aelius

Injurati-va pe PM. Merci,

Salut, Daca te ajuta cu ceva: Sunt zener acele diode. (mai exact, nu au ca scop redresarea unei tensiuni). Ele sunt puse intre plus si minus pentru a stabiliza tensiunile la un anumit prag. (in cazul in care aceste valori sunt depasite). In diagrama mica (cea cu dioda) este specificat faptul ca sunt diode stabilizatoare de 5,1 Volti. Desigur, trebuie respectata polaritatea. R1 + R2 sunt pentru caderea de tensiune. BZX79C5V1, Zener Diode, 5.1V 500mW / abatere (toleranta): 5%

Au fost mitinguri anti taxe. Rezultatul a fost zero. Au fost mitinguri anti guvern. Rezultatul a fost zero. Atata timp cat nu intereseaza pe nimeni iar Romanul revoltat arata cam asa, nu o sa se schimbe nimic. Lasa sa vina razboiul, il astept demult. Vreau sa trag pe roata niste politicieni.

Eu am avut .org cu page rank 6 si iesa foarte bine pe cautari pe o nisa pe care e batalie mai mare ca pe poker. Nu cred ca conteaza prea mult daca e .net, .org, .com (Sa nu fie extensie pe tara totusi). Cred ca totul se rezuma la de cat de bun esti in seo, ce continut ai si link-urile de calitate catre tine.

There are many things to consider when securing a web application but a definite "quick win" is to start taking advantage of the security HTTP response headers that are supported in most modern browser. It doesn't matter which development platform you use to build your application, these headers will make a notable difference for the security of your website anyway! The screenshot shows what the security headers look like. The security headers are included in the web server's response to a browser — instructing the browser to enable (or disable) certain security features. They're invisible to the user, but you can have look at them with tools such as Fiddler or the developer tools that are built into the major browsers. In IE or Chrome press F12, in Opera (Ctrl+Shift+i), in Firefox (Ctrl+Shift+k), for Safari have a look here to enable the developer tools. A great thing about these response headers is that they're very easy to get started with. In many cases you might not even have to change a single line of code in your application as you can set the headers either through your application's configuration, or they can likely be set by whatever web server you use. If you're building ASP.NET applications I would like to point you to NWebsec, an ASP.NET security library that lets you easily configure these headers for your application. Go and have a look at the documentation, it explains how you can configure the headers through web.config. Don't worry, if you're the MVC kind of person you can use filter attributes instead. You'll find the library on NuGet so you'll be up and running in a matter of minutes! Disclaimer: I built it, so I think it's pretty cool. A quick note: Last year, I gave a lightning talk at the ROOTs conference about the role browsers play for your online security. There I also discussed security headers. Slides and video are online if you want to check them out: "The browser - your best friend and worst enemy" (slides / video). Now let's have a look at the headers and how they can improve the security of your website. The security headers Here's the security headers that are supported by some or all of the major browsers at the time of writing. - X-Frame-Options - Strict-Transport-Security - X-Content-Type-Options - X-Download-Options - X-XSS-Protection - X-Content-Security-Policy / X-Content-Security-Policy-Report-Only - X-WebKit-CSP / X-WebKit-CSP-Report-Only We'll have a look at each header and discuss their merits. I've included some important references for each header so you can study them in more detail if you'd like. To remove any doubt that these headers help prevent attacks that are both real and practical, I've also included some videos showing how some of the attacks work. Read more: Security through HTTP response headers

Ma intreb cum convertesti tu 12vcc in 110 sau 220vca cu ajutorul unui transformator, tinand cont ca transformatoarele functioneaza numai cu tensiune alternativa. De asemenea, te rugam sa acorzi atentie la data la care a fost facut un thread sau cand s-a vorbit ultima oara in el.

