globally unique and accessible from the internet, while private IP addresses are used within a local network and are not directly accessible from the internet.

  • VPC: Virtual Private Cloud (VPC) is a virtual network dedicated to a single organization within a cloud service provider’s infrastructure.

  • DNAT, SNAT: DNAT (Destination Network Address Translation) and SNAT (Source Network Address Translation) are techniques used in firewall configurations to modify the destination and source IP addresses of packets.

  • Console: A text-based interface used for managing and interacting with a computer system.

  • iptables: Netfilter: iptables is a user-space utility program that allows a system administrator to configure the IP packet filter rules of the Linux kernel firewall.

  • pfSense (Packet Filtering) BSD: pfSense is an open-source firewall/router software distribution based on FreeBSD.

  • Input Chain, Packet Filtering, App: Input chain is a part of the iptables firewall where rules are applied to incoming packets. Packet filtering involves examining packets and deciding whether to accept, drop, or forward them based on defined rules. App refers to an application running on a system.

  • nmap, tcpscan: nmap is a network scanning tool used for discovering hosts and services on a computer network. tcpscan is a type of scan used to determine which TCP ports are open on a target system.

  • #! File Used Why?: The #! (shebang) line at the beginning of a script file specifies the interpreter that should be used to execute the script.

  • Magic Bytes: Magic bytes are a sequence of bytes used to identify or verify the file type or format.

  • chmod +x: chmod is a command in Unix and Unix-like operating systems that is used to change the access permissions of files and directories. +x is an option that adds execute permission to a file.

  • echo $PATH: $PATH is an environment variable that specifies the directories in which executable programs are located. echo $PATH displays the value of the PATH variable.

  • .bashrc, .profile, .bash-profile: These are configuration files in Unix-like operating systems that are executed when a user logs in. They contain commands and settings for the shell environment.

  • locate db: The locate database is a system-wide index of files and directories used by the locate command to quickly search for files by name.

  • find Command FS Traverse: The find command in Unix is used to search for files and directories in a directory hierarchy. It can traverse the filesystem recursively.

  • whereis and which Command: whereis and which are commands used to locate executable files in the user’s PATH. which shows the full path of executable files, while whereis shows all locations of a specified executable file.

  • bash, zsh, sh: These are different types of Unix shells. Bash (Bourne Again Shell) and Zsh (Z Shell) are popular interactive shells, while Sh (Bourne Shell) is a simple shell used in scripting.

  • file /bin/ls: The file command is used to determine the type of a file. /bin/ls is the location of the ls command, which lists directory contents.

  • cron Jobs: Cron jobs are scheduled tasks that run periodically on Unix-like operating systems. They are managed by the cron daemon (crond), and their configurations are stored in crontab files.

  • crond Daemon: The crond daemon is responsible for executing scheduled tasks (cron jobs) at specified times.

  • Tabs, Configs, Environments: These refer to various aspects of system configuration, including tabulated data, configuration files, and environmental variables that affect the behavior of programs and processes.

  • Fork, Threads, IPC, Mutexes: These are concepts related to concurrent programming. Forking creates a new process, threads are concurrent execution units within a process, IPC (Inter-Process Communication) allows processes to communicate, and mutexes are synchronization primitives used to control access to shared resources.

  • Thread-Safe: Thread-safe refers to code or data structures that can be safely accessed by multiple threads concurrently without causing data corruption or unexpected behavior.

  • Firewall -> Network: A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

  • SELinux -> Processes: SELinux (Security-Enhanced Linux) is a security mechanism in Linux that provides mandatory access control (MAC) to processes and resources based on security policies.

  • AppArmor: AppArmor is a Linux security module that confines individual programs to a limited set of resources and actions to enhance system security.

  • Sandbox: A sandbox is a restricted environment that isolates programs or processes from the rest of the system to prevent them from causing harm or accessing sensitive resources.

  • System Call Table, Kernel: The system call table is a data structure in the kernel that maps system call numbers to their corresponding kernel functions. System calls are requests made by user-space processes to the kernel for performing privileged operations.

  • Nginx vs Apache: Nginx and Apache are both popular web servers used to serve web content. They differ in architecture, performance, and configuration options.

  • lighthttpd, squid: Lighttpd (Lighty) is a lightweight web server known for its speed and low resource usage. Squid is a caching proxy server used for web traffic optimization and content delivery.

  • Modular Webserver: A modular web server is designed with a modular architecture, allowing users to enable or disable specific features or modules based on their requirements.

