27017 let my data be FREE! is your infrastructure leaky? hello I am a database server I listen on port 27017 let my data be FREE! web server database hello I am a web server I listen on port 80 send me requests database web server hello I am a web server I listen on port 80 send me requests
accessed by trusted clients inside > trusted environments. This means that usually it is not a good > idea to expose the Redis instance directly to the internet or, > in general, to an environment where untrusted clients can > directly access the Redis TCP port or UNIX socket. somewhere in the depths of the documentation….
weird trick wow wow Entrepreneur piverate integrate grok Steve Jobs innovate big data experiential. Minimum viable product 360 campaign ship it grok responsive ship it co-working iterate. Sticky note viral ideate user centered design agile unicorn 360 campaign workflow hacker earned media parallax viral. Personas personas Steve Jobs quantitative vs. qualitative moleskine convergence pitch deck experiential co-working responsive responsive pair programming thought leader personas. Disrupt entrepreneur personas fund minimum viable. Like this! Tweet this! unbelievable whisking technique 152 comments against sous-vide: a polemic buy my book Patreon GitTip Flattr Bitcoin youtube ad network social media google analytics
a Shoestring (Pycon) https://www.youtube.com/watch?v=8FeNdXzVLEs • A more detailed guide to a lot of the things in this talk, by Martin Fowler: https://martinfowler.com/articles/web-security-basics.html • The Tangled Web by Michal Zalewski — the best book for understanding the guts of internet architecture and its security problems • Rails security guides with great info on sessions: http:// guides.rubyonrails.org/security.html
• SSL Labs — test if a website’s transport encryption is any good https:// www.ssllabs.com/ssltest/ • My talk on HTTPS for muggles (now with more Harry Potter metaphors) — https://www.youtube.com/watch?v=oKgzftLmyiE • SSL: it’s hard to get right https://recompilermag.com/issues/issue-1/ssl-its- hard-to-do-right/ • Learn about networking! It will help you understand security Julia Evan’s drawings are a fun place to start: https://drawings.jvns.ca/
Penetration Testing, by Georgia Weidman • Intro to isolating servers within a private network with iptables https://www.digitalocean.com/community/tutorials/how-to-isolate- servers-within-a-private-network-using-iptables — also look for DigitalOcean guides to ufw • Consider using a PaaS like Heroku and let them deal with your infrastructure.