Nu ne bagam peste deciziile moderatorilor/adminilor sa scoatem banuri fara un motiv bine intemeiat. Sa nu aveti obiectii de facut si sa nu se supere omul ce v-a dat ban, va propun altceva. Va scot banurile si aveti 5 zile timp sa puneti fiecare cate 10 stiri bune de securitate sau cate 5 tutoriale (photoshop, windows, linux, php, python ... sau orice altceva tehnic si de calitate) Ati calcat pe bec si ati luat ban. Cred ca si ceilalti mods/admins sunt de acord sa va scoatem banurile dar sa prestati ceva munca pentru comunitate Daca incalcati intelegerea, aveti ban permanent de la mine, si va adaug la usere un sufix cu "_Labar". Nu incercati sa ma furati la cantar. Usere: - askwrite - Cifre - Byte-ul Deal ?! Au fost de acord toti. In cateva minute o sa fie banurile scoase. Deci aveti timp 5 zile. ---------------------------- edit - 02.03.2014 Thread-uri facute de Byte-ul https://rstforums.com/forum/82145-boeing-launches-ultra-secure-black-smartphone-has-self-destruct-feature.rst https://rstforums.com/forum/82147-chameleon-virus-spreads-across-wifi-access-points-like-common-cold.rst https://rstforums.com/forum/82159-optic-nerve-nsa-hacked-into-webcam-millions-yahoo-users-private-images.rst https://rstforums.com/forum/82162-dissecting-newest-ie10-0-day-exploit-cve-2014-0322-a.rst https://rstforums.com/forum/82173-yahoo-vulnerability-allows-hacker-delete-1-5-million-records-database.rst https://rstforums.com/forum/82200-hackercare-aims-hack-healthcare-startups.rst https://rstforums.com/forum/82201-auroracoin-airdrop-approaches-iceland-adopts-cryptocurrency.rst https://rstforums.com/forum/82199-amex-debuts-its-most-mobile-integrated-rewards-focused-credit-card.rst Threaduri facute de Cifre https://rstforums.com/forum/82136-fortress-may-first-public-company-own-millions-dollars-bitcoins-disclose.rst https://rstforums.com/forum/82137-mt-gox-files-bankruptcy-claims-63-6m-debt.rst https://rstforums.com/forum/82144-how-use-twitter-bootstrap-create-responsive-website-design.rst https://rstforums.com/forum/82151-how-create-windows-store-app-using-html-javascript.rst https://rstforums.com/forum/82187-creating-new-google-play-multi-level-navigation-scratch.rst https://rstforums.com/forum/82188-how-encrypt-custom-configuration-section-asp-net.rst Threaduri facute de askwrite https://rstforums.com/forum/82134-photoshop-cum-sa-faci-un-logo-sigla.rst https://rstforums.com/forum/82138-photoshop-dispersion-effect-smoke-cs7.rst https://rstforums.com/forum/82139-photoshop-cum-sa-faci-un-banner-web-animat.rst https://rstforums.com/forum/82140-photoshop-soft-focus-effect.rst https://rstforums.com/forum/82142-photoshop-glowing-line-effect.rst askwrite pare ca ne-a cam furat la cantar cu deal-ul. Cifre si Byte-ul chiar au postat baietii. // edit: Puteti continua baieti. Daca mai faceti si voi ocazional cate un post de calitate oamenii vor tine cont de ele. Asta e ideea unei comunitati.

Cablul de antena este coaxial si are 75 ohmi. Cablul pentru antenele wireless are de regula o impedanta de 50 de ohmi si lucreaza in frecvente foarte mari. Iti recomand sa folosesti cablu standard de extensie pentru wireless.

Folosesc des un adaptor usb to serial pentru a ma conecta pe diverse echipamente. Dupa update-ul la Mavericks, am constatat ca nu ma mai pot conecta. Cam aceiasi problema a fost si la Lion. macbook ~$ cd Work/ macbook Work$ curl -o osx-pl2303.kext.tgz http://www.xbsd.nl/pub/osx-pl2303.kext.tgz % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 52512 100 52512 0 0 177k 0 --:--:-- --:--:-- --:--:-- 178k macbook Work$ tar zxvf osx-pl2303.kext.tgz x osx-pl2303.kext/ x osx-pl2303.kext/Contents/ x osx-pl2303.kext/Contents/Info.plist x osx-pl2303.kext/Contents/MacOS/ x osx-pl2303.kext/Contents/Resources/ x osx-pl2303.kext/Contents/Resources/COPYING x osx-pl2303.kext/Contents/Resources/English.lproj/ x osx-pl2303.kext/Contents/Resources/English.lproj/InfoPlist.strings x osx-pl2303.kext/Contents/MacOS/osx-pl2303 macbook Work$ cd osx-pl2303.kext macbook osx-pl2303.kext$ ls Contents macbook osx-pl2303.kext$ cd .. macbook Work$ sudo cp -R osx-pl2303.kext /System/Library/Extensions/ Password: macbook Work$ sudo chmod -R 755 /System/Library/Extensions/osx-pl2303.kext/ macbook Work$ sudo chown -R root:wheel /System/Library/Extensions/osx-pl2303.kext/ macbook Work$ sudo kextload /System/Library/Extensions/osx-pl2303.kext macbook Work$ sudo kextcache -system-cache macbook Work$ kextstat|grep 2303 138 0 0xffffff7f820ee000 0xb000 0xb000 nl.bjaelectronics.driver.PL2303 (1.0.0d1) <110 36 5 4 3> Functioneaza perfect driverul. Sursa: xbsd.nl - PL2303 Serial USB on OSX Lion

Salut, Uitandu-ma la adresa ta ip, nu cred ca ai vreo sansa. Se foloseste squid/proxy local, sunt filtre, etc. De ce vrei sa faci asta ?