  • Basic Concepts:
    • Main Config: The main configuration file of a web server, where global settings are defined.
    • Virtual Hosts/Server Block: Configuration blocks that define separate websites hosted on the same server, allowing multiple domains to be served from a single server.
    • Sites/Document Root: Directories on the server filesystem where website files are stored. The document root is the base directory from which web content is served.

  • Application Load Balancer: A load balancer that distributes incoming application traffic across multiple targets (such as EC2 instances) to ensure high availability and fault tolerance.

  • Nginx Mod Security: Nginx ModSecurity is a module for Nginx that provides web application firewall (WAF) capabilities, protecting web applications from various attacks and vulnerabilities.

  • WAF (Web Application Firewall): A WAF is a security solution that monitors, filters, and blocks HTTP traffic to and from a web application, protecting it from common web-based attacks.

  • Application Load Balancer, Network Load Balancer: Types of load balancers used in AWS for distributing incoming traffic across multiple targets, such as EC2 instances or containers.

  • wget, curl: Command-line tools used to retrieve content from web servers. Wget is used to download files from URLs, while Curl supports various protocols and can be used for more complex operations.

  • Reverse Proxy: A server that sits between clients and backend servers, forwarding client requests to the appropriate backend servers and returning the response to the clients.

  • HTTP Reverse Proxy with Nginx, Proxy Pass, CGI: Nginx can act as a reverse proxy, directing HTTP requests to backend servers based on predefined rules using the proxy_pass directive. CGI (Common Gateway Interface) allows external programs to interact with web servers to generate dynamic content.

  • PHP Server, PHP-FPM, FastCGI, LSAPI: PHP Server is a built-in web server for PHP development. PHP-FPM (FastCGI Process Manager) is a PHP FastCGI implementation used for handling PHP requests efficiently. LSAPI (LiteSpeed API) is an alternative to FastCGI used with LiteSpeed web servers.

  • Apache –> mod.php: Apache’s mod_php is an Apache module that integrates the PHP interpreter directly into the Apache web server, allowing Apache to process PHP scripts internally without needing to invoke an external PHP interpreter.

  • ProxyPass, SSL: ProxyPass is a directive in Apache HTTP Server that forwards requests to another server. SSL (Secure Sockets Layer) is a cryptographic protocol that provides secure communication over a computer network.

  • .htaccess: A configuration file used by Apache web servers to control directory-level configurations, such as URL redirection, access control, and authentication.

  • Python Flask: Flask is a lightweight web framework for Python that allows developers to build web applications quickly and with minimal boilerplate code.

  • Nginx Worker Procs vs Worker Connections: Nginx Worker Processes are instances of the Nginx server that handle client requests. Worker Connections define the maximum number of simultaneous connections each worker process can handle.

  • Keep Alive Connection: A feature in HTTP that allows a client and server to reuse the same TCP connection for multiple requests, reducing latency and improving performance.

  • Wednesday Discussion:
    • WSGI (Web Server Gateway Interface): A standard interface between web servers and Python web applications or frameworks, allowing for interoperability and portability.
    • NGINX Concepts like Reverse Proxy: Nginx acts as a reverse proxy, forwarding client requests to backend servers and returning the responses to clients.
    • NGINX Modules: Nginx supports modules that extend its functionality, such as geo IP for geolocation, horizontal scaling for load balancing, and challenges for security measures like rate limiting.
    • SSL, TLS: SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are cryptographic protocols that provide secure communication over a computer network.
    • Netscape, v1, 2, 3 —-> IETF, RFCs: Netscape developed the initial versions of SSL, which were later standardized by the IETF (Internet Engineering Task Force) through RFCs (Request for Comments).
    • Security, Identity, Authentication: Fundamental concepts in cybersecurity, including protecting systems and data, verifying the identity of users or systems, and validating their authenticity.
    • PKI Certificates: Public Key Infrastructure (PKI) certificates are digital certificates that verify the authenticity of public keys used for encryption and authentication.
    • TCP 3-Way Handshake: A process used by TCP/IP to establish a connection between a client and server, involving three steps: SYN, SYN-ACK, and ACK.
    • SSL 5-Way Handshake: A process in SSL/TLS negotiation that involves exchanging various messages to establish a secure connection between a client and server.
    • Random Strings, Session Keys: Randomly generated strings used for various cryptographic purposes, including generating session keys for secure communication.
    • Pcap: Short for Packet Capture, Pcap is a file format used to store network packet data captured by packet sniffers or network monitoring tools.
    • DV (Domain Verification), OV (Organization Verification), EV (Extended Verification): Different types of SSL certificates with varying levels of validation, ranging from domain ownership verification to extended organizational and identity verification.
    • CSR (Certificate Signing Request), Pub, CA: A CSR is a request sent to a Certificate Authority (CA) to obtain an SSL certificate. Pub refers to the public key included in the CSR, and CA is the entity that issues SSL certificates.

