[월:] 2021년 08월

Amazon VPC에서 OpenVPN Access Server 설정

2021-08-25 KENNETH 0

Amazon VPC에서 OpenVPN Access Server 설정 AWS에서 더 많은 워크로드를 처리하게 되면 인터넷에 공개적으로 서비스를 노출하지 않고 프라이빗 콘텐츠를 제공해야 하는 경우가 발생합니다. 예를 들어 직원용 내부 포털은 일반적으로 프라이빗 네트워크를 통해서만 액세스할 수 있어야 합니다. 이에 대한 일반적인 솔루션은 사용자가 회사 리소스가 호스팅되는 프라이빗 네트워크에 모바일 디바이스 또는 노트북을 직접 연결할 수 있도록 하는 원격 액세스 가상 사설 네트워크(VPN)를 설정하는 것입니다. OpenVPN Technologies, Inc.의 OpenVPN Access Server는 오픈 소스 OpenVPN 서버 기능과 추가 기능을 통합하여 완전한 기능을 갖춘 SSL VPN 소프트웨어 솔루션입니다. 이러한 기능에는 기존의 PKI(공개 키 인프라) 없이 사용자 인증서와 키를 손쉽게 발급할 수 있는 간소화된 관리 웹 인터페이스와 자동화된 인증서 관리 기능이 포함됩니다. 이 블로그 게시물에서는 AWS Marketplace에서 OpenVPN Access Server 리스팅을 찾아 Amazon VPC를 사용하여 배포하는 방법과 몇 가지 기본 기능을 테스트하는 방법을 살펴봅니다. AWS Marketplace에서 OpenVPN Access Server 시작하기 먼저 AWS 관리 콘솔에 로그인하고 AWS [ more… ]

No Image

Free Minecraft: Emerald Tycoon map now available

2021-08-25 KENNETH 0

Free Minecraft: Emerald Tycoon map now available The Minecraft team asked its friends at Razzleberries and GameMode One to create maps specifically for the mobile version of Minecraft, and available for all Bedrock players. The first map is now available for free in Minecraft Marketplace. In Minecraft: Emerald Tycoon by Razzleberries, you’ll find different stations that generate emeralds. As you progress, you’ll be able to upgrade both the function and look of the stations. You can also unlock new biomes as well as challenging themed areas. Head over to Minecraft.net to find out more. Source: Free Minecraft: Emerald Tycoon map now available

No Image

A New, Open Source Modern Apps Reference Architecture, Ready for You to Steal!

2021-08-25 KENNETH 0

A New, Open Source Modern Apps Reference Architecture, Ready for You to Steal! At NGINX we’ve been talking for the last several years about the need to make applications truly modern and adaptive – portable, cloud native, resilient, scalable, and easy to update. More recently, two concepts have come to the fore that facilitate the creation and delivery of modern apps. The first is Platform Ops, where a corporate‑level platform team curates, maintains, connects, and secures all the tools that development and DevOps teams need to do their jobs. The second is shifting left, which means integrating production‑grade security, networking, and monitoring into applications during earlier stages of the development lifecycle. Developers end up with more responsibility for functions that used to belong to ITOps, but at the same time have more choices and more independence in exactly how they implement [ more… ]

No Image

USN-5051-1: OpenSSL vulnerabilities

2021-08-25 KENNETH 0

USN-5051-1: OpenSSL vulnerabilities John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2 data. A remote attacker could use this issue to cause applications using OpenSSL to crash, resulting in a denial of service, or possibly change application behaviour. (CVE-2021-3711) Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2021-3712) Source: USN-5051-1: OpenSSL vulnerabilities

No Image

USN-5050-1: Linux kernel vulnerabilities

2021-08-24 KENNETH 0

USN-5050-1: Linux kernel vulnerabilities It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129) Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-28691) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI [ more… ]