DEV Community: vishwasnarayanre

A Modern Day SAST Strategy explained.

vishwasnarayanre — Sun, 22 May 2022 04:37:43 +0000

Many have often inquired about how to integrate SAST tools into the DevSecOps workflow. They enquire about essential issues such as:

➡️What are my options for dealing with false positives?

➡️I'm not sure how I'm going to sort through the findings.

➡️What happens when new problems arise?

➡️It takes 4–5 hours for my scan to finish. How can I include this tool into my DevSecOps workflow?

➡️What exactly do you mean when you say "baseline scan"?

Here are some of the benefits of SAST:

Finding security, safety, and quality concerns by checking for known vulnerability patterns for internationally accepted coding standards.
Defects are detected sooner, resulting in cheaper remedial costs.
Supporting a shift-left strategy by making analysis available across the board, including on developer desktops and in CI/CD pipelines.
Providing immediate feedback and pinpointing the specific position and source of vulnerabilities.
SAST tools should be executed as a pre-commit check, as well as during commit, build, and test times, in your developers' IDE. Examine each stage in further depth.

That assessment, on the other hand, does not focus on what you must do to properly incorporate SAST technologies into your DevSecOps pipeline. The justification for selecting this solution is that it combines the required amount of manual control with a suitable level of automation to build a cost-effective, proactive, and secure DevOps process in the existing pipeline through five key activities.

Let's talk about ways in which organizations can strategize with the shift left mindset.

Always do these checks right

Scan code and audit/triage results

The collecting of artifacts is the first step in a scan cycle. There are no hard and fast rules when it comes to how long the scan should take. The scan time is determined by the number of lines of code and the application's complexity. Perform a differential or incremental scan of the code that was just altered when problems are resolved and new code is introduced.

You'll receive a scan report file with all the results after the scan is completed. Then there are two scenarios to consider:

If this is your first time scanning the source code, perform a full audit review of the findings, often known as triage.

Upload the scan report file to the enterprise server if this is a subsequent scan of the source code. The fresh scan will be merged with the previously audited/triaged scan findings on the corporate server. The merger will bring to light new concerns that have yet to be investigated. You save duplication of effort this way.

When you scan your application for the first time, you're establishing a baseline. This implies you should examine each discovery or collection of findings and take one of the following steps:

Label the discovery ("not a problem," "suspect," etc.).
Suppress the appearance of false-positive results.
Keep your discoveries hidden.
Merge subsequent scan results
Assume you can at week n and examine the data, finding one false positive in bug 1 and a true problem in bug 2. The initial step is to combine the scans from weeks n and o.

Because you gave the SAST tool background knowledge, it will remember that you suppressed bug 1, and it will also note that you repaired bug 2. You resolve problem 2, label bug 1 in the scan file as "false positive," and then add more code to your project.

Let's pretend you went through a scan, damaged the build, and created a defect in your bug tracking system, which the developer has now rectified.

You've now contributed code between weeks n and n+1, as well as a new problem, bug 3. Bug 3 will be marked as "new" by the tool.

When you publish your scan findings to the business server, Merge is an effective function that is performed automatically. Before breaking the build or submitting bugs to your bug tracking system, send all future scans to the corporate server.

Remove false positives

Knowing information about the app's users, trust boundaries, sensitive data handling, security systems in place, input validation methods in use, and so on can considerably improve your capacity to minimize false positives and assess the true severity of actual problems. A huge percentage of false positives is due to a simple reason: Because it lacks a portion of the context in which the application exists, the tool cannot evaluate like a person; as a result, it must err on the side of caution and bring numerous possible concerns to the user's notice.

False positives arise when a tool reports something as an issue that isn't actually a problem. Because it offers security expertise to developers and identifies implementation issues that they may have ignored, and SAST tool may be thought of as a virtual security analyst. False negatives, on the other hand, arise when the tool fails to detect flaws that should have been detected. Make sure you understand the application's context before diving into the tool's findings.

The developers, with the help of a security analyst, are the most competent persons to evaluate the source code.

Customizing Ruleset

Getting the most accurate and useful results from the tool requires customising and fine-tuning the rules to fit a specific application. You may wish to tweak the rulesets now that you have the information about the application and the triaged results.

Because injection attacks are the most common sort of online assault today, knowing where data comes from and which APIs it passes through before being processed or ingested is critical.

Getting the most accurate and useful results from the tool requires customizing and fine-tuning the rules to fit a specific application. You may wish to tweak the rulesets now that you have the information about the application and the triaged results.

Because injection attacks are the most common sort of online assault today, knowing where data comes from and which APIs it passes through before being processed or ingested is critical.

After scanning, triaging, deleting false positives, and configuring the tool, the next stage in the DevSecOps pipeline is to automate it.

This includes scanning using command-line options or building server plugins, defining thresholds for broken builds, providing email notifications to developers who introduce issues, and automating bug tracking.
SAST01: Highly configured rulesets - DNS_lecture_notes.pdf (lth.se)
It's time to distribute the SAST IDE plugin to your developers once you've onboarded, triaged, and configured rulesets. As developers input their code, the SAST tool automatically detects vulnerabilities and delivers just-in-time security recommendations.

Developers may avoid the most frequent security concerns by having their code checked for security flaws and following the tool's instructions to correct bugs as they code.

Because developers are continually examining the results, it's critical to keep the false-positive rate as low as feasible, if not nil. The triaged findings will help developers trust the SAST tool by allowing them to put out just the rulesets that are true positives.

Here are a few examples of rules that may be set up to execute in the IDE for developers:

SQL injection
Cross-site scripting (stored)
Cross-site scripting (reflected)
Resource leaks
Hard-coded credentials
Configuration review

SAST02: Client’s top 10 issues

There would be no need to run any more SASTs in the DevSecOps pipeline if every developer used the SAST tool religiously. However, this is never the case. So, assuming the SAST tool is automated, as soon as developers put their code into a version control repository, the same scan rules defined in SAST01—plus a handful more, such as the client's top 10 issues—are performed totally automated. The scan should take no more than 4–5 minutes with the SAST tool.

So, let's go through the rules for the SAST02 tests once more:

SQL injection—same as SAST01
Cross-site scripting (stored)—same as SAST01
Cross-site scripting (reflected)—same as SAST01
Resource leaks—same as SAST01
Hard-coded credentials—same as SAST01
Session management
Configuration review

SAST03: OWASP Top 10 issues

After you read the article here, you're going toward the right of your DevSecOps pipeline now, and the tasks are taking longer to complete. If your application is a web application, this is when you should run your SAST tool against the OWASP Top 10 concerns. For applications that employ web services, REST services, or bespoke frameworks for which your SAST tool may not have extensive rules, you may also execute any unique rules you've built. In your SAST01 and SAST02, a few problems, such as SQL injection and XSS, have already been searched for.

The following are a few examples of rulesets for the OWASP Top 10:

Malicious file execution
Insecure direct object reference
Information leakage and error handling
Command injection
Weak encryption
Denial of service
Path manipulation
Insecure cryptographic storage

SAST04: Comprehensive rulesets

This is the last step, during which you may run scans using detailed rulesets. You may do the tests simultaneously by combining SAST03 and SAST04, or you can break them off further, as I do. The SLA here might range from 60–90 minutes to several hours.

XML injection
XPath injection
XML external entity
Open redirect
DOM XSS
Cookie injection
Expression language (EL) injection
Header injection
LDAP injection

The longer it takes for the tool to perform the scan, the larger the collection of criteria you use. One of the reasons to attempt to divide and conquer the rules you run at each stage of the DevSecOps pipeline is to reduce the number of rules you have to run.

Once you've finished this phase, you should have a clear understanding of all of your SAST rules. As I usually say, "one size does not suit all." You'll need to properly configure your rules and be prepared to build bespoke rules depending on the language, architecture, technology, and framework you choose.

Once everything is in place, include the IDE plugins in the pre-commit checks so that developers have access to the tool and can identify and resolve issues as they arise.

Finally, while testing, configure extensive rulesets.

All other tests, with the exception of the SAST tool running in the IDE, break the build, send email notifications, and upload defects to the bug tracking system.

The actions recommended meet the following important objectives:

Allow developers to concentrate on defect correction.Use pre-commit checks in the developers' IDE to strategically align source code analysis early in development release cycles.During the commit-time checks, the identical set of rules and the client's top 10 are run.Encourage the development organisation to adopt a precautionary mindset.
Allow security teams to maintain governance and track the residual risk posture on a continuous basis from a central location.Allows DevSecOps teams to incorporate SAST technologies without adding to their time to market.
Configure the OWASP Top 10 throughout the construction process.
Many developers who are using SAST technologies for the first time go through a period of learning and exploration. When the tools are onboarded and automated in the DevSecOps pipeline, trust me when I say they'll start paying more attention to the security of their code.

things to regret about node js today

vishwasnarayanre — Wed, 25 Aug 2021 18:23:14 +0000

You have only started using Node again in the past 6 months, because when Ryan Dahl created Node the goal was mainly to program event-driven HTTP servers, and Go is a better language for building faster servers.

But he thinks JavaScript is good. Dynamic languages may not be suitable for building servers that you want to control everything, but they are the right tool for prototyping, such as scientific computing. JavaScript is the best dynamic language.

Your Node problem is almost related to the way you manage user code. Mainly because it focuses on event I/O, the module system is essentially an afterthought.

failed to fulfill the promise

It is possible that the unified use of promises in Node will speed up the delivery of standardization and async/await.

Security

The node program can access all system calls, such as writing to disk and accessing the network.

