Posts

Showing posts from January, 2016

How does Software and Hardware Load Balancer Work? (Loadbalancer Algorithms Explained with Examples)

Image
How does Software and Hardware Load Balancer Work? (Loadbalancer Algorithms Explained with Examples) When you have an enterprise application or website that gets lot of hits, your server might be under heavy load. In that case, you may want to consider distributing the load across multiple servers. Load balancer will distribute the work-load of your system to multiple individual systems, or group of systems to to reduce the amount of load on an individual system, which in turn increases the reliability, efficiency and availability of your enterprise application or website. In this article, we’ll cover the basics of software and hardware load balancer, and explain the various algorithms used by the load balancers. The following are the advantages of load balancing your application: Reduced the work-load on an individual server. Large amount of work done in same time due to concurrency. Increased performance of your application because of faster response. No single poin...

How To Patch and Protect OpenSSH Client Vulnerability CVE-2016-0777 and CVE-2016-0778 [ 14/Jan/2016 ]

Image
T he OpenSSH project released an ssh client bug info that can leak private keys to malicious servers. A man-in-the-middle kind of attack identified and fixed in OpenSSH are dubbed CVE-2016-0777 and CVE-2016-0778. How do I fix OpenSSH's client vulnerability on a Linux or Unix-like operating system? A serious security problem has been found and patched in the OpenSSH software. Two vulnerabilities have been discovered in OpenSSH on 14/Jan/2016. The Common Vulnerabilities and Exposures project identifies the following issues: Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778   - All OpenSSH versions between 5.4 and 7.1 are vulnerable. CVE-2016-0777 - An information leak (memory disclosure) can be exploited by a rogue SSH server to trick a client into leaking sensitive data from the client memory, including for example private keys. CVE-2016-0778 - A buffer overflow (leading to file descriptor leak), can also be exploited by a rogue SSH server, but due to another ...