Nu am patit chestii de genul dar banuiesc ca se intampla ocazional din cauza unui echipament prost configurat la ISP. (cei la care este serverul dedicat cu RST-ul) Am folosit cateva luni bune ceva echipamente de la Fortinet si se intampla des sa fie blocati clientii legitimi (cand era prea mare queue-ul, la atacuri sau pur si simplu considera el ca sunt pachete invalide). Chestia cu anuntatul adresei ip ca blackhole in sesiunile externe BGP imi pare lame rau. Asta nu e filtrare. Poti spune ca ISP-ul iti face denial of service catre tot ce nu e in tara.

Decand o fi gura langa vagin nu am idee Mai continua legea oricum, era "fara acordul acesteia"

Dupa mine, nu as tine cont de vreo regula scrisa. Ma enerveaza la culme cei cu root0 uid0 eth0 si porcarii de genul. In rest, intrebarile diverse, chiar daca par putin cretine, nu ma deranjaza. Chiar si o idee cretina se poate materializa in ceva ok (care la inceput pare cretina)

Just two days before Apple has disclosed a critical Security flaw in the SSL implementation on the iOS software that would allow man-in-the-middle attacks to intercept the SSL data by spoofing SSL servers. Dubbed as CVE-2014-1266, the so-called ‘goto fail;’ vulnerability in which the secure transport failed to validate the authenticity of the connection has left millions of Apple users vulnerable to Hackers and Spy Agencies, especially like the NSA. Last Friday, Apple had also released updated version iOS 7.0.6 to patch the vulnerability, which was first discovered in Apple's iOS Devices, but later company had acknowledged its presence in Mac OSX also, that could allow hackers to intercept email and other communications that are meant to be encrypted in iPhone, iPad and Mac computer. Affected versions include iOS up to version 7.0.5 and OS X before 10.9.2. Security Researchers confirmed, 'Nearly all encrypted traffic, including usernames, passwords, and even Apple app updates can be captured.' with man-in-the-middle attack. Apple Vulnerability and NSA I am sure; you still remember the NSA's DROPOUTJEEP Hacking Tool, implant for Apple iOS devices that allows the NSA to remotely control and monitor nearly all the features of an iPhone, including text messages, Geo-Location, microphone and the Camera. DROPOUTJEEP program was developed in 2008 to conduct espionage on iPhone users, which was revealed by the documents provided by Edward Snowden a month ago. "The initial release of DROPOUTJEEP will focus on installing the implant via close access methods." document reads. According to the vulnerability details published by a Google's Security Researcher 'Adam Langley', a basic mistake in a line of the SSL Encryption code almost screwed up the iOS SSL certificate verification process with an open invitation for the NSA's Prying Eyes. "This sort of subtle bug deep in the code is a nightmare," Adam Langley said on his blog, "I believe that it's just a mistake, and I feel very bad for whoever might have slipped in an editor and created it." Security researchers, Jacob Applebaum said last December, "Either the NSA has a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves." Although, those old techniques are no longer in circulation, but the NSA has a track record of continually evading the privacy of users by exploiting vulnerabilities in various softwares and obviously NSA's capabilities have improved significantly in the past five years. In the DROPOUTJEEP document, the NSA also admitted, 'A remote installation capability will be pursued for a future release.' That means, it's practically possible that the NSA had already discovered this iOS SSL flaw in an effort to hack iPhone users' remotely by sniffing data and spoofing them to install malware. An Unanswered Question 'Was the Apple intentionally injected backdoors for NSA or the flaw was an accident???' If it was an accident, then Apple would have been able to release patches for both iOS and Mac OS X at the same time, instead of releasing the patches for both, it silently released a fix for iOS devices on Friday night, but when the cryptographers and security experts began criticizing the company for leaving OS X without the patch, they finally acknowledged Mac OS X too; But it's the 4th day after disclosure and no patch yet has been released for Mac OS X. Also, Apple contacted CVE (Common Vulnerabilities and Errors database) on 8th January 2014 to reserve the bug number CVE 2014-1266 for the SSL vulnerability and later they have released updated iOS 7.1, which was also vulnerable to the flaw that Apple had already discovered. However, Apple categorically denied working with the NSA on a backdoor after it was accused last December of creating a way for the US intelligence agency NSA to access contacts and other data in iPhones. On Dec. 31, Apple spokesperson released a statement saying: In 2013, The US Department of Defense passed Apple's iOS 6 for the Government use, that means if the NSA was aware of this flaw, they didn't seem to have informed them. To Check, whether your web browser is vulnerable to SSL flaw, Click here and to be safe, you are recommended to use an alternate web browser, rather than Safari web browser and avoid using public and unsecured networks. UPDATE: Apple has finally today releases Mac OS X 10.9.2, which includes a fix for a major SSL security flaw and bringing with it a number of "improvements to the stability, compatibility and security of your Mac." Source: Apple's SSL Vulnerability might allow NSA to hack iOS Devices Remotely - The Hacker News ---- Nota: "Security Researchers confirmed, 'Nearly all encrypted traffic, including usernames, passwords, and even Apple app updates can be captured.' with man-in-the-middle attack." Sa fim seriosi, in Franta au redirectat google si i-au pus un certificat manarit pentru a snifa utilizatorii. Sunt scule hardware pentru interceptare la nivel de isp de cel putin 8 ani. Da chiar au luat-o razna toti cu NSA-ul ...

