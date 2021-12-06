today's howtos
Maven is a popular open source build tool for used primarily for Java projects, designed to take much of the hard work out of the build process. Maven can also be used to build and manage projects written in C#, Ruby, Scala, and other languages. Maven uses a declarative approach, where the project structure and contents are described, rather then the task-based approach used in Ant or in traditional make files, for example. The Maven project is hosted by the Apache Software Foundation, where it was formerly part of the Jakarta Project.
In this guide, we will learn how to install Apache Maven on a Rocky Linux 8 server. This guide will also work for other RHEL 8 based systems like Alma Linux and Oracle Linux 8.
Node.js is an open-source, cross-platform, back-end JavaScript runtime environment that runs on the V8 engine and executes JavaScript code outside a web browser. Node. js is primarily used for non-blocking, event-driven servers, due to its single-threaded nature. It’s used for traditional web sites and back-end API services, but was designed with real-time, push-based architectures in mind. Node.js can be used both on the frontend and the backend.
NPM(Node Package Manager) is the default package manager for Node.js and also the largest repository for open-source Node.js packages.
In this tutorial we will learn how to install Node.js and npm on Rocky Linux 8 but it also works on other RHEL 8 based distributions.
One of Git’s core features is the ability to make multiple versions of your project. Often, these are used for short-term forks called “feature branches,” which get merged into master. However, sometimes it is necessary to have truly separate branches, which makes it harder to keep them in sync.
Apache, also known as Apache HTTP server, has been one of the most widely used web server applications globally for the past few decades. It is a free and open-source web application software maintained by the Apache Software Foundation. Apache provides some powerful features with dynamically loadable modules, easy integration with other software, and handling of static files, among other popular features.
In the tutorial, you will learn how to install and configure Apache (HTTPD) on Fedora 35 Workstation or Server with a free TLS/SSL certificate from Let’s Encrypt.
Java is a general-purpose, class-based, object-oriented multipurpose programming language that is popular due to the design of having lesser implementation dependencies, meaning that the compiled Java code can be run on all platforms that support Java without the need for recompilation. Java is also fast, secure, and reliable, therefore. It is widely used for developing Java applications in laptops, data centers, game consoles, scientific supercomputers, cell phones, etc.
JDK 17 (JDK 17) has brought forward new language enhancements, updates to the libraries, support for new Apple computers, removals and deprecations of legacy features, and work to ensure Java code written today will continue working without change in future JDK versions.
In the following tutorial, you will learn how to install the latest Oracle Java 17 (JDK 17) on Linux Mint 20.
For users wishing to install the OpenJDK 17 version, please see the tutorial How to Install OpenJDK 17 on Linux Mint 20.
The Thunderbolt hardware interface is a relatively new technology launched in 2011 by Apple and Intel. It’s an external hardware interface to connect your external peripheral devices to your laptop/ Desktop. Thunderbolt 1 and 2 used a Mini DisplayPort (MDP) connector illustrated in the image below. However, only a few laptop models and Macbooks shipped their products with the Thunderbolt 1/ 2 interface by this time. The main reason was that for laptop brands to use the interface on their products, they had to pay high copyright fees to Intel.
This article is part of a series about open source DevOps tools for C/C++ development. If you build up your project from the beginning on a powerful toolchain, you will benefit from a faster and safer development. Aside from that, it will be easier for you to get others involved in your project. In this article, I will prepare a C/C++ build system based on CMake and VSCodium. As usual, the related example code is available on GitHub.
It’s a quick and easy process to change a user password on a system using the Linux Operating System. That is, it’s straight forward if you know the commands, which might not be obvious if your background is with other operating systems such as Microsoft Windows. This article shows how to change your user password on a Linux system.
As there are many Linux distributions, with different desktop environments with can look and feel differently, this guide focuses on how to change your password from a shell prompt. The steps below will work from a shell session within a desktop session, or when connecting remotely using SSH, and will cover how to change your Linux password or reset your or another user password.
The article Why you should migrate your Java workloads to OpenShift described the benefits of moving a Java application to Red Hat OpenShift, and the tools that help in this effort. Now we'll walk through how to actually do the migration.
For this exercise, we're going to use the Red Hat JBoss Enterprise Application Platform (EAP) getting-started kitchen-sink application, but with some modifications to use MySQL as the database. You can find the source code in the eap-quickstarts GitHub repository.
Security Leftovers
In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased from a cybercriminal middleman known as an initial access broker. This post examines some of the clues left behind by “Wazawaka,” the hacker handle chosen by a major access broker in the Russian-speaking cybercrime scene.
Technical details and exploitation notes have been published for a remote-code-execution vulnerability in Sonicwall SMA 100 series VPN appliances.
The information was released today by infosec outfit Rapid7. This comes about a month after Sonicwall issued a patch for the security hole, which was discovered and privately disclosed by Rapid7's Jake Baines to Sonicwall in October.
If you haven't yet applied the update, now would be a good time before it's widely exploited. So far there is no evidence the programming flaw, which is present in SMA 200, 210, 400, 410 and 500v products as well as the 100, has been abused in the wild, Sonicwall said.
I see this as another manifestation of the security problems that stem from all controls becoming software controls. Back when the physical buttons actually did things — like turn the power, the Wi-Fi, or the camera on and off — you could actually know that something was on or off. Now that software controls those functions, you can never be sure.
Online forums are abuzz with reports that LastPass sent emails to users describing unauthorized login attempts with their master passwords, after one user posted about the issue on Hacker News. LastPass has since said it hasn’t leaked user information, leaving people with a lot of questions.
Greg Sadetsky, the Montreal-based technologist who wrote the post on Hacker News, calls himself a part-time involuntary “security mensch.” “I think I’m pretty paranoid,” he told Input, before adding that he has a habit of ending conversations with a reminder not to use the same password twice (“not all conversations, though,” he assured me). In the past month alone, he tells me he’s uncovered security vulnerabilities in both a COVID test company lab and the app that controls the lights above the World Trade Center. “I just want these things fixed,” he said. So on December 27, when Sadetsky got a concerning email from his password manager, he spoke up.
Sadetsky wrote that LastPass had alerted him of a login attempt using his account’s master password with this message: "Someone just used your master password to try to log in to your account from a device or location we didn't recognize.”
He considers the incident particularly concerning because the password was used only on LastPass and stored only in an encrypted password manager called KeePassX. Sadetsky says he had gone through a scrupulous extra step to use a second password manager to generate and encrypt the key to his LastPass password manager.
COULD IT BE A KEYBOARD SNIFFER? — The last time he’d accessed the master password, he says, was in 2017. He copied it from KeePassX and pasted it into LastPass. He initially reasoned that malware, like a clipboard sniffer, could have gotten his password when he copied and pasted it over four years ago. But when his post developed traction and more people reported the same issue, he says he considered that explanation less likely.
It’s unlikely to be an issue with KeePassX, either. KeePassX encrypts passwords, scrambling them in a way that is unreadable and unusable by hackers.
HACKED FROM THE SAME PLACE — Another notable detail is the similarity in IP addresses that attempted the logins. In the email alert, LastPass included the IP address from which the login attempt took place, and Sadetsky found four other users who had received alerts involving startlingly similar IP addresses. At least five users’ accounts had experienced log-in attempts from foreign IP addresses in the 160.116 range. But at least five other Hacker News users reported similar LastPass alerts involving IP addresses that did not fit with the rest.