Build System

If you are writing a module link to a C library, you will use GYP to compile the C library and link it to Node.
Chrome used to use GYB, but now Node is the only GYP user.
Funky interface, which is a Python adaptation of JSON. The node has several unnecessary complex wrappers.

package.json

Includes NPM in Node, making NPM a standard for Node distribution. Centralized repository (privately controlled) of modules.
require ("sommodule") is not specific: package.json, local node_modules folder, NPM database.
promotes the concept of "module" to an unnecessary abstraction of file directories. It does not exist on the network.
includes unnecessary information such as licenses, repositories.

node_modules

The analysis algorithm for module is extremely complicated.
Ventured by default is kind, but $NODE_PATH will work.
There is a deviation from the browser.
does not need to be extended.

is unnecessarily unclear.

is not the way browsers work.
The module loader must guess.

index.js

It unnecessarily complicates the module loading system.
is especially unnecessary after package.json which needs to be supported.

Deno

https://github.com/ry/deno - Official Repo

FreeCodeCamp Study Material

Security

By default, the script should run without write access to the network or file system.
Users can choose to access via the following signs:
- allownet
- allowwrite
It is not allowed to bind any native functions to V8.

The TypeScript compiler is built into the executable file.

TypeScript is beautiful.
finally delivered a practical and optional type language.
enables code to grow seamlessly from fast hackers to large, well-structured machines.
Normal JS should work too.

The simplified module system does not support node modules.

The import is just a relative or absolute URL.
The import must provide an extension.
remote URLs are fetched and cached indefinitely on the first load.
can be sold by specifying a non-default cache directory.

Other

Only submit an executable file with the fewest links.
Start the runtime by compiling the node module with parcel into a package.
Always died immediately because of a promise that was not fulfilled.
supports top-level wait.
browser compatible (window is not global) #node #deno #javascript

Types of attacks in Cyberspace

vishwasnarayanre — Wed, 25 Aug 2021 18:08:44 +0000

One of these ramifications is cyber-attacks. In cyberspace, there are many different forms of cyber assaults. Since 2018, a variety of cyber assaults have occurred, several of which have resulted in serious repercussions.

The following are the most common methods used by various sorts of cyber assaults. Continue reading to learn about different types of cyberattacks and how to avoid them.

An purposeful act by one or more cybercriminals to steal data, falsify information, or disrupt digital systems is known as a cyber attack. Organizations require Cyber Security professionals and specialists to cope with these many forms of cyber assaults.

Cybercriminals get unlawful and unauthorised access to one or more computers through cyber security assaults, which they exploit to their advantage. Individuals all around the world are affected by numerous sorts of cyber assaults. So, what are the most frequent forms of cyber-attacks now in use? You might be shocked to learn that there is a lengthy list to review.

Numerous research have shown various forms of cyber assaults in the field of cybersecurity. Let's take a closer look at these sorts of cyber assaults and learn more about them.

PHISHING ATTACKS:

Phishing attacks are one of the most common types of cyber attacks. With these attacks, attackers attempt to obtain personal information or data, such as usernames, passwords, and credit card details, disguising themselves as trusted entities. Phishing is mainly carried out through electronic means such as email and the telephone.

SPEAR PHISHING ATTACKS:

Spear phishing refers to any fraudulent activity carried out via email or telephone, with the purpose of unauthorized access to personal confidential information. It has become one of the most common types of cyber attacks today.

WHALE PHISHING ATTACKS

Whale phishing is one of many types of hacking attacks aimed at accessing sensitive and confidential information of powerful people (such as the CEO or CEO of any company). It is an important type in the list of types of network attacks.

DRIVE-BY ATTACKS

Among various types of cyber attacks, car theft attacks are very common. In these types of network security attacks, hackers insert malicious scripts on multiple websites and finally gain access to all confidential files of users who visit these websites. Through these malicious scripts, the entire system is destroyed and hackers have access to all information.

RANSOMWARE

Among the types of cyber attacks, ransomware is the most risky one, because very critical information may be threatened. In a ransomware attack, if the victim does not pay the ransom within the deadline set by the cybercriminals, they will be forced to delete all necessary information from their systems. It is also one of the main types of cyber attacks in the health and defense and other sectors. However, there is no guarantee that paying the ransom will protect your files.

PASSWORD ATTACK

In this type of network security attack, the attacker tries to invade the different accounts of the victim by hacking the victim's personal data and password. This allows them to illegally access all of the victim's information, which is ultimately based on the attacker's benefit. .

EAVESDROPPING ATTACKS

Eavesdropping attacks are an attack on network security, which cybercriminals carry out from time to time to gain unauthorized access to the files they need. Mobile phones, computers, and laptops are first used by hackers and then used by attackers to create information according to their own wishes. It is important to know the answers to the following questions: How many types of cyber attacks do you need to know?

MALWARE ATTACKS

In malware attacks, attackers create code called malware to invade digital devices, including laptops, computers, and mobile phones, to gain unauthorized access.

TROJAN HORSES

A Trojan horse program is a malicious software program whose purpose is to invade digital devices by showing useful software to the victim.
It is one of the most dangerous types of cyber attacks. It can help the attacker obtain financial details and other confidential information of the victim.

MAN-IN-THE-MIDDLE ATTACKS

A MitM attack occurs when an attacker stands between the customer and the owner to trick the customer into gaining unauthorized access to their digital system.

DENIAL-OF-SERVICE (DOS) AND DISTRIBUTED DENIAL-OF-SERVICE (DDOS) ATTACKS

DDoS attacks are one of the common types of network attacks, the purpose of which is to overwhelm the system and make it unable to respond to clients, thus eventually losing a large number of clients immediately.

URL INTERPRETATION

In these types of network attacks, hackers change and forge specific URLs, through which they can gain unauthorized access to the victim's professional and personal data.

DNS TUNNELING

It is one of the most dangerous types of cyber attacks. Hackers first invade the digital system, then collect data, and then forge the victim's information. This may take a long time and last a long time. It may also end up permanently damaging the victim's digital system due to the inserted robot and virus.

SESSION HIJACKING

It is one of the most dangerous types of attacks in network security. These types of active attacks occur when the attacker performs security attacks on the victim's session over and over again from the protected network. This is a dangerous method that allows the attacker to steal all the victim's information and data at the end of the process.

BRUTE FORCE

It is a method of randomly trying different keys or passwords to unlock the victim's system. It is one of the main types of cyber attacks, which are carried out by many people every day.

CROSS-SITE SCRIPTING

This is an injection violation in which cybercriminals send malicious scripts from other websites to the victim's system to obtain their information.

SQL INJECTION

SQL injection is one of the
newest types of network attacks designed to inject malicious information into the victim's digital device.Allows hackers to access all confidential and personal information.

INSIDER THREATS

Many types of cyber attacks happen every day. The most shocking fact is that most of the time, an intern is involved in this process to help cybercriminals obtain information about your organization. The insiders of the target organization eventually become the ones creating these types of cyberattacks every day. They help them by providing all the necessary information to external attackers, which can have more consequences. These types of hacking attacks can occur in the corporate environment. It is also one of the common types of attacks on banks and financial institutions on network security.

AI-POWERED ATTACKS

Machine learning focuses on teaching computers to multitask on their own, rather than relying on humans to perform them manually. Sometimes artificial intelligence is used to crack digital systems in order to obtain unauthorized information. It can also be used to steal confidential financial data. It affects national security and even emotionally harms people.

BIRTHDAY ATTACKS

The birthday attack is a brute force cyber attack designed to distort the communication between customers and different people in the company, starting directly with the CEO and his employees.

Conclustion

What are the types of cyber attacks? This question has been adequately answered in this article. In terms of their impact, various types of cybersecurity attacks affect victims in different ways. Assessing these types of cyberattacks requires further investigation on the subject. The first thing is that all kinds of cyberattacks affect the victims in some way.
Here are some of the top types of attacks that occur frequently in cybersecurity in 2020. However, the most important way to reduce them is to have a broad understanding of the types of cyber attacks. Should raise the level of awareness of employees and ordinary citizens, and then take appropriate preventive measures to reduce the crime rate in the business environment.

Wireshark

vishwasnarayanre — Fri, 11 Jun 2021 06:41:14 +0000

Wireshark introduction

Wireshark is a network analyzer that allows you to see what is going on with your network. Wireshark allows you to dissect network packets at a microscopic level, including detailed information on individual packets.

Wireshark was first made available in 1998. Back then, it was considered Ethereal. Wireshark is compatible with all major operating systems. Most businesses and government agencies also use Wireshark as a primary network analyzer.

Wireshark is now fully open-source, thanks to the global network engineering ecosystem. While most security systems are command-line-based, Wireshark has an excellent user interface.

OSI Model

The Open Systems Interconnection (OSI) paradigm standardises the manner in which two or more computers communicate with one another. The OSI Model classifies network architecture into seven layers:

Application, Presentation, Session, Transport, Network, Datalink, and Physical.

Here is what each layer does:

OSI Model Layers
If you want to read more about the OSI model, check out this comprehensive essay.

Packets

Now that you understand the OSI model, let's look at network packets. When data is transmitted from one device to another, it is divided into smaller units known as packets.

When you download a file from the internet, the data is transmitted as packets from the server. Your machine reassembles these packets to send you the original file.

IPV4 Packet

A packet can contain the following data:
*source and destination IP addresses
protocol

source and destination ports
Data
Length, flags, TTL, etc.
protocol

Each packet includes important information about the devices involved in the packet transfer. Thousands, if not millions, of these data packets are transmitted between the source and destination devices for each data connection.

You can now understand the significance of Wireshark. Wireshark allows you to catch and search each of these packets for details.