31 este numar prim; 531 nu este

mareste si txqueuelen pe interfata de retea ifconfig eth0 |grep txqueuelen ifconfig eth0 txqueuelen 5000 Hai ca deschidem un thread deseara despre posibilitatile de filtrare cu iptables, ipfilter, packet filter. Cred ca or sa fie mai multi interesati. Ideea e ca odata ajunse conexiunile sa fie procesate de aplicatii, este prea tarziu (atacul si-a atins scopul)

InnoDB este row-level locking. La aplicatiile intensive, MyISAM produce incarcarea serverelor.

@gogusan: Merci pentru post. Nu utilizez protectia dos din nginx pentru ca filtrez inainte cu iptables. Nu vreau sa filtrez pachetele la nivelul ala si prefer ca pachetele sa nu fie acceptate de server. multi_accept on; # nu este ok pentru ca se produce aglomerare. 4x64000 -> este setat foarte mare pentru a fi sigur ca imi sunt acceptate toate conexiunile (de asemenea, in sysctl sunt valori f. mari) 5 core -> aici nu inteleg, nu exista five core

"Windows Server vine preinstalat pe mai mult de 50% din noile servere cumparate." - Poate Supermicro ceva (nu stiu exact). La HP, DELL nu e nimic instalat pe ele. De acord, furnizorii hardware incearca sa vanda cat mai multe odata cu un server (licente os, licenta ilo, etc ...). In aproximativ 5 ani de dat servere dedicate, doar doi clienti au inchiriat servere cu windows (unul un DL380 si altul un DL580). Windows server nu are cum sa dispara, cel putin nu vad cum. Fiecare OS este cu scopul lui. In orice caz, au si ei solutii foarte decente si stabile: Hyper V, Microsoft Exchange Server. Nu sunt cu solutiile windows, dar astea doua chiar sunt reusite. Imi mai place windows mobile. Este foarte fluid si stabil fata de Android. Gresala microsoft-ului este ca nu sunt apropiati de developeri si majoritatea aplicatiilor sunt closed-source.

Man, @Undeath ce ti-a facut ? Si cam ce vrei sa-i facem lui Nemessis ? Nu cumva vrei sa-i dam si ban lui Nytro pe forumul lui ?

Vezi bre @IMAGINARY, astazi te vaitai ca o muiere in calduri pe threadul ala cu abuzurile moderatorilor. Sincer, omul ala a facut filelistul si ne folosim toti de munca lui. Chiar daca nu ai account acolo, respecta munca oamenilor. Nu va place cand va vorbim urat dar dati cu nuca-n perete pe orice thread.

Nu am asa incredere in benchmark-uri. Am incercat direct pe servere aflate in productie cu aplicatii web intensive. Se vedea clar la diferenta de incarcare cat si la numarul de procese aflate in waiting pe mysql (inainte si dupa) Sunt curios pe MyISAM cum se comporta, cam pe toate serverele testate se folosea InnoDB.

