Showing posts from January, 2018

How is Docker different from a normal virtual machine?

Docker isn't a virtualization methodology. It relies on other tools that actually implement container-based virtualization or operating system level virtualization. For that, Docker was initially using LXC driver, then moved to libcontainer which is now renamed as runc. Docker primarily focuses on automating the deployment of applications inside application containers. Application containers are designed to package and run a single service, whereas system containers are designed to run multiple processes, like virtual machines. So, Docker is considered as a container management or application deployment tool on containerized systems. In order to know how it is different from other virtualizations, let's go through virtualization and its types. Then, it would be easier to understand what's the difference there. Virtualization In its conceived form, it was considered a method of logically dividing mainframes to allow multiple applications to run simultaneously. Howeve

Security is a Process, not a Product


The Process of Security by Bruce Schneier

SIEM - Activating Defense through Response by Ankur Vats

Application Level Denial of Service – A Comprehensive Guide

Denial of Service attacks that bring down popular websites often involve thousands of hacked consumer devices and servers. While these attacks mainly aim to overwhelm the target system with traffic, in order to deny service to legitimate users, bugs at the Application Layer (Layer 7 in the OSI model) can have the same effect. Application Level Denial of Service (L7 DoS) errors are often tough to identify and sometimes even tougher to prevent. This guide aims to highlight the different techniques that will help you find out what to look for and where DoS conditions may occur. Table of Content Random Access Memory (RAM) Recursion Recursive File Inclusion Zip Bombs Billion Laughs Attack Tricking an Application Into Allocating a Huge Amount of Memory Deserialization Vulnerabilities Manipulating File Headers to Allocate Large Memory Chunks Other Reading Infinite Data Streams Central Processing Unit (CPU) Recursion reDoS SQL Injection Wildcard A