Amazon Kinesis와 Amazon Athena를 활용한 VPC 네트워크 트래픽의 분석과 시각화

2019-02-14 KENNETH 0

Amazon Kinesis와 Amazon Athena를 활용한 VPC 네트워크 트래픽의 분석과 시각화 네트워크 로그 분석은 많은 조직에서 일반적으로 수행하는 작업 중 하나입니다.  네트워크 로그를 캡처 및 분석하면 네트워크상의 디바이스가 어떻게 서로간에 그리고 인터넷과 통신하는지를 알 수 있습니다.  조직은 감사 및 규정 준수, 시스템 문제 해결 또는 보안 포렌직 등 다양한 이유로 인해 로그 분석을 수행합니다. Amazon Virtual Private Cloud(VPC)에서는 VPC Flow Logs를 통해 네트워크 플로우를 캡처할 수 있습니다. 플로우 로그는 VPC, 서브넷 또는 네트워크 인터페이스에 대해 생성될 수 있습니다.  서브넷 또는 VPC에 대한 플로우 로그를 생성하는 경우, VPC 또는 서브넷의 각 네트워크 인터페이스가 모니터링됩니다. 플로우 로그 데이터는 Amazon CloudWatch Logs의 로그 그룹에 게시되며, 각 네트워크 인터페이스는 고유의 로그 스트림을 가지게 됩니다. CloudWatch Logs는 로그 데이터에 대한 통찰을 얻기 위한 뛰어난 도구를 제공합니다.  그러나 대부분의 경우 고객은 로그 데이터를 S3에 아카이브하고 SQL을 사용하여 이러한 정보를 쿼리하고자 할 것입니다.  이 방식은 로그 보존 및 [ more… ]

No Image

USN-3890-1: Django vulnerability

2019-02-13 KENNETH 0

USN-3890-1: Django vulnerability python-django vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Django could be made to consume resources if it received specially crafted network traffic. Software Description python-django – High-level Python web development framework Details It was discovered that Django incorrectly handled formatting certain numbers. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 python-django – 1:1.11.15-1ubuntu1.2 python3-django – 1:1.11.15-1ubuntu1.2 Ubuntu 18.04 LTS python-django – 1:1.11.11-1ubuntu1.3 python3-django – 1:1.11.11-1ubuntu1.3 Ubuntu 16.04 LTS python-django – 1.8.7-1ubuntu5.8 python3-django – 1.8.7-1ubuntu5.8 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the [ more… ]

No Image

USN-3889-1: WebKitGTK+ vulnerabilities

2019-02-13 KENNETH 0

USN-3889-1: WebKitGTK+ vulnerabilities webkit2gtk vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Summary Several security issues were fixed in WebKitGTK+. Software Description webkit2gtk – Web content engine library for GTK+ Details A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 libjavascriptcoregtk-4.0-18 – 2.22.6-0ubuntu0.18.10.1 libwebkit2gtk-4.0-37 – 2.22.6-0ubuntu0.18.10.1 Ubuntu 18.04 LTS libjavascriptcoregtk-4.0-18 – 2.22.6-0ubuntu0.18.04.1 libwebkit2gtk-4.0-37 – 2.22.6-0ubuntu0.18.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. This update uses a new upstream release, [ more… ]

No Image

RHSA-2019:0309-2: Critical: chromium-browser security update

2019-02-13 KENNETH 0

RHSA-2019:0309-2: Critical: chromium-browser security update Red Hat Enterprise Linux: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2019-5754, CVE-2019-5755, CVE-2019-5756, CVE-2019-5757, CVE-2019-5758, CVE-2019-5759, CVE-2019-5760, CVE-2019-5761, CVE-2019-5762, CVE-2019-5763, CVE-2019-5764, CVE-2019-5765, CVE-2019-5766, CVE-2019-5767, CVE-2019-5768, CVE-2019-5769, CVE-2019-5770, CVE-2019-5771, CVE-2019-5772, CVE-2019-5773, CVE-2019-5774, CVE-2019-5775, CVE-2019-5776, CVE-2019-5777, CVE-2019-5778, CVE-2019-5779, CVE-2019-5780, CVE-2019-5781, CVE-2019-5782 Source: RHSA-2019:0309-2: Critical: chromium-browser security update

No Image

Announcing Windows Server vNext Insider Preview Build 18334

2019-02-13 KENNETH 0

Announcing Windows Server vNext Insider Preview Build 18334 Hello Windows Insiders! Today we are pleased to release a new Insider build of the Windows Server VNext Semi-Annual Channel release. What’s New Server Core App Compatibility feature on demand (FOD) The Server Core App Compatibility FOD was new in Windows Server 2019 and Windows Server, version 1809.  We are continuing investment in the App Compatibility FOD based on customer and Insider feedback. New in this Insider release for App Compatibility FOD: Task Scheduler (Taskschd.msc) Please try it and let us know!  More to come… Available Content Windows Server vNext Semi-Annual Preview The Server Core Edition is available in the 18 supported Server languages in ISO format and in English only in VHDX format. Windows Server Core App Compatibility FoD Preview Windows Server Language Packs Windows Admin Center 1812 The following keys [ more… ]