A network engineer's equivalent of a biologist's microscope is Wireshark. Wireshark allows you to ‘listen' to a live network (after connecting to it), record, and inspect packets on the move.

You may use Wireshark as a network engineer or ethical hacker to debug and protect the networks. As a bad guy (which I do not recommend), you can sniff network packets and grab information such as credit card purchases.

This is why connecting to a public network such as Starbucks and doing financial transfers or accessing private data is risky. Even though HTTPS sites can encrypt the packets, they are still readable across the network.

If someone is determined enough, they will be able to break it.
Wireshark Fundamentals
Let's take a look at how you can use Wireshark. Wireshark can be downloaded and installed from this page.
Unlike other penetration testing software, Wireshark provides an excellent graphical user interface. This is how Wireshark appears when you launch it.

Wireshark displays a list of the networks to which you are linked, and you can choose one of them to begin listening to the network.

Wireshark UI
There are three panes in Wireshark.
Packet List Pane

The listing of packages in Wireshark is by default displayed using the following columns:
Package Number
Time
Source IP (Your device IP when sending packages, see the following tutorial if you’re unfamiliar with IP’s: https://youtu.be/oieIGwUPaKE)
Destination IP (Your device IP when receiving Packages)
Network Protocol used (Typically TCP or UDP, see the following video if you’re in doubt of the difference between these: https://youtu.be/0-MldfyhIuo)
Package Length
Info (Information not listed in one of the above columns)

Packet List Pane

This window shows the collected packets. Each line represents a separate packet, which you can click on and examine in greater depth using the other two panes.

Packet Details Pane

Selecting a packet allows you to examine the packet information in greater depth using the Packet Details pane. It shows information such as IP addresses, ports, and other data from the packet.

Packet Bytes Pane

This pane displays the raw data of the chosen packet in bytes. The data is presented as a hex dump, which is binary data in hexadecimal format.

Filters

Filters in Wireshark assist you in narrowing down the kind of data you are searching for. Filters are classified into two types: capture filters and display filters.

Traffic Filtering

Wireshark supports filters based on a broad range of criteria to reduce the amount of information shown at the start. The filters can be applied directly in the search bar of the Wireshark programme, as seen below with a TCP protocol filter.

Capture Filter

Until beginning to evaluate a network, you should apply a catch filter. When a catch filter is set, it only catches packets that fit the capture filter.

For eg, if you only need to listen to the packets being sent and received from an IP address, you can set a capture filter as follows.
host 192.168.0.1
Once you set a capture filter, you cannot change it till the current capture session is completed.

Display Filters

To grab packets, display filters are used. For eg, if you just want to see requests coming from a certain IP address, you can do so. you can apply a display filter as follows:
ip.src==192.168.0.1

Show filters can be modified on the fly when they are added to collected data.
In a nutshell, capture filters allow you to filter the traffic, while view filters add certain filters to the captured packets. Wireshark is good for debugging because it can catch hundreds of packets on a busy network.

Wireshark's Main Features

Now that you've mastered the fundamentals of Wireshark, let's take a look at some main features. You can do it with Wireshark.

Recognize network security risks and malicious activities
Debug dynamic networks by observing network traffic.
Filter traffic according to protocols, ports, and other criteria.
Capture packets and store them in a Pcap file for later review.
To improve research, apply coloring rules to the packet list.
Captured data can be exported to an XML, CSV, or plain text format.

Conclusion

Every year, Wireshark is ranked in the top ten network security software. Wireshark is simple to understand and use thanks to its simple but efficient user interface. It is an important weapon in the arsenal of any penetration tester.

Programing language for hackers

vishwasnarayanre — Wed, 19 May 2021 16:43:08 +0000

Hacking is a very interesting concept where you use for exploiting the network or a computer system to access a crucial information. When you know how to use the techniques legally you can get to know how the cybersecurity professionals can really be influential in getting the best out for the world to keep the cyber space more secure.

Here I have some list of the programing languages that you need to know for Ethical Hacking.

Why is programing important for the Ethical Hacking?

To be a hacker it is imperative to have a knowledge of programing language.
Knowledge of coding will help you in making you realize the Bugs and will you in writing your own script.
Coding will help hackers penetrate various hackable fields/platforms.

1. python

The most popular language is python,this has a huge community support and huge number of libraries which makes prototyping and automation scripting easier.

Python is a general-purpose programing language that means it is used in various different fields/platforms this is a very widely used language in different industries.

This is also a DeFacto programing language, this is the language that is used in writing the hacking scripts, Exploits and Malicious Program.

Python socket programing can also be used for discovering vulnerabilities in a system.

2. JavaScript

JavaScript* is also used in web hacking and penetration testing. This language is used in reading saved cookies and also perform attacks like XSS(Cross Site Scripting).

JavaScript has gained popularity as the Server-side programing Language along with he NodeJS framework.

3. PHP

PHP is a Programing Language that is Hypertext pre-processor which is a dynamic server-side programing language, this language is used in the web development which helps you in understanding the web hacking techniques.

PHP is used for the server-side scripting that can be used to gain access to the server. This can also give you a access to know the vulnerabilities int eh code and you can get the knowledge of running the code properly.

This is one of the most powerful server side languages that we will be using in order to secure and keep your website secure in most of the web domain we can use the PHP ad analyze and secure the web.

See today most of the content management system runs on PHP thus you have to have knowledge about PHP which is going to useful for you in the future.

4. SQL - Structures Query Language

this Language is used in fetching data from the database. This is not a well versed language in the developer space for the development but this is the language that is used for communicating with the database.

The knowledge of SQL will help us in comprehending the structure of the Database thus helping us in making the right decision for which scripts or the code to apply for the programme.

SQL is used for the purpose of the web hacking, which is to access into the database. Using SQL hackers can really do a SQL injection Attack thus helping the hackers to collect even more confidential information from the database.

SQL is used in building tools for the SQL injection which can be used for exploiting the login algorithms in the web application that are week.

5. C/C++ programing language

This is the best language when are new to the programing world and also a best language if you want to learn the programing as this is a very old languages int eh developer space.

it helps the newbies to develop and write the exploit codes. This is used for manipulating the system Hardware and also will help you in gaining access to the system resources.

Most of the Operating system and the programs are written in c programing language thus exploiting the system and the system software c programing is going to help you a lot .C programing language is also used in creating shell code, toolkits and also exploits, malware, key Logers and many more.

Do remember Learning various programing language is a added advantage when you want to learn hacking and it will be a asset to you tomorrow.

Some more programing languages are:

Ruby: Ruby has a very close relation with the python as it has similar syntax.

for the Example you can learn something called as the Ruby on Rails

However, ruby can be used for the various purpose and can be interchangeably used in Bash Scripting.

HTML/CSS/tailwind CSS/Typescript and many more for understanding how the websites are used.

Thus all languages are important if you are lazy like me then you can jsut go and learn the algorithms and you will get the syntaxes of any language later.

Nmap

vishwasnarayanre — Wed, 19 May 2021 11:36:05 +0000

About Nmap

Nmap is a network discovery and compliance auditing tool. In a nutshell, nmap shows exposed utilities on a target computer as well as other valuable details including version and Iso detection. It's also free and open source!

Nmap is an abbreviation for Network Mapper. It is a free and open-source Linux command-line utility for scanning IP addresses and ports in a network and detecting installed applications. Nmap helps network administrators to discover the machines that are connected to their network, discover available ports and services, and identify vulnerabilities.Gordon Lyon (pseudonym Fyodor) created Nmap as a method for quickly mapping an entire network and locating available ports and facilities.

Nmap is favoured over other scanning applications for a variety of purposes. Nmap allows you to easily map out a network without the need for complex commands or configurations. Nmap supports both basic commands (such as checking to see whether a host is up) and complex scripting through the Nmap scripting engine.

Other capabilities of Nmap include the ability to automatically identify all devices on a single or multiple networks, such as servers, routers, switches, handheld devices, and so on.
Identify the utilities that are running on a device, such as web servers, DNS servers, and other commonly used software. Nmap can also detect device variants with good precision, which can aid in the detection of known vulnerabilities.

Nmap will discover knowledge about the operating system that is currently running on a smartphone. It may include specific details such as OS models, making alternate approaches during penetration testing easier to schedule.
Nmap can be used to target applications using existing scripts from the Nmap Scripting Engine during security auditing and vulnerability scanning.

Zenmap is the graphical user interface for Nmap. It enables you to create visual network mappings for improved accessibility and monitoring.

Commands

Let's have a look at a few Nmap commands. If you don't already have Nmap installed, you can obtain it here.

Basic scans

The initial stage in network mapping is to scan the list of active devices on a network. There are two kinds of scans you may utilise for this:
*Ping scan * — Scans the list of devices up and running on a given subnet.
nmap -sp IP/24

Scan a single host for 1000 well-known ports — Scans a single host for 1000 well-known ports. These are the ports used by prominent services such as SQL, SNTP, Apache, and others.

nmap domain

Nmap Basic Scan

Stealth scan : Stealth scanning is performed by sending an SYN packet and analyzing the response. If SYN/ACK is received, it means the port is open, and you can open a TCP connection. However, a stealth scan never completes the 3-way handshake, hence it's hard for the target to determine the scanning system.

nmap -sS domain

To execute a stealth scan, use the ‘-sS' command. Keep in mind that stealth scanning is slower and less aggressive than other forms of scanning, so you may have to wait a while for a response.