Daca utilizati SSD-uri, este o idee buna sa inlocuiti MySQL cu Percona. Veti fi uimit de castigul de performanta. Chiar si cu HDD-uri obisnuite, o sa aveti un castig de 10-30 % in performanta. Adaugam repo-urile in '/etc/apt/sources.list' echo "deb http://repo.percona.com/apt wheezy main" >> /etc/apt/sources.list echo "deb-src http://repo.percona.com/apt wheezy main" >> /etc/apt/sources.list Adaugam key-ul pentru apt apt-key adv --keyserver keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A Facem un apt-get update pentru o lista cu pachetele actualizate apt-get update Instalam percona server, percona client si common files (fisiere de configuratie, etc) apt-get install percona-server-common-5.5 percona-server-client-5.5 percona-server-server-5.5 Un config se poate vedea aici # File '/etc/mysql/my.cnf' [client] port = 3306 socket = /var/run/mysqld/mysqld.sock [mysqld_safe] socket = /var/run/mysqld/mysqld.sock nice = 0 [mysqld] user = mysql pid-file = /var/run/mysqld/mysqld.pid socket = /var/run/mysqld/mysqld.sock port = 3306 basedir = /usr datadir = /var/lib/mysql tmpdir = /run/shm lc-messages-dir = /usr/share/mysql skip-external-locking bind-address = 127.0.0.1 key_buffer = 600M max_allowed_packet = 1200M open_files_limit = 4096 thread_stack = 192K thread_cache_size = 8 myisam-recover = BACKUP max_connections = 1000 max_user_connections = 100 table_cache = 512 thread_concurrency = 2 query_cache_limit = 128M query_cache_size = 16M log_slow_queries = /var/log/mysql/mysql-slow.log long_query_time = 2 expire_logs_days = 10 max_binlog_size = 100M [mysqldump] quick quote-names max_allowed_packet = 1200M [mysql] [isamchk] key_buffer = 16M # # * IMPORTANT: Additional settings that can override those from this file! # The files must end with '.cnf', otherwise they'll be ignored. # !includedir /etc/mysql/conf.d/ Nota: configul este doar ca exemplu, nu-i dati copy/paste in sistemele voastre fara sa stiti cu exactitate ce fac acele variabile. Ele sunt calculate in in functie de resurse si aplicatii. Pagina oficiala percona: http://www.percona.com/ Documentatie: http://www.percona.com/docs/wiki/

Ideea de a folosi nginx cu ssl ca frontend pentru apache cred ca este foarte buna din urmatoarele motive: - Se comporta ca un tcp offloader oferind ceva protectie extra pentru webserver (in caz de atacuri http(s)) - Scade timpul de acces pe site (spre diferenta de apache simplu cu SSL) vhost config server { listen 188.240.88.4:443; server_name rstcenter.com www.rstcenter.com; keepalive_timeout 60; ssl on; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers aRSA:!eNULL:!EXP:!LOW:-RC4:-3DES:!SEED:!MD5:!kPSK:!kSRP:-kRSA:@STRENGTH:AES128-SHA:DES-CBC3-SHA:RC4-SHA; ssl_prefer_server_ciphers on; ssl_session_cache shared:TLSSL:30m; ssl_session_timeout 10m; ssl_certificate /etc/nginx/ssl/rstcenter.com.combined.crt; ssl_certificate_key /etc/nginx/ssl/rstcenter.com.key; more_set_headers "X-Secure-Connection: true"; add_header Strict-Transport-Security max-age=3456000; location / { proxy_pass http://127.0.0.1:1234; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; } Un nginx.conf se poate vedea aici (nu este cel default) user www-data; worker_processes 4; worker_priority -1; pid /var/run/nginx.pid; worker_rlimit_nofile 640000; worker_cpu_affinity 0001 0010 0100 1000; events { worker_connections 64000; } http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 20; keepalive_requests 10000; types_hash_max_size 2048; client_max_body_size 128M; client_body_buffer_size 128k; connection_pool_size 8192; request_pool_size 8k; server_names_hash_bucket_size 2048; server_tokens off; resolver 127.0.0.1; resolver_timeout 2s; reset_timedout_connection on; more_set_headers "Server: Apache"; more_set_headers "X-XSS-Protection: 1; mode=block"; more_set_headers "X-Frame-Options: sameorigin"; more_set_headers "X-Content-Type-Options: nosniff"; open_file_cache max=147000 inactive=30s; open_file_cache_valid 60s; open_file_cache_min_uses 2; open_file_cache_errors on; include /etc/nginx/mime.types; default_type application/octet-stream; access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; gzip on; gzip_static on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_buffers 16 8k; gzip_min_length 500; gzip_http_version 1.0; gzip_types text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript text/plain; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } Note: - Nginx este instalat pe Debian (pachetul este 'nginx-extras') - Apache il rulez listat pe 127.0.0.1 port 1234 - Certificatul site-ului (CRT-ul) este concatenat din crt-ul domeniului + certificatul intermediar

Ca sa-si dea seama ca e prost, trebuie totusi sa-i mearga mintea. Nu ?