Amazon Route 53와 AWS Shield를 통한 DDoS 공격 위험 줄이기

2017-01-12 KENNETH 0

Amazon Route 53와 AWS Shield를 통한 DDoS 공격 위험 줄이기 지난 2016 년 10월말에 주요 DNS 공급자가 서비스 거부 공격(DDoS)으로 인한 대규모 사이버 공격 표적이되었습니다. 수천 만개의 IP 주소에서 대량 DNS 조회를 일으켜 공격함으로서 많은 인터넷 사이트 및 서비스에 대해 북미 및 유럽 사용자 접속이 불가능했습니다. 프린터, 카메라, 홈 네트워크 게이트웨이, 모니터 등 다양한 사물 인터넷(IoT) 장치로 구성된 봇넷을 사용하여 이러한 분산 서비스 거부 공격이 실행된 것으로 알려져 있습니다. 이러한 기기는 Mirai 악성 코드에 감염되어, 초당 수백 기가 바이트의 트래픽을 생성했습니다. 많은 기업 네트워크 등은 이러한 규모의 공격을 흡수 할만한 용량을 가지고 있지 않습니다. 이러한 다양한 공격 유형 DDoS 시도에 대해 보다 탄력 있고 빠른 복원력을 가진 시스템을 구축 할 수 있도록 하기 위한 권장 사항 및 모범 사례에 대한 고객의 요구가 많았습니다. 이를 위한 자료로는 “DDoS 복원력을 위한 AWS 모범 사례” 백서, Amazon Route 53 및 AWS Shield 를 [ more… ]

Building Your API for Longevity, Part 2: Best Practices

2017-01-12 KENNETH 0

Building Your API for Longevity, Part 2: Best Practices td { padding-right: 10px; } This post explains how to build an effective API. Once it’s ready, you need to make it accessible to your users. NGINX and NGINX Plus are frequently used as an API gateway. For more information, check out these resources: The announcement for NGINX Plus R10, which includes support for the use of JSON Web Tokens (JWTs, or “jots”) for authentication A description of how to implement API authentication with JWTs from our own Liam Crilly A video describing how Adobe powers its API gateway with NGINX This post is adapted from a presentation delivered at nginx.conf 2016 by Mike Stowe of MuleSoft. This second part focuses on best practices. The first part discusses spec‑driven API development. You can view a recording of the complete presentation on YouTube.   Part [ more… ]

No Image

Halo Wars 2 Blitz Beta available Jan. 20

2017-01-12 KENNETH 0

Halo Wars 2 Blitz Beta available Jan. 20 Last June, we invited our fan community to jump in and get hands-on with a slice of Halo Wars 2 with our first multiplayer beta. We received a tremendous amount of valuable feedback on both the technical and gameplay side that has helped the team continue to refine and improve the overall Halo Wars 2 experience as we march towards launch on Feb. 21, 2017. I’m happy to announce one more opportunity to get hands-on with Halo Wars 2 and ask for your participation in one final large-scale multiplayer beta. This time around the focus will be exclusively on our brand-new, card-based game mode, Blitz, and it’ll be available on both Windows 10 PC and Xbox One beginning Jan. 20, 2017. Blitz is our new twist on RTS gameplay that combines the [ more… ]

No Image

Join us on Feb 8th for Windows Developer Day – Creators Update livestream

2017-01-12 KENNETH 0

Join us on Feb 8th for Windows Developer Day – Creators Update livestream On February 8, we’ll be livestreaming a Windows Developer Day, which will outline what’s new for developers in the Windows 10 Creators Update. Whether you’re building for the web or UWP, the latest consumer app or line of business tool, there’s something in it for you. RSVP on the Windows Developer Day site to be the first to know as we share more details in the coming weeks. Join Kevin Gallo and the Windows engineering team, as they talk through how the latest advances in Windows 10 APIs and tooling enable you to build great things: What’s new with Windows developer tooling: UWP tooling, BASH, Developer mode, and more Learn about the latest XAML advancements, and how UWP helps you build Windows apps that are more personal [ more… ]

No Image

USN-3171-1: LibVNCServer vulnerabilities

2017-01-12 KENNETH 0

USN-3171-1: LibVNCServer vulnerabilities Ubuntu Security Notice USN-3171-1 11th January, 2017 libvncserver vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in LibVNCServer. Software description libvncserver – vnc server library Details Josef Gajdusek discovered that the LibVNCServer client library incorrectlyhandled certain FrameBufferUpdate messages. If a user were tricked intoconnecting to a malicious server, an attacker could use this issue to causea denial of service, or possibly execute arbitrary code. (CVE-2016-9941,CVE-2016-9942) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: libvncserver1 0.9.10+dfsg-3ubuntu0.16.10.1 libvncclient1 0.9.10+dfsg-3ubuntu0.16.10.1 Ubuntu 16.04 LTS: libvncserver1 0.9.10+dfsg-3ubuntu0.16.04.1 libvncclient1 0.9.10+dfsg-3ubuntu0.16.04.1 Ubuntu 14.04 LTS: libvncserver0 0.9.9+dfsg-1ubuntu1.2 Ubuntu 12.04 LTS: libvncserver0 0.9.8.2-2ubuntu1.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a [ more… ]