Version scanning

Finding programme versions is an essential component of penetration testing. It makes your life simpler since you may locate an existing vulnerability for a specific version of the service in the Common Vulnerabilities and Exploits (CVE) database. Then, using an exploitation tool such as Metasploit, you may utilise it to attack a system.

nmap -sV domain

Use the ‘-sV' command to do a version scan. Nmap will provide a list of services along with their versions. Keep in mind that version scans are not always 100% correct, but they do get you one step closer to effectively entering a system.

Nmap Version Scanning

OS Scanning
Nmap can offer information on the underlying operating system via TCP/IP fingerprinting in addition to the services and their versions. During an OS scan, Nmap will also attempt to determine the system uptime.

nmap -sV domain

You can use the additional flags like --osscan-limit to limit the search to a few expected targets. Nmap will display the confidence percentage for each OS guess. Again, OS detection is not always accurate, but it goes a long way in helping a pen tester get closer to his / her target.

Nmap OS Scanning

Aggressive Scanning

Nmap features an aggressive mode that allows it to detect operating systems, versions, scripts, and traceroutes. To execute an aggressive scan, use the -A parameter.

nmap -A domain

Regular scans do not give as much information as aggressive scans. An aggressive scan, on the other hand, sends out more probes and is more likely to be identified during security audits.

Nmap Aggressive Scan
Scanning Multiple Hosts

Nmap is capable of scanning many hosts at the same time. This function is extremely useful for managing a large network architecture.

You may scan several hosts using a variety of methods, including:
To scan all of the hosts at the same time, write all of the IP addresses in a single row.

nmap 192.164.1.1 192.164.0.2 192.164.0.2

Use the asterisk (*) to scan all of the subnets at once.

nmap 192.164.1.*

Add commas to separate the addresses endings instead of typing the entire domains

nmap 192.164.0.1,2,3,4

Use a hyphen to specify a range of IP addresses

nmap 192.164.0.0–255

Port Scanning

Port scanning is one of the most fundamental features of Nmap. You can scan for ports in several ways.

Using the -p param to scan for a single port

nmap -p 973 192.164.0.1

You can scan for information about a certain sort of connection if you provide the kind of port.

eg. for a TCP connection,

nmap -p T:7777, 973 192.164.0.1

A range of ports can be scanned by separating them with a hyphen.

nmap -p 76–973 192.164.0.1

You can also use the --top-ports flag to specify the top n ports to scan
nmap --top-ports 10 domain

Scanning from a File

If you want to scan a large list of IP addresses, you can do it by importing a file with the list of IP addresses.

nmap -iL /input_ips.txt

The above command will produce the scan results of all the given domains in the “input_ips.txt” file. Other than simply scanning the IP addresses, you can use additional options and flags as well.

Verbosity and Exporting Scan Results

Penetration testing can last days or even weeks. Exporting Nmap results can be useful to avoid redundant work and to help with creating final reports. Let’s look at some ways to export Nmap scan results.

Verbose Output : nmap -v domain

The verbose output offers more information about the scan that is being done. It is important to observe Nmap's activity on a network step by step, especially if you are an outsider scanning a client's network.

Nmap Verbose Output**
Normal output
Nmap scans may also be saved as text files. It will alter significantly from the original command line output, but it will contain all of the important scan findings.

nmap -oN output.txt domain

Nmap File output

XML output
Nmap scans may be exported to XML as well. It's also the preferred file format for most pen-testing programmes, so it's easy to parse when importing scan results.

nmap -oX output.xml domain

Nmap XML Output

Multiple Formats

You can also export the scan results in all the available formats at once using the -oA command.

nmap -oA output domain
The above command will export the scan result in three files — output.xml, output. Nmap and output.gnmap.

Nmap Help

Nmap has a built-in help command that lists all the flags and options you can use. It is often handy given the number of command-line arguments Nmap comes with.
nmap -h

Nmap Help

Nmap Scripting Engine: Nmap Scripting Engine (NSE) is a tremendously powerful tool for writing scripts and automating many networking capabilities. You may discover a plethora of scripts spread around Nmap, or you may develop your own script based on your needs. You may even use the Lua programming language to change existing scripts.

Nmap Scripts: NSE also includes attack scripts for assaulting the network and various networking protocols. Going through the scripting engine in detail would be beyond the scope of this post, but here is some additional information regarding the Nmap scripting engine.

Zenmap

Nmap's graphical user interface is Zenmap. It is a free and open-source programme that assists you in getting started with Nmap.

Zenmap UI
Zenmap not only provides visual network mappings, but it also allows you to save and search your scans for later use. Zenmap is ideal for novices who want to test the possibilities of Nmap without having to use a command-line interface.

Conclusion

Because of its extensive command set, Nmap is definitely the networking equivalent of the "Swiss Army Knife." Nmap allows you to swiftly scan and uncover important information about your network's hosts, ports, firewalls, and operating systems. Nmap includes a plethora of parameters, flags, and options that assist system administrators in thoroughly analysing a network.

Nmap Scan Types

TCP Connect

The TCP Connect search concludes the three-way handshake.
If a port is open, the operating system has finished the TCP three-way handshake, and the port scanner closes the connection automatically to prevent DOS. This is considered "noisy" since the services will record the sender's IP address and can initiate Intrusion Detection Systems.

UDP Scan

This scan checks to see if there are any UDP ports listening.
Since UDP, unlike TCP, does not react with a positive acknowledgment and only reacts to an incoming UDP packet when the port is closed, this form of scan may sometimes produce false positives. It can, however, expose Trojan horses running on high UDP ports as well as secret RPC services.

It can be very slow, since some computers deliberately slow down responses to this type of traffic in order to avoid being overloaded. Machines running Windows OS, on the other hand, do not enforce this slowdown bug, so you should be able to search Windows hosts normally using UDP.

SYN Scan

TCP scanning is also known as SYN scanning.
Rather than using the network features of the operating system, the port scanner produces raw IP packets and watches for responses. Since it never establishes a complete TCP link, this scan style is also known as "half-open scanning." A SYN packet is created by the port scanner. If the target port is available, it will send a SYN-ACK packet in response.

The scanner host responds with a RST packet, effectively terminating the link before the handshake is done. If the port is closed but not filtered, the aim will answer immediately with a RST packet. There is some disagreement about which search is less invasive on the target host. The benefit of SYN scan is that the individual providers never receive a connection.

FIN Scanner

This is a stealthy scan, similar to the SYN scan, but only sends a TCP FIN packet.
Most, but not all, computers will respond with a RST packet if they receive this information, so the FIN scan may produce false positives and negatives, but it may slip past certain IDS programmes and other countermeasures.

ACK Scan

Ack screening decides whether or not the port is screened.
This is particularly useful when trying to detect the presence of a firewall and its rulesets. Simple packet filtering will make existing connections (packets with the ACK bit set), but a more advanced stateful firewall does not.

NULL Scan

Another quite stealthy check that disables or nullifies all TCP header flags.
This is not a true packet in most cases, and certain hosts may not know what to do about it. Windows operating systems are included in this category, and scanning them with NULL scans would yield untrustworthy performance. However, for non-Windows servers that are covered by a firewall, this may be a workaround.

XMAS Scan

Similar to the NULL search, except that all of the TCP header flags are set to on.
Because of the way their TCP stack is implemented, Windows machines will not react to this. The term "Xmas search" refers to a collection of flags that are allowed within a packet. These scans are intended to exploit the TCP header's PSH, URG, and FIN flags.

RPC Scan

This form of scan searches for devices that respond to RPC (Remote Procedure Call) services.
In such cases, RPC, which allows remote commands to be run on the server, can be a risky operation. Since RPC services can operate on a variety of ports.

It is difficult to know which ones are operating RPC from a standard scan. If RPC is working, this scan will probe the open ports on a computer with commands to display the programme name and version. It's not a bad thing to run all of these scans on a regular basis just to see whether and when you have these services going.

IDLE Scan

The scan packets are bounced off an external host, making it a very stealthy process.
You may not need power over the other host, but it must be configured and follow those specifications. You must enter the IP address of our "zombie" host as well as the port code. It is one of the most contentious solutions in Nmap because it is actually only useful for malicious attacks.

Scan Techniques

Switch	Description	Example
-sS	TCP SYN port scan.	nmap -sS IP
-sT	TCP Connect port scan.	nmap -sT IP
-sU	UDP port scan.	nmap -sU IP
-sA	TCP ACK port scan.	nmap -sA IP

Host Discovery

Switch	Description	Example
-Pn	Only port scan.	nmap -Pn IP
-sn	Only host discovery.	nmap -sn IP
-PR	ARP discovery on local network.	nmap -PR IP
-n	Disable DNS resolution.	nmap -n IP

Port Specification

Switch	Description	Example
-p	Port or port range.	nmap -p 22-80 IP
-p-	Scan all ports.	nmap -p- IP
-F	Fast port scan. (top 100)	nmap -F IP

Service and Version Detection

Switch	Description	Example
-sV	Detect the version of services.	nmap -sV IP
-A	Enable OS detection,version detection,script scanning and traceroute.	nmap -A IP

OS Detection

Switch	Description	Example
-O	Identify OS using TCP/IP strack fingerprinting.	nmap -O IP

Timing and Performance

Switch	Description	Example
-T0	Paranoid IDS evasion.	nmap -T0 IP
-T1	IDS evasion.	nmap -T1 IP
-T2	IDS scan requires less bandwidth.	nmap -T2 IP
-T3	IDS Default Scan	nmap -T3 IP
-T4	IDS Scan requires fast network	nmap -T4 IP
-T5	IDS Scan requires massive network speed	nmap -T5 IP

NSE Scripts

Switch	Description	Example
-sC	Default script scan.	nmap -sC IP
--script banner	Just banner grabbing	nmap --script banner IP

Firewall / IDS Evasion

Switch	Description	Example
-f	fragmented IP packets for the packet filter invasion	nmap -f IP
-D	Decoy Scan for spoofing the IP's	nmap -D IP
-g	Use given source port number.	nmap -g 22 IP

Somwe of the Python Scripts adn the commands that is going to be very helpul in gettign the eraly recon for the programing geeks.

