I present in this article a simple HAProxy configuration with functionality to balance dynamically the http traffic to set of containers associated to a swarm docker service. You can find the project at this git hub link: https://github.com/stefano-gristina/haproxy–swarm. The reason to make it cames from fact the the microservices should be stateless, and it should ..
This page contains all security vulnerabilities, updates and bulletins of 2018. 2018 Security Vulnerability Bulletins ozilla Releases Security Update for Thunderbird 25/01/2018 Google Releases Security Update for Chrome 2501/2018 Apple Releases Multiple Security Updates 23/01/2018 Mozilla Releases Security Updates 23/01/2018 Lenovo Releases Security Advisory 19/01/2018 NCSC Releases Security Advisory 18/01/2018 Cisco Releases Security Updates, BIND 17/01/2018 ISC Releases ..
Docker swarm and kubernetes are the most widespread container orchestrators for running micro services spanned on different nodes of a cluster. They provide high availability, scalability, security and easy management to complex software architectures. The goal is reached from docker swarm using the stack concept that is a set of docker services related together; in ..
This article has the goal to improve the awareness about the risks of a pivot attack where the target system is exploited through another compromised system. The classic defense against these type of attacks based on the company’s perimeter is obsolete and it requires new solutions and approaches. The systems are compromised generally by phishing attack forcing the ..
WordPress is a free content management system used for hosting web sites. The web application written in php can running under apache or nginx. Whatever the solution adopted, it’s necessary to have a reverse proxy for better managing the web site and for performing SSL termination. In this article a solution with nginx as reverse proxy ..
KVM is a virtualization solution for linux largely used in enterprise environment. It’s permits to define overlay networks scalable over public network by open virtual switch. Layer 2 networks encapsulated over udp packet, by VXLAN or GRE tunnel, enable an use efficient and versatile of network infrastructure. Docker is a open platform that permits to run applications ..
Docker Overlay Network is a good way to create isolate layer two networks where the containers are distributed on different physical hosts. It’s possible to define two equal subnets without any overlap because the network interfaces of containers are in different namespaces. The frame between hosts are tunneled by vxlan protocol that manages until to 16777216 vlan: much ..
Network segmentation is vital in order to limit the risks for business data after a network intrusion. The goal is to make very difficult the movement of threat inside the network and to give to intruders not authorized the minimun privilege possible for avoiding the exploit of critical services for the business. By phishing campaign it’s very ..
Docker is a software layer that permits to run linux application inside isolated containers on an only shared system operating. This type of virtualization is lighter, portable, scalable and easy to manage: it is an good alternative to classical virtualization approach, like xen, kvm, vmware, where every virtual machine run with its own kernel and ..
Nginx is a robust and fast reverse proxy. Haproxy is a fast application load balancer. Together can be used for publishing to internet web services in security way. For this reason this article has the objective to explain how to secure web services using nginx and haproxy. The haproxy, in addition to application load balancer functionality, has a ..