Agile Software Development
A Guide to Understanding SSL Certificates
SEO and PERFORMANCE
excl.gif No Active Links, Read the Rules – Edit by Ninja excl.gif
Google is clearly the best general-purpose search engine on the Web (see www.pcmag.com/searchengines
But most people don’t use it to its best advantage. Do you just plug in a keyword or two and hope for the best? That may be the quickest way to search, but with more than 3 billion pages in Google’s index, it’s still a struggle to pare results to a manageable number.
But Google is an remarkably powerful tool that can ease and enhance your Internet exploration. Google’s search options go beyond simple keywords, the Web, and even its own programmers. Let’s look at some of Google’s lesser-known options.
Syntax Search Tricks
Using a special syntax is a way to tell Google that you want to restrict your searches to certain elements or characteristics of Web pages. Google has a fairly complete list of its syntax elements at
. Here are some advanced operators that can help narrow down your search results.
Intitle: at the beginning of a query word or phrase (intitle:”Three Blind Mice”) restricts your search results to just the titles of Web pages.
Intext: does the opposite of intitle:, searching only the body text, ignoring titles, links, and so forth. Intext: is perfect when what you’re searching for might commonly appear in URLs. If you’re looking for the term HTML, for example, and you don’t want to get results such as
, you can enter intext:html.
Link: lets you see which pages are linking to your Web page or to another page you’re interested in. For example, try typing in
Try using site: (which restricts results to top-level domains) with intitle: to find certain types of pages. For example, get scholarly pages about Mark Twain by searching for intitle:”Mark Twain”site:edu. Experiment with mixing various elements; you’ll develop several strategies for finding the stuff you want more effectively. The site: command is very helpful as an alternative to the mediocre search engines built into many sites.
Swiss Army Google
Google has a number of services that can help you accomplish tasks you may never have thought to use Google for. For example, the new calculator feature
lets you do both math and a variety of conversions from the search box. For extra fun, try the query “Answer to life the universe and everything.”
Let Google help you figure out whether you’ve got the right spelling—and the right word—for your search. Enter a misspelled word or phrase into the query box (try “thre blund mise”) and Google may suggest a proper spelling. This doesn’t always succeed; it works best when the word you’re searching for can be found in a dictionary. Once you search for a properly spelled word, look at the results page, which repeats your query. (If you’re searching for “three blind mice,” underneath the search window will appear a statement such as Searched the web for “three blind mice.”) You’ll discover that you can click on each word in your search phrase and get a definition from a dictionary.
Suppose you want to contact someone and don’t have his phone number handy. Google can help you with that, too. Just enter a name, city, and state. (The city is optional, but you must enter a state.) If a phone number matches the listing, you’ll see it at the top of the search results along with a map link to the address. If you’d rather restrict your results, use rphonebook: for residential listings or bphonebook: for business listings. If you’d rather use a search form for business phone listings, try Yellow Search
Oline Portal for Bangalore and Karnataka People n
Splunk (the product) captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.
Splunk aims to make machine data accessible across an organization and identifies data patterns, provides metrics, diagnoses problems and provides intelligence for business operation. Splunk is a horizontal technology used for application management, security and compliance, as well as business and web analytics.Splunk has over 7,900 customers worldwide.
Graylog2 + Elasticsearch + MongoDB
based on elastic search and Open Source. Graylog2 has powerful real-time text-based search, basic analytics, dashboards, and flexible alerts. Graylog2 is under heavy development. Graylog2 is Java. Both are no real equivalent to SPLUNK, SPLUNK is multiple years ahead, but it’s possible that these tools are also meet your requirement. Graylog2 is an open source log management system. It’s built with Ruby on Rails and MongoDB and uses its own JSON-based log format called GELF (Graylog Extended Log Format).
Apache Flume + Elastic Search + Apache Lucene
Cloudera CTO Jeff Hammerbacher suggests using Apache Flume, an open source log aggregation tool, and Elastic Search, an open source search system based on Apache Lucene, to create an open source log file search system
Fluentd + Elasticsearch + Kibana
Elasticsearch is an open source search engine known for its ease of use.
Kibana is an open source Web UI that makes Elasticsearch user friendly for marketers, engineers and data scientists alike.
Fluentd is an open source data collector, which lets you unify the data collection and consumption for a better use and understanding of data.
By combining these three tools (Fluentd + Elasticsearch + Kibana) we get a scalable, flexible, easy to use log search engine with a great Web UI that provides an open-source Splunk alternative, all for free.