>>> import nmap
>>> nm = nmap.PortScanner()
>>> nm.scan('127.0.0.1', '22-443')
>>> nm.command_line()
'nmap -oX - -p 22-443 -sV 127.0.0.1'
>>> nm.scaninfo()
{'tcp': {'services': '22-443', 'method': 'connect'}}
>>> nm.all_hosts()
['127.0.0.1']
>>> nm['127.0.0.1'].hostname()
'localhost'
>>> nm['127.0.0.1'].state()
'up'
>>> nm['127.0.0.1'].all_protocols()
['tcp']
>>> nm['127.0.0.1']['tcp'].keys()
[80, 25, 443, 22, 111]
>>> nm['127.0.0.1'].has_tcp(22)
True
>>> nm['127.0.0.1'].has_tcp(23)
False
>>> nm['127.0.0.1']['tcp'][22]
{'state': 'open', 'reason': 'syn-ack', 'name': 'ssh'}
>>> nm['127.0.0.1'].tcp(22)
{'state': 'open', 'reason': 'syn-ack', 'name': 'ssh'}
>>> nm['127.0.0.1']['tcp'][22]['state']
'open'

>>> for host in nm.all_hosts():
>>>     print('----------------------------------------------------')
>>>     print('Host : %s (%s)' % (host, nm[host].hostname()))
>>>     print('State : %s' % nm[host].state())
>>>     for proto in nm[host].all_protocols():
>>>         print('----------')
>>>         print('Protocol : %s' % proto)
>>>
>>>         lport = nm[host][proto].keys()
>>>         lport.sort()
>>>         for port in lport:
>>>             print ('port : %s\tstate : %s' % (port, nm[host][proto][port]['state']))

Host : 127.0.0.1 (localhost)

State : up

Protocol : tcp
port : 22 state : open
port : 25 state : open
port : 80 state : open

for more refer to the NMAP Documentation.

Thank you all.
port : 111 state : open
port : 443 state : open

Cyber Security

vishwasnarayanre — Mon, 10 May 2021 22:23:35 +0000

First, I would say understand the seven layers of the Cyber security.

Now understand all the hardware and software and the ports just run on Operating System and have a specific driver and any set of the hardware's defined thus its hackable.

What is cyber security?

The practice of protecting computers, websites, mobile devices, electronic services, networks, and data against malware threats is known as cyber defense. It's sometimes referred to as information infrastructure protection or electronic data security. The concept is used in a number of ways, ranging from enterprise to mobile computing, and can be classified into a few general groups for the computer defence.

Computer defence(never go offensive), also known as cybersecurity or information technology security, is the safeguarding of computer systems and networks from information leakage, theft or harm to their devices, applications, or electronic records, as well as interruption or misdirection of the services they offer.

It's no surprise that online security breaches are becoming so common. Despite the fact that digital is pervading every aspect of our lives, most people are terrible at security. In a 2016 Pew Research poll on cybersecurity, the vast majority of online adults correctly answered just two of thirteen questions.
Let's do something about it by strengthening our own personal digital protections.While not to be confused with the internet, the word "cyberspace" refers to identities or incidents that occur during the contact process. Consider a website, which exists in CyberSpace as well.Interactions of others If you make a tweet, upload a photo, or share a message, all of these social experiences take place in Cyber Space, and this Cyber Space is evolving in seconds rather than minutes. Many of these activities are taking place "in cyberspace," not in their actual environments. You can see a picture below of different digital devices that are linked through the internet.The comoanies assets are on the internet.

I've made it a tradition over the last 2 years or so to do an annual audit of my personal digital security. Every year, I review all of my online activities for security risks and make a commitment to improve. As a product of the endeavor, these are the behaviors I employ for the search and bounty.

In general, I attempt to address these core questions:

What data is available about me, and where is it stored and what kind of a domain it?

Never say to a person where you have hosted your websites through always make sure to use a custom domain name certificate and also have a certified SSL for your websites.

What are the risks that I’m going to guard against (playing defensive against all the offenses) i.e. what is my Threat Model?

Please make sure that you have all the ethical aspects when you do the bounty or the cyberattack and also dont missuse your freedom.

What are the impacts to my privacy and also about my social presence?

You should be very carefull abut what is your social presence and also about all the aspects that you want to take care.

Network protection is the practise of defending a computer network against intruders, whether they be targeted attackers or opportunistic malware.

Application secutiry is concerned with keeping apps and computers safe from attacks. A hacked programme could allow access to the data it is supposed to secure. Protection starts in the design stage, well before a software or system is implemented.

Information protection safeguards the confidentiality and anonymity of data when it is in storage and transit.

The procedures and decisions for managing and maintaining computer properties are included in operational security. This includes the permissions that users have when connecting to a network as well as the procedures that govern how and where data can be accessed or exchanged.

Disaster recovery and business continuity describe how a company reacts to a cyber-security incident or some other situation that results in the loss of activities or records. Disaster recovery procedures govern how an organisation recovers its activities and records in order to resume operations at the same level as before the disaster.Business sustainability is the plan that a company uses when it is unable to function due to a lack of funding.

End-user education tackles the most unpredictability of cyber-security: individuals. By failing to observe sound security standards, someone may inadvertently inject a virus into an otherwise stable environment. Instructing users to remove questionable email attachments rather than inserting unknown plug-in.

Types of cyber threats and attacks that you might face
The threats countered by cyber-security are three-fold:
Today, the term is almost entirely used to refer to information security issues. We've taken to visualising the digital phenomena as a tangible one because it's difficult to imagine how digital signals flowing over a wire might reflect an assault.A cyber assault is an attack launched against us (or our digital devices) through cyberspace. Cyberspace, a non-existent cyber space, has become a term for understanding digital weaponry designed to threaten us.What is true, though, is the attacker's motive as well as the possible effect. While certain cyber attacks are minor annoyances, others are very serious, even endangering human lives.

Cyber attacks are a major concern. Cyber attacks will result in power outages, the loss of military facilities, and the disclosure of national security information. They will lead to the stealing of important and confidential data, such as medical information. They have the ability to interrupt phone and internet networks as well as paralyze devices, rendering data inaccessible. It is not an exaggeration to suggest that cyber attacks have the potential to disrupt the functioning of life as we know it.

Threats are now becoming more severe. According to Gartner, "cybersecurity risks pervade every organisation and aren't always directly under IT's control."Market executives are pushing forward with digital business plans, and those leaders are making technology-related risk decisions on a daily basis. Increased cyber vulnerability exists, but so do computer protection solutions.”

Virtually every cyber threat falls into one of these three modes. In terms of attack techniques, malicious actors have an abundance of options.

Actors in cyberspace : In cybersecurity, the "enemy" we may learn about is known as a "threat actor" - a concept that may apply to lone individuals, organised crime organisations, or whole entities attempting to compromise an individual's or organization's protection.

Cybercrime includes single threat actors or groups targeting systems (like DDOS) for financial gain or to cause disruption.
Cyber-attack often involves politically motivated information gathering and threats which can be like an apocalypse.
Cyberterrorism is predetermined to undermine electronic systems to cause panic or fear in the victim.

Cyber attacks may originate from a wide range of locations, individuals, and contexts. Among the malicious actors are:

Individuals that create attack vectors using their own software tools
Criminal organizations that are run like corporations, with large numbers of employees developing attack vectors and executing attacks

Nation states
Terrorists
Industrial spies
Organized crime groups
Unhappy insiders
Hackers
Business competitors

So, how do malicious actors gain control of computer systems? Here are some common methods used to threaten cyber-security:

Malware
Malware is short for malicious applications. Malware is software developed by a cybercriminal or intruder to disable or destroy a legitimate user's computer. It is one of the most popular cyber threats. Malware, which is often distributed through unsolicited email attachments or legitimate-looking downloads, can be used by cybercriminals to make money or in politically motivated cyber-attacks.

There are a number of different types of malware, including:

Virus : A software that binds itself to clean files and spreads within a computer system, infecting files with malicious code.
Trojans : Malware that behaves as legitimate apps. Cybercriminals deceive users into installing Trojans on their computers, which inflict harm or capture data.
Spyware : A software that secretly tracks what a user does in order for cybercriminals to use this material. Spyware, for example, may record credit card information.

Probably shoulder surfing and spoofing might also come uder this category.

Ransomware: Malware that encrypts a user's files and data and threatens to delete it until a ransom is paid.
Adware: Advertising tech that has the potential to distribute malware in the victims local system or the server.
Botnets : Malware-infected computer networks that cybercriminals use to execute activities online without the user's consent.

SQL injection

SQL (structured language query) injection is a method of cyber-attack used to gain access to and steal data from a database. Cybercriminals take advantage of flaws in data-driven applications to inject malicious code into a database with a malicious SQL comment. This grants them access to the database's classified details.

this attack is a fact that we still know how the computer or the server behaves.

Phishing

Phishing occurs as cybercriminals send emails that claim to be from a reputable organisation and request personal information from victims. Phishing attacks are often used to trick users into providing credit card information and other sensitive information.

Man-in-the-middle attack

A man-in-the-middle attack is a type of cyber threat in which a cybercriminal intercepts contact between two people in order to steal information. On an insecure WiFi network, for example, an attacker might intercept data passing between the victim's computer and the network.

