19 Nisan 2018 Perşembe

Security Auditing with InSpec

InSpec is a tool from CHEF. With InSpec you can ,

  • Audit Policies
  • Check security requirements
  • Conduct compliance checks

InSpec can be installed on Linux, Mac or Windows. InSpec rules are written in ruby files.

I will give you some examples from the github repo about this amazing tool.



describe package('telnetd') do
  it { should_not be_installed }
end

describe inetd_conf do
  its("telnet") { should eq nil }
end


This rule will check the system against the installation of telnet and disallow this insecure service.

To run inspec save the above code snippet to a test.rb fie and in the command prompt run the following command to conduct the test.


inspec exec test.rb
you can also test this requirements against to remote systems.

on your linux servers using ssh ,

inspec exec test.rb -t ssh://user@hostname

or on windows through WinRM

inspec exec test.rb -t winrm://Administrator@windowshost --password 'your-password'

if you are familiar with CHEF compliance check, you can also make compliance check with the following syntax


  inspec compliance SUBCOMMAND ...   # Chef Compliance commands



For example this code uses the sshd_config resource to ensure that only enterprise-compliant ciphers are used for SSH servers.

describe sshd_config do
  its('Ciphers') { should cmp('chacha20-poly1305@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr') }
end

You can see detailed tutorials in the following link 





Gönderen zaman: Hiç yorum yok:
Etiketler: , , , ,

13 Nisan 2018 Cuma

Moodle Quiz Activity with 500 Concurrent User

We have experienced a Quiz Activity with 500 concurrent user and i want share this experience with you. Because these insights are really valuable for system administrators, that i could not find any suggestion before this Quiz Activity.  Let me write the details about the system and the quiz activity.
We have installed moodle on a virtual machine VMWare with the following configuration.

We set the vm cpu to 16 shared vcpu,  and 24GB shared RAM
Running Centos 7.0 Minimal with php5.X, apache and mariadb with 700 max_connection setting.
Quiz activity with 20 Question and 30 Minute timespan and 17 Minute attempt time limit. 2 Question per page. Question order and choices were shuffled. Auto submit open attempt setting was on.




CPU and RAM usage was crucial for us. We see maximum 12 GB ram usage which is roughly 1 GB per 50 User
We see %95 CPU usage when the quiz started.

Before quiz started i stopped cron jobs and automated course backups.


Gönderen zaman: Hiç yorum yok:
Etiketler: , , , ,
Kaydol: Kayıtlar (Atom)

İzleyiciler