Logstash + Elasticsearch + Kibana
logstash is a tool for managing events and logs. You can use it to collect logs, parse them, and store them for later use (like, for searching). Speaking of searching, logstash comes with a web interface for searching and drilling into all of your logs.It is fully free and fully open source. The license is Apache 2.0, meaning you are pretty much free to use it however you want in whatever way.setting it up is way more complicated than setting up Splunk, but it offers similar – but not as complete – feature set. Elasticsearch is an open source search engine known for its ease of use. Kibana setting it up is way more complicated than setting up Splunk, but it offers similar – but not as complete – feature set.
Elasticsearch <=> Indexer
Logstash <=> Heavy Forwarder
Kibana <=> Search Head
OpenTSDB is an open source database sponsored by StumbleUpon. It’s designed for aggregating and visualizing machine data. It’s built on top of Apache Hbase and boasts the ability to “collect many thousands of metrics from thousands of hosts and applications, at a high rate (every few seconds).”
Sumo Logic is a cloud-based log management and analytics service that leverages machine-generated big data to deliver real-time IT insights
Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encrypted communication and secure identification of a network web server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems.
Secure socket layer (SSL): how it works
1. An SSL certificate enables encryption of sensitive information during online transactions.
2. Each SSL certificate is a unique credential identifying the certificate owner.
3. A certificate Authority authenticates the identity of a certificate owner before it is issued.
What is SSL and Certificate
SSL and Certificates
The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers. The protocol uses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This is in short how it works.
What Happens When a Web Browser Connects to a Secure Website?
keytool -genkey -alias bf-sandbox -keyalg RSA -keystore buildForgeKeyStore.p12 -keysize 2048
[root@ tmp]# keytool -genkey -alias bf-sandbox -keyalg RSA -keystore buildForgeKeyStore.p12 -keysize 2048
Enter key store password: XXXX
Enter key password for : XXX
You are about to enter information that will be incorporated into
your certificate request. This information is what is called a
Distinguished Name or DN. There are quite a few fields but you
can use supplied default values, displayed between brackets, by just
hitting , or blank the field by entering the character
before hitting .
keytool -certreq -sigalg RSA -alias bf-sandbox -file bf-sandbox.csr -keystore buildForgeKeyStore.p1Insallation Certificates in BuildForge
Point 1: You would need to update the bfclient.conf to make Build Forge aware of the certifications. As long as the certificates are in the correct it will work with Build Forge.
Point 2: The easiest way to update the cert would be change the new cert name to the name of the previous cerr. Then update the passwords.
Please use the following command to validate the keystore:
keytool -list -storetype pkcs12 -keystore fullyQualifiedNameOfFile.p12 -v
Well, Private Key/Public Key encryption algorithms are great, but they are not usually practical. It is asymmetric because you need the other key pair to decrypt. You can’t use the same key to encrypt and decrypt. An algorithm using the same key to decrypt and encrypt is deemed to have a symmetric key. A symmetric algorithm is much faster in doing its job than an asymmetric algorithm. But a symmetric key is potentially highly insecure. If the enemy gets hold of the key then you have no more secret information. You must therefore transmit the key to the other party without the enemy getting its hands on it. As you know, nothing is secure on the Internet. The solution is to encapsulate the symmetric key inside a message encrypted with an asymmetric algorithm. You have never transmitted your private key to anybody, then the message encrypted with the public key is secure (relatively secure, nothing is certain except death and taxes). The symmetric key is also chosen randomly, so that if the symmetric secret key is discovered then the next transaction will be totally different.
|Symetric Key–>[Public Key]–>Encrypted Symetric Key–>[Private Key]–>Symetric Key|
There are several encryption algorithms available, using symmetric or asymmetric methods, with keys of various lengths. Usually, algorithms cannot be patented, if Henri Poincare had patented his algorithms, then he would have been able to sue Albert Einstein… So algorithms cannot be patented except mainly in USA. OpenSSL is developed in a country where algorithms cannot be patented and where encryption technology is not reserved to state agencies like military and secret services. During the negotiation between browser and web server, the applications will indicate to each other a list of algorithms that can be understood ranked by order of preference. The common preferred algorithm is then chosen. OpenSSL can be compiled with or without certain algorithms, so that it can be used in many countries where restrictions apply.