Denial-of-service attack
A denial-of-service attack occurs as cybercriminals overload networks and servers with traffic in order to block a computer system from serving legitimate requests. This makes the machine inoperable and prevents an entity from performing critical functions.
and many more

Domains of Cyber Security
Below are the domains of Cybersecurity as a subject.

Access Control Systems and Methodology
Telecommunications and Network Security
Business Continuity Planning and Disaster Recovery Planning
Security Management Practices
Security Architecture and Models
Law, Investigation, and Ethics
Application and Systems Development Security
Cryptography
Computer Operations Security
Physical Security

Access Control Systems and Methodology:
The primary goal of Cyber Security is to safeguard your files. But, first, we'll learn more about Data and the different access control schemes and methodologies.
Six Dimensions of Data Quality Assessment :
A Data Quality(DQ) Dimension is a well-known concept that describes a data attribute that can be analysed or tested against predefined criteria in order to analyse data quality.
The six core data quality dimensions are:

Consistency
Completeness
Correctness
Accessibility
Timeliness
Accuracy

States of Data :
Understanding the various states of digital data will help you choose the various types of security measures and encryption methods to use on the data. In this section, we will look at three types of data states.

Data at rest/storage : Data at rest refers to data that has been stored on a physical medium or backup medium, such as hard drives or even cell devices. What distinguishes data at rest is that it is unused and is not actually being exchanged or stored.
Data in motion/transmission: The second data process has begun. Data in motion is actually being sent over a network or is sitting in a computer's RAM waiting to be read, modified, or interpreted. Emails or data shared through FTP or SSH are examples.
Data in process : The third step of data is in use or in operation. This data state is not passively stored on a storage medium. This is the data that one or more programmes are processing. This is the information that is currently being created, modified, appended, or deleted.

The third step of data is in use or in operation. This data state is not passively stored on a storage medium. This is the data that one or more programmes are processing. This is the information that is currently being created, modified, appended, or deleted.

Confidentiality :It guarantees that only approved parties have access to computer-related assets, also known as confidentiality or privacy.
Measures taken to discourage classified information from meeting the wrong persons and to ensure that only designated individuals have access to it.

Technique used is Encryption

Encryption to ensure Confidentiality:
If we choose to word “HELLO,” we can use cryptography to substitute each alphabet of HELLO with its neighbour alphabet, such as H replacing I, E replacing F, and so on, rendering the word meaningless. Then we decrypt using the same method as on the other hand.
Bitlocker is a disk/drive-level encryption. We cannot apply BitLocker on file.
The NTFS file system is used for Windows. EFS (Encrypted File System)-File Level Encryption is accessible. Right-click on the file and choose Properties (Compress the contents in blue color).

Features of EFS: There are two colors that show encryption and decryption.
Policies are at the heart of the whole operation. To hold a data backup. When an employee resigns, the corporation reformats the scheme, erasing the BitLocker keys and other data.

Types of Encryption

There are two top-level types of encryption. Symmetric and Asymmetric

Symmetric Encryption :
Encrypts and decrypts data with the same key.Consider using a desktop password manager. You enter your name, which is encrypted with your exclusive key. When it is time to recover the data, the same key is used, and the data is decrypted.
Asymmetric Encryption :
It employs a private key and a public key pair.
A single key will encrypt but not decrypt its own decrypted data. The paired key is needed to decrypt.

Asymmetric encryption is used for topics like HTTPS Transport Layer Security (TLS) and data signing.

Access Controls:
Access controls authenticate and authorize individuals to access the information they are allowed to see and use

Something you know — (you know passwords)
Something you are — (biometric scan)
Something you have — (ATM card)
Something you do — (signature style)

Integrity of Data :

Integrity : This ensures the properties can only be changed by registered parties and in approved ways. Ensures the material is in a format that is true and valid for the purposes for which it was created. It entails ensuring the quality, precision, and trustworthiness of data over the entire life cycle.
Hash is the technique used.

Hash: Hash Calculator that accepts a file as input and applies an algorithm to it. The object of hashing is to demonstrate that the original file has not been altered.
Let's look at a real-world example of hashing using the Microsoft File Checksum Integrity Verifier. You will have it from the internet.

Availability of Data :
It ensures the funds are available to approved parties at all times. High availability (99.9 percent) with a 0.1 percent error rate, and 99.999 uptime with a 0.0001 error rate when improved. It is carried out by techniques such as hardware repair, programme patching, and network optimization.
A Denial of Service Attack is a classic example of a malicious actor's lack of availability (DOS).

SLA : The Service Level Agreement is a legally binding contract. It is a contract between a service provider and a customer. Specific facets of service — such as consistency, affordability, and obligations — are settled upon between the service provider and the service consumer. If a service recipient should not accept files in a timely manner, the service provider is fined.

Before discussing the types of DOS attacks, let’s have a look at Ping Command.

Ping is a computer network management software utility that is used to measure a host's reachability on an Internet Protocol network. A quick way to see if a computer can connect with another computer or network system over the network.(available both in Windows anf Linux)
ping 127.0.0.1 (127.0.0.1 is a loopback address)
ping <any ip> is for any domain to be tested.

Types of DOS Attacks:
Will discuss a few of the DOS Attacks

Ping of Death
Ping of Flood
Smurf Attack
Fraggle Attack

Ping of Death:

A Ping of Death attack is a form of Denial of Service (DoS) attack in which the attacker sends a packet that is greater than the maximum allowed capacity, forcing the target computer to freeze or crash.

Ping of Flood:

Ping flood, also known as ICMP flood, is a popular Denial of Service (DoS) attack in which an attacker overwhelms a victim's device with ICMP echo requests, also known as pings. As an example, consider the Education Board's website.

Fraggle Attack :
A Fraggle attack is a form of DOS attack in which the attacker sends a large amount of spoofed UDP traffic to a network router's broadcast address.

Note:

"Bugs and Viruses play a majour role in destoying the software thus some first found were."

On September 9, 1947 CE, the world's first computer bug was discovered. On September 9, 1947, a team of computer scientists at Harvard University announced the world's first computer bug—a moth stuck in their computer.

The first computer virus, known as the "Creeper Virus," was discovered in 1971. The virus was finally removed by a machine known as "The Reaper," although it is important to remember that the Reaper was also a virus.

TeleCommunications and Network Security:

The focus is on messaging, protocols, and network facilities, as well as the possible flaws involved with each. It refers to the procedures and policies put in place to deter and track unauthorised access and abuse of a computer network and its infrastructure.

Protocols:
Network Protocols are a series of rules that regulate the exchanging of information in a simple, dependable, and protected manner. There are three kinds of network protocols, as mentioned below:

TCP/IP
OSI Model
CISCO Hierarchical Model
TCP/IP VS OSI Model

The two most popular network protocols are TCP/IP and the OSI model. The primary distinction between them TCP/IP is a functional model used for forming a stable link and communicating over a network, while OSI is a logical model.

Hierarchical Model of Cisco:
Cisco has developed a three-layered hierarchical architecture for creating a dependable infrastructure. Each of the layers has its own functionality and features, which aids in the reduction of network complexity.

Access Layer : Control network resource access for users and workgroups. Layer 2 switches are usually used in this layer.
Distribution Layer : It acts as a bridge between the entry layer and the main layer. This layer is usually made up of multilayer switches.
Core Layer : This layer, also known as the Backbone layer, is in charge of easily moving large volumes of traffic. Planning for the Unexpected: Contingency Planning : IR(Incident Response)-There are several tears, so the first move is to identify, contain, investigate (forensics), execute the remedy, and register (document) DR(Disaster Recovery) : Floods and earthquakes are examples of high-level problems that cause significant damage. BCP(Business Continuity Planning) : When all is lost in a storm, how will the company continue? Laws, Investigations, and Ethics.

Law, Investigation, and Ethics is one of the most intriguing defence realms. As the name suggests, this security domain addresses the legal aspects of information security.Cryptography is a form of encryption.

Cryptography, or data coding, is one of the most commonly used authentication methods today. The Cryptography security domain is intended to teach you how and when to use encryption.
What’s next?

This article was written to provide you with a short overview and how-to guide for Cyber Security Fundamentals. Feel free to play around with it ethically.

Latest cyber threats

What are the most recent cyber attacks that people and companies must be aware of? Here are some of the most recent cyber attacks identified by the governments of the United Kingdom, the United States, and Australia.

Hijack of Telegram
Telegram has a critical flaw that allows hackers to spread cryptojacking malware.
Hackers gained access to Telegram's email details and messenger of some of the top cryptocurrency companies. The hackers, according to rumours at the time, used Signaling System 7 (SS7), which is used to link mobile networks all over the world.

According to cybersecurity analysts, the hackers were searching for two-factor authentication (2FA) login information from the server.

They took over the network's short message services centre (SMSC) and used it to send calls for location alerts to over 20 high-profile victims.

The attackers carried out the assault in order to obtain cryptocurrencies. It is a frequent attack in the crypto space, but victims are still unsure how to defend their networks from such attacks.

However, with blockchain technologies at work, it appears that the crypto world has superior authentication mechanisms than using call or SMS-based 2FA.

Cybersecurity researchers believe that protocols such as SS7 can not be used by telecom experts because they lack the necessary security standards to guard against advanced attacks in the modern era.

Dridex malware
The US Department of Justice (DoJ) indicted the leader of an organised cyber-criminal organisation in December 2019 for their role in a multinational Dridex ransomware attack. This malicious campaign had a global impact on the public, economy, infrastructure, and industry.

