Keeping Docker afloat - Best practices for patching and deprecating images

Intro One of the biggest benefits of Docker images is their immutability. Once they’re built, they don’t change. Built once, would work forever… That’s how nightmares of security guys starts 🤣 We have then two contradictory concepts: flowchart LR id1(Keep it stable) <---> id2(Keep is up to date and secure) For day to day work, usually first concept wins. You want your builds stable and try to avoid tempting distractions of upgrading log4j to latest version… Who knows what might break....

2024-02-09 · 7 min · timor
[Photo by Markus Winkler from Pexels](https://www.pexels.com/photo/wood-dirty-rope-door-3828944/)

Creating fully encrypted ZFS pool

What I want to do? I use my pool to securely store backups, archive my old documents and keep huge family’s photo library. I have new disks. They were tortured with badblocks, so they’re ready to create ZFS pool. I’ve read few documents about different approaches 1 2 3. I wanted to be sure if anything changed during past years. One of articles recommends mirroring over RAIDZ. Resilvering is faster, at the same time putting IO less stress on whole pool....

2021-11-22 · 5 min · timor

Bezpieczeństwo aplikacji webowych

Bezpieczeństwo aplikacji webowychAuthors: Michał Bentkowski, Gynvael Coldwind, Artur Czyż, Rafał Janicki, Jarosław Kamiński, Adrian Michalczyk, Mateusz Niezabitowski, Marcin Piosek, Michał Sajdak, Grzegorz Trawiński, Bohdan Widła ksiazka.sekurak.pl

2019-10-04 · 1 min · timor


DevOpsŚwiatowej klasy zwinność, niezawodność i bezpieczeństwo w Twojej organizacji Authors: Gene Kim, Patrick Debois, John Willis, Jez Humble, John Allspaw helion.pl

2019-10-04 · 1 min · timor

Broń matematycznej zagłady

Broń matematycznej zagładyJak algorytmy zwiększają nierówności i zagrażają demokracji Author: Cathy O'Neil helion.pl

2018-03-22 · 1 min · timor

Cisza w sieci

Cisza w sieciAuthor: Michał Zalewski helion.pl

2018-02-23 · 1 min · timor

Black Hat Python

Black Hat PythonJęzyk Python dla hakerów i pentesterów Author: Justin Seitz amazon.plempik.comhelion.pl

2017-05-22 · 1 min · timor

Sztuka podstępu

Sztuka podstępuŁamałem ludzi, nie hasła Authors: Kevin Mitnick, William L. Simon helion.pl

2016-02-10 · 1 min · timor

Prepare for DoS like Cloudflare do

I watched nice presentation about how Cloudflare protects itself against DoS. Most of us are not able to do that exactly like them but some of tips were general enough to be used on typical web front server. I took notes from this presentation and presented here. Thanks to Marek agreement I also reposted all examples (in easier to copy paste way). Howto prepare against ACK/FIN/RST/X-mas flood Use conntrack rule:...

2016-02-05 · 4 min · timor

Let’s Encrypt - without auto configuration

From the first moment I heard about Let’s Encrypt I liked it and wanted to use it as fast as possible. But the more I read how they want to implement it, the more I dislike it. Current project with automatic configuration is not what I want to use at all. I have many very complicated configs and I do not trust such tools enough to use them. I like UNIX’s single purpose principle, tools should do one thing and do it well - nothing more....

2016-01-04 · 1 min · timor