A hash is a number given by a hash function from a message. This is a one way function, it means that it is impossible to get the original message knowing the hash. However the hash will drastically change even for the slightest modification in the message. It is therefore extremely difficult to modify a message while keeping its original hash. It is also called a message digest. Hash functions are used in password mechanisms, in certifying that applications are original (MD5 sum), and in general in ensuring that any message has not been tampered with. It seems that the Internet Enginering Task Force (IETF) prefers SHA1 over MD5 for a number of technical reasons (Cf RFC2459 7.1.2 and 7.1.3).
Signing a message, means authentifying that you have yourself assured the authenticity of the message (most of the time it means you are the author, but not neccesarily). The message can be a text message, or someone else’s certificate. To sign a message, you create its hash, and then encrypt the hash with your private key, you then add the encrypted hash and your signed certificate with the message. The recipient will recreate the message hash, decrypts the encrypted hash using your well known public key stored in your signed certificate, check that both hash are equals and finally check the certificate.
The other advantage of signing your messages is that you transmit your public key and certificate automatically to all your recipients.
There are usually 2 ways to sign, encapsulating the text message inside the signature (with delimiters), or encoding the message altogether with the signature. This later form is a very simple encryption form as any software can decrypt it if it can read the embedded public key. The advantage of the first form is that the message is human readable allowing any non complaint client to pass the message as is for the user to read, while the second form does not even allow to read part of the message if it has been tampered with.
“A passprase is like a password except it is longer”. In the early days passwords on Unix system were limited to 8 characters, so the term passphrase for longer passwords. Longer is the password harder it is to guess. Nowadays Unix systems use MD5 hashes which have no limitation in length of the password.
The Public Key Infrastructure (PKI) is the software management system and database system that allows to sign certifcate, keep a list of revoked certificates, distribute public key,… You can usually access it via a website and/or ldap server. There will be also some people checking that you are who you are… For securing individual applications, you can use any well known commercial PKI as their root CA certificate is most likely to be inside your browser/application. The problem is for securing e-mail, either you get a generic type certificate for your e-mail or you must pay about USD100 a year per certificate/e-mail address. There is also no way to find someone’s public key if you have never received a prior e-mail with his certificate (including his public key).
Install a package
npm install (with no args in a package dir)
npm install <tarball file>
npm install <tarball url>
npm install <folder>
npm install <name> [–save|–save-dev|–save-optional]
npm install <name>@<tag>
npm install <name>@<version>
npm install <name>@<version range>
npm i (with any of the previous argument usage)
This command installs a package, and any packages that it depends on. If the package has a shrinkwrap file, the installation of dependencies will be driven by that. See npm-shrinkwrap(1).
A package is:
a) a folder containing a program described by a package.json file
b) a gzipped tarball containing (a)
c) a url that resolves to (b)
d) a <name>@<version> that is published on the registry with (c)
e) a <name>@<tag> that points to (d)
f) a <name> that has a “latest” tag satisfying (e)
g) a <git remote url> that resolves to (b)
Even if you never publish your package, you can still get a lot of benefits of using npm if you just want to write a node program (a), and perhaps if you also want to be able to easily install it elsewhere after packing it up into a tarball (b).
More info …
Only 15% of all programs linted on this website pass the JSHint checks. In all other cases, JSHint finds some red flags that could’ve been bugs or potential problems.
Please note, that while static code analysis tools can spot many different kind of mistakes, it can’t detect if your program is correct, fast or has memory leaks. You should always combine tools like JSHint with unit and functional tests as well as with code reviews.
How to install and verify version:
npm install jshint
What is nodejs?
Node.js untangles concurrency by replacing the Java platform’s standard, multithreaded approach with single-threaded, event-driven I/O.
-client to select the “client” VM
-server to select the “server” VM
-hotspot is a synonym for the “client” VM [deprecated]
The default VM is client.
-cp <class search path of directories and zip/jar files>
-classpath <class search path of directories and zip/jar files>
A ; separated list of directories, JAR archives,
and ZIP archives to search for class files.
set a system property
enable verbose output
-version print product version and exit
require the specified version to run
-showversion print product version and continue
-jre-restrict-search | -jre-no-restrict-search
include/exclude user private JREs in the version search
-? -help print this help message
-X print help on non-standard options
-esa | -enablesystemassertions
enable system assertions
-dsa | -disablesystemassertions
disable system assertions
load native agent library <libname>, e.g. -agentlib:hprof
see also, -agentlib:jdwp=help and -agentlib:hprof=help
load native agent library by full pathname
load Java programming language agent, see java.lang.instrument
show splash screen with specified image