Dridex is a financial trojan with many capabilities. It has been infecting machines via phishing emails or existing malware since 2014. It has incurred huge financial damages amounting to hundreds of millions of dollars by stealing passwords, banking records, and personal data that can be used in illegal transactions.

In reaction to the Dridex threats, the United Kingdom's National Cyber Security Centre urges the public to "ensure that computers are patched, anti-virus software is turned on and up to date, and files are backed up."

Romance scams

In February 2020, the FBI sent a warning to U.S. people about trust theft perpetrated by cybercriminals using dating forums, chat rooms, and applications. Perpetrators prey on individuals looking for new relationships, duping victims into disclosing sensitive information.

According to the FBI, romance cyber attacks targeted 114 victims in New Mexico in 2019, resulting in $1.6 million in financial losses.

Emotet malware
The Australian Cyber Security Centre sent an alert to national entities in late 2019 about a pervasive global cyber threat posed by Emotet malware.

Emotet is a complex trojan that has the ability to harvest data as well as load other malware. Emotet thrives on simple passwords, serving as a reminder of the value of having a safe password to protect against cyber attacks.

Sopra Steria Attack

On October 20, Sopra Steria, a French IT service provider, was targeted by a ransomware attack by a new version of the Ryuk ransomware, which was previously unknown to cybersecurity providers.

Sopra Steria stated after the attack that the attack infected a portion of its IT architecture. According to the firm, the data breach caused no harm or leakage of consumer data.

When it comes to ransomware threats, Ryuk is one of the most potent in this day and era. The ransomware has infiltrated high-profile companies such as Prosegur, a Spanish logistics firm, and EWA, a US defence contractor.

End-user protection
End-user safety, also known as endpoint defence, is a critical component of cyber security. After all, it is frequently a person (the end-user) that unintentionally downloads ransomware or some kind of cyber threat to their desktop, laptop, or mobile device.

But, how can cyber-security safeguards safeguard end users and systems? To begin, cryptographic protocols are used to encrypt emails, directories, and other sensitive data in cyber-security. This not only safeguards information in transit, but also prevents it from destruction or fraud.

Furthermore, end-user protection programme checks machines for malicious malware, quarantines it, and then deletes it from the system. Security programmes can also identify and delete malicious code concealed in the Master Boot Record (MBR) and are programmed to encrypt or erase data from the hard drive of a device.

Real-time intrusion prevention is also a subject of electronic security protocols. Many people use heuristic and behavioural analysis to track a program's and its code's actions in order to protect against viruses or Trojans that change form with each execution (polymorphic and metamorphic malware).Security programmes can isolate potentially malicious programmes in a virtual bubble isolated from the user's network in order to observe their actions and learn how to spot new pathogens more effectively.

As cyber-security experts discover emerging risks and ways to fight them, security programmes begin to develop new protections. Employees must be trained about how to use end-user security tools in order to get the best out of it. Importantly, keeping it going and upgrading it on a regular basis means that it will protect consumers from the most recent cyber attacks.

Cyber safety tips - safeguard yourself from cyber-attacks
How will companies and individuals protect themselves from cyber threats? Here are our top cyber safety tips:

Update your software and operating system, you benefit from the latest security patches updates from the company that has given the software, One of the safest ways to defend your devices from any hacking attempt is to keep your system informed on a daily basis. The majority of attacks occur as hackers discover a security flaw or loophole that they can manipulate. However, with routine patches, those bugs will be eliminated. It is best to run programme upgrades for your device as soon as they become usable.
Use anti-virus software, security solutions like Kaspersky Total Security will detect and removes threats. Keep your software updated for the best level of protection.
Use strong passwords, ensure your passwords are not easily guessable and make sure that you regularly change the software every fiscal time(change every 90 days recommended).
Do not open email attachments from unknown senders: These could be infected with malware, or just can be a phishing mail to gather all your information. Do not click on links in emails from unknown senders or unfamiliar website,
Avoid using unsecure Wi-Fi networks in public places like hotels and malls etc,Unsecure networks leave you vulnerable to man-in-the-middle attacks.
If your archives or records are corrupted and stolen, a previous backup of those files will assist in fully restoring them. It is important to backup the data and archive it in a reliable cloud storage service or on an external hard drive. As a result, if a file is lost due to a hacking event or system corruption, you will copy those data again.

The methods mentioned above are some of the most powerful ways to defend your device from malware intrusion or attack.

happy learning folks thank you.

Reason to learn docker as a web developer

vishwasnarayanre — Mon, 10 May 2021 20:30:30 +0000

Reason to learn docker as a web developer

Portability

You can create a docker image with the files and the configurations, share it in the docker hub and then share it so that you have the same infrastructure is the same.

Even in terms of the developer environment for the local testing and also in deploying it on the different cloud platform.

Reusability

Similar to being portable they can be configured for the future projects. You can have a very general Virtual Host for the deployment of the websites you can set certain flags and switches for the deployment.

Better understanding of the infrastructure

MERN stack, WAMP stack and a lot of the other Infrastructure for the projects in windows will be un understood as we have an GUI as way to communicate with the system but while developing the Dockerfile you can learn a lot about the file system of the stack basically you can use ubuntu for the development locally and testing it locally but you can get the actual knowledge about the software/technology file system through docker only.

Backups

In docker we can have different mount points in the container and endpoints can be defined in the Dockerfile,which is certain file system entry points where the files live in the host system and also in the volumized containers. (you will learn these exclusively in the docker compose).

you can copy and detach those mount points and put them from one container to another container.

You can copy a file to the WORKDIR mentioned by the user and then use it as a mount point and then detach and use it as folder in the other container.

docker volumes comes after the docker compose thus make sure that you are following me for the updates.

and obviously for

Isolation

Isolation in web development is very important for example shared hosting, a lot of the projects have a shared hosting sometimes a project might require a different version of the software dependency, with the docker image you are isolated to that container that you are using thus you can change the image as required by you and you can deploy it later.(lets say JDK version ,alpine version and so on).

Thank you all.

docker and java

vishwasnarayanre — Mon, 10 May 2021 19:06:13 +0000

First thing you need is a java -JRE,JDK installed on to your system with the docker installed with all the additional kernels like Hyper-V or the WSL2 installed on to the system.

First let's start by writing java programing language code.

class HelloWorld {
    public static void main(String[] args) {
        System.out.println("Hello docker world!"); 
    }
}

To test that whether your program is working proper run and execute the program save the program as firstprogram.java

and use the command javac firstprogram.java

then you will find the output

So now in order to run the program through the docker container we need to have the JDK installed on to the Docker image thus we can go to the docker hub and get the current version of the JDK on to your Docker image.

https://hub.docker.com/_/openjdk/

This is the link that I have listed above.

you can also go to the github repository and also see the offical images that you might be able to use.

https://github.com/docker-library

Now lets start creating the docker file

Open Dockerfile and start the code

#alpine will be the base os or the webserver that we will be working on
FROM alpine will be working on
WORKDIR /root/program1
COPY firstprogram.java /root/program1

#Install JDK
#to add the openjdk8 for the environment
RUN apk add openjdk8 
ENV JAVA_HOME /usr/lib/jvm/java-1.9-openjdk
ENV PATH $PATH:$JAVA_HOME/bin

#for running the java porogram
RUN javac firstprogram.java

ENTRYPOINT java firstprogram

then you can build by using the following command

docker run -t javafirstprogram .

then you can run the program by typing in the command

docker run javafirstprogram

then you will find the same output.

Thus, you have learnt to get the java program up and running.

Thank you

Learn python the effective way from anywhere

vishwasnarayanre — Sun, 09 May 2021 09:32:34 +0000

Learn how to use Python professionally, like Python 2 and Python 3!
Python can be used to create games such as Tic Tac Toe and Blackjack!(for the basics)/take some
Discover advanced Python features such as the collections module and working(even make a chance and a move to learn some more about the other frameworks)

Classes will teach you how to use Object Oriented Programming!
Understand diverse subjects, such as decorators.

Learn how to use Jupyter Notebook and how to create.py scripts.
Learn how to build graphical user interfaces (GUIs) in the Jupyter Notebook framework!
Develop a thorough understanding of Python from the ground up!

Why python?

Python is a dynamically semantic object-oriented and high-level programming language.
It has high-level data structures, dynamic typing, dynamic linking, and other functionality that make it useful for developing complex applications.
Although Guido Van Rossum created Python in the late 1980s, its implementation began in December 1989.
It is an open-source language that has achieved popularity.It is an open-source language that has recently gained attention due to its use in data science.

It provides a plethora of well-equipped libraries and frameworks that allow developers to easily create concrete applications.

Why use python?

Python is used to create desktop graphical user interface (GUI) programmes, blogs, and web applications.

It frees up programmers' time to work on the application's core features by handling routine programming activities.

It has been the most sought-after programming language for developers operating in the fields of Artificial Intelligence, Data Science, Machine Learning, Software Development, and Data Mining. It is also used as a scripting language for web applications.

Python is used by many programmers for a variety of projects, like designing learning algorithms, constructing websites, refining data algorithms, and locating data analytics solutions.

Needless to mention, if you are a developer, Python must be available to you.

Learn as a sole warrior

Start learning alone,Understanding the fundamentals of Python would help you in the long run.
It would be easier for you to grasp more complex ideas if you have a stronger understanding of the basics.
If you've mastered the fundamentals of Python, you'll be able to confidently move on to learning data structures and algorithms. About the fact that Python is a high-level language that allows you to perform complicated functions, it is simple to learn and understand.
It has a simple syntax and is therefore appropriate for both novice and advanced programmers.

Python will seem difficult at first if you are a complete novice. All you have to remember is that everybody begins at the same moment.

You can do it if you are careful!.