class discussion class discussion class discussion class discussion

Thursday discussion:

  • HTML Site:
    • Static Content: Refers to web content that remains constant and does not change based on user interactions.
    • Browser, Inspect Element Disable Cache: In web browsers, developers can disable cache in the inspect element tool to ensure that they see the latest version of the website without relying on cached resources.
    • Headers, Cache-Control: HTTP headers like Cache-Control provide directives for caching mechanisms, allowing developers to control how web browsers and proxies cache content.
  • Apache Concepts:
    • apache2.config: Main configuration file for the Apache HTTP server.
    • Tree /etc/apache2: Displays the directory tree structure of Apache configuration files.
    • ports.config: Configuration file for specifying which ports Apache should listen on.
    • site-available/, mod-available/: Directories containing available Apache sites and modules, respectively.
    • Config Test in Apache: Similar to nginx -t, apache provides a command to test the syntax of its configuration files.
    • Reload vs Restart: Apache’s reload command reloads the configuration without dropping connections, whereas restart restarts the entire server.
    • Indoor and CORS: Likely referring to security concepts such as CORS (Cross-Origin Resource Sharing) and indoor security measures.
  • Apache Configuration Management:
    • If a folder is added in sites-enabled and is empty, it will not cause a reload, but errors will not show.
    • a2enable: Command used to enable Apache sites.
    • Symbolic Link, a2enmod, a2dismod: Tools for enabling/disabling Apache modules and managing configuration files.
    • /etc/apache2.conf, /etc/apache.d/conf.d/: Default configuration files and directories for Apache.
    • Default.config File in site-available: A default configuration file provided in the site-available directory for setting up new sites.
  • VirtualHost Configuration:
    • in VirtualHost: Allows configuration settings to be applied to specific directories within a virtual host.
    • Server Alias Creation for Subdomains: Allows mapping of additional domain names to the same virtual host, commonly used for subdomains.
  • Config Management Tools:
    • Puppet, GitOps, Ansible: Configuration management tools used for automating the deployment and management of server configurations.
  • HTTP Response Status Codes:
    • Discussed different errors in 2xx, 3xx, 4xx, and 5xx categories.
  • Logs:
    • Access Logs and Error Logs: Logs that record access attempts and errors encountered by a server.
    • Syslog: System logging facility used by Unix-like systems to log messages.
    • /var/log/…: Directory containing various log files on Unix-like systems.
    • Log Rotate Feature: Feature used to manage log files by rotating or compressing them periodically.
    • /etc/logrotate.d/: Directory containing configuration files for log rotation.
  • Logging Formats and Tools:
    • Discussed the format of logs and how they are structured.
    • Gzip Module: Module used for compressing log files to reduce storage space.
    • Python Import Logger: Python library used for logging messages.
    • Logger.log Log Levels: Different log levels such as debug and error logs used for logging messages.
    • Verbose: Option used to increase the amount of information logged.
  • PHP Configuration and Rendering:
    • PHP Version Installed: Different versions of PHP, including PHP 5.x, 7.x, and PHP 8.
    • PHP Rendering Ways: Different methods of rendering PHP scripts, including mod_php and php-fpm.
    • PHP-FPM Layers: Discussion on PHP-FPM pools and their concepts.
  • Caching:
    • Varnish Caching: Caching mechanism used to speed up web servers by storing copies of web pages.
    • Integration of Nginx, Apache, and FPM: Discussion on integrating Nginx, Apache, and PHP-FPM with each other.
    • Proxy Pass and Reverse Proxy: Techniques used for forwarding requests to another server and handling client requests on behalf of a server.
    • Squid Proxy: A caching and forwarding HTTP proxy used for speeding up web servers.
  • Backup Strategies:
    • Lossy vs. Lossless Compression: Different compression techniques that may result in data loss or retain all data.
    • Tar: Archiving tool used to combine multiple files into a single file, often used in conjunction with gzip or bzip2 compression.
    • Compression Level 1-9: Different levels of compression available in gzip.
    • Full Backup, Differential Backup, Incremental Backup: Different backup strategies used for backing up data.
    • Rsync Tool: Utility used for synchronizing files and directories between two locations.
    • Concepts of Diff and Delta: Techniques used to identify and store differences between files.
    • Duplicity, Lsyncd: Backup tools used for creating and managing backups.
    • Snapshots: Point-in-time copies of data used for creating backups.

class discussion

nginx
nginx discussions
This post is licensed under CC BY 4.0 by the author.