Since you have a clear grasp of the basics of Python, the next step is to PRACTICE!

It is important to code every day in order to learn Python. It will ensure continuity and will assist you in becoming acquainted with Python.

Learning Python is all about being able to solve a programming challenge with a computer as the solution.

Training can introduce you to a variety of challenges and applications while still honing your problem-solving abilities.

To learn Python programming, there are various online tools available, such as tutorials.

For so many options online, it can be daunting for a novice to find a good tutorial.

So, how are you going to choose the resource?

So... Choose the one that piques your curiosity and is highly recommended by the programming community.

You can also look at different books and projects that are available online, as well as participate in others.

Contributing to open-source code is an excellent way to gain useful knowledge.

The source code of software is made freely accessible through the open-source model, and everyone can contribute to it.

It is also a perfect way to engage with people who have common interests and to teach new concepts to the programming world.

Interacting and collaborating with others on a common forum would also allow you to learn new ideas from those involved.

When you examine the source code, you will study how things work, draw your own conclusions, and experiment by analyzing the codes of others.

also, my tip is to run the learning is try seeing some bugs which was reported in the repository that I have listed below.

Also try doing a project and then the only key note is to practice a lot ,do a lot of practice for the development and tinker with the other frameworks by looking at their documentation.

Tools you need for making your own Linux distribution.

vishwasnarayanre — Sun, 09 May 2021 09:09:32 +0000

You need have your own Linux Distibution then know these tools so that you can build your own Linux Distibution for your own purpose that you need example hacking,pentesting and so on.

Thus, you can use these following tools.

Virtual Box

You can install an Virtual box and then go and get the OS installed on to the virtual box as a OVA file and also change it and then publish as your own Custom OS which is one of the best technique that you can adopt to build your own distribution.

Linux Respin:

Linux Respin is an offshoot of the now-defunct Remastersys. Remastersys was once one of the most common tools for creating your own Linux distro and/or a backup of your operating system. Linux Respin does not deliver as much as Remastersys used to, but it still does a fine job if you choose a distro for which it is available, Linux Respin is only available for Debian, Mint, and Trisquel, which limits its appeal. What I don't like about this tool is that it has almost no documentation.

Linux Live Kit:

The Linux Live Kit is a tool for creating your own distros and backing up your system. It prefers Debian, but it can run on other distributions as well, as long as they support the aufs and squashfs kernel modules. The Linux Live Kit has a very simple wizard for building a distro – just follow the steps and you're done.

Linux from Scratch:

Linux from Scratch is a project that teaches Linux from the ground up. LFS has extensive documentation and is an excellent resource for learning about Linux in general, not just how to create your own distro. Linux from Scratch allows you to create your own customized Linux system from scratch. LFS is not a tool like the others on this list, but it can be used for the same purpose – to create your own Linux distro (and to test it).

Live Magic:

Live Magic is yet another Debian tool for creating distributions. It can burn CDs, USB drives, and netboot images. It is much easier to use than some of the other apps on this list, such as Remastersys, but it does not build the image using your running system. Instead, use a wizard to guide you through the process of configuring your system. The programme will download the packages from your repositories and install them in your system.

Revisor:

Revisor supports the creation of Installation Media for permanent installation of the distribution on a computer, live media for booting and using the distribution without making permanent changes to the computer, virtualization media for use in virtual guests in Xen or KVM, and utility media for data recovery or dealing with problems in the operating system.

Customizer:

Customizer is no longer in active development, but that is because its developer considers it stable. It is yet another tool for remixing Ubuntu, but it also supports its various flavours, such as Xubuntu and Kubuntu.

The host system under which you are using it, however, must have the same release number and architecture as the guest system you are remixing.

These tools for making your own custom Linux distribution should be useful. Their level of complexity (and power) varies, but we've tried to include both simple apps and apps with more power. See our guides on how to repair a corrupted USB drive in Linux and how to instal for more Linux tips. Arch Linux uses deb packages.

Ubuntu Imager:

Ubuntu Imager is a useful tool for creating your own Ubuntu-based distribution. It's not the only such app for Ubuntu, but because it's a good one, I've included it on this list. I'm not going to go over it in detail because we already have a very detailed how-to with installation and operation instructions.

Thus these are the list of the tools that we can use for making your own Linux image ,do just try making them by using these software's if you have any doubts do connect with me through my twitter thus we can work on the queries on using these tools and building os.

nodejs and docker

vishwasnarayanre — Sun, 09 May 2021 07:48:35 +0000

If you've ever created something that needs to 'live' somewhere other than your local machine, you know that getting an application up and running on a different machine is no easy task.There are numerous considerations to be made, ranging from the fundamentals of "how do I get my environment variables set" to which runtimes you'll require and which dependencies those will require, not to mention the need to automate the process. It is simply no longer feasible for software teams to rely on a manual deployment process.A number of technologies have attempted to address the issue of varying environments, automation, and deployment configuration, but Docker is the most well-known and perhaps most notable attempt in recent years.

A variety of innovations have attempted to solve the problem of differing environments, automation, and deployment setup, but Docker is the most well-known and perhaps most notable recent attempt.

System implementation in a Rapid scale
Cross-machine portability and reliablity
Part reuse and version control
Docker Images and Dockerfiles can be shared.
Minimal overhead with a small footprint
Maintenance is made easier.

In 2009, Node.js was first published. Big companies like Paypal, Netflix, eBay, and LinkedIn, to name a few, have used it for high-traffic web applications. It has undoubtedly been put to the test over the last ten years and has proved its worth. It also fits well with a large team, such as Spotify. At Spotify, it was used by 90 teams and 600 developers.With high scalability in mind, using Docker and Kubernetes to scale the framework horizontally becomes even simpler. High scalability is achieved by combining Docker and Node.js.

You have some experience with Node.js (express js or any other framework)
You've worked with Docker before (local development, production environments preferred)
I'm using Docker version 20.10.6, and docker-compose version 1.29.1, and I'm hoping you're using similar models.

The goal of this article is to tell you how to get a Node.js application into a Docker container. The article aims for development, and not for a production deployment.

Let's Create a simple website: Write this as the app.js in your editor.

const express = require('express');

// Constants
const PORT = 8080;
const HOST = '0.0.0.0';

// App
const app = express();
app.get('/', (req, res) => {
  res.send('Hello from Docker!');
});

app.listen(PORT, HOST);
console.log(`Running on http://${HOST}:${PORT}`);

So now when you have app.js write the package.json file that describes your app dependencies that has all the things that was defined for the project that we have built.

{
  "name": "docker_web_app",
  "version": "1.0.0",
  "description": "Node.js on Docker",
  "author": "First Last <first.last@example.com>",
  "main": "app.js",
  "scripts": {
    "start": "node server.js"
  },
  "dependencies": {
    "express": "^4.16.1"
  }
}

Run npm instal with your new package.json file. If you're using npm version 11 or later, a package-lock.json file will be created and copied to your Docker image.

Creatign the Docker File

the most important step

In your favourite text editor, open the Dockerfile.

The first step is to determine what picture we want to build from. We'll use the most recent LTS (long-term support) 14 or any version avaialble in docke of node avaialbe during that time, which can be found on the Docker Hub:

FROM node:<version avaialble in docker>

but you can also use the version 14 of the node

FROM node:14

Then, we'll make a directory within the picture to contain the programme code; this will be the application's working directory:

# Create app directory
WORKDIR /usr/src/app

Since this docker image already has Node.js and NPM enabled, the next step is to use the npm binary to instal the app's dependencies.

# Install app dependencies
# A wildcard is used to ensure both package.json AND package-lock.json are copied
# where available (npm@5+)
COPY package*.json ./

RUN npm install
# If you are building your code for production
# RUN npm ci --only=production

It's worth noting that we're just copying the package.json format, rather than the whole working directory. This enables us to use Docker layers that have been cached. Here's a good explanation from bitJudo. In addition, the npm ci order, which is mentioned in the comments, aids in providing quicker, more stable, and repeatable builds for production environments. More information on this can be found here.

To include your app's source code in the Docker image, follow these steps.

# Bundle app source
COPY . .

Since your software is bound to port 8080, you'll use the EXPOSE instruction to make the docker daemon map it:

#we expose the 8080 port from the localhost system
EXPOSE 8080

We use CMD to describe the command that will be used to run your programme. To launch your server, we'll use node server.js:

_Remember : _ We need to learn that CMD command can only be used once if even you try to use it many times the Docker will command to execute the one that is listed in the end/last of the Docker file.

CMD [ "node", "server.js" ]

The entire docker file is given here.

FROM node:14

# Create app directory
WORKDIR /usr/src/app

# Install app dependencies
# A wildcard is used to ensure both package.json AND package-lock.json are copied
# where available (npm@5+)
COPY package*.json ./

RUN npm install
# If you are building your code for production
# RUN npm ci --only=production

# Bundle app source
COPY . .

EXPOSE 8080
CMD [ "node", "server.js" ]

Thus you are ready to build it thus use the command

docker run -t [name]:tag

you will have the docker image and you can still run it with the docker run command.

docker tag [source] <your username>/node-web-app
its better that you tag it with the above format.

docker run -p 4000:8080 -d <your repo username>/node-web-app

When you run your picture with the -d option, the container is removed and runs in the background. The -p flag redirects a public port inside the container to a private port(that you want to run the application. Run the picture you created previously:

geting the information for the application.

docker logs <container id>

The output:

Example

Running on http://localhost:8080

and now when you type docker ps

you will find the container running thus you can use the curl in linux and also in windows and type

curl -i localhost:4000

then the output is as given below.

Thank you.