We have a need to manage our DNS records (add/update) remotely using C#... I know of and have written/implemented a solution using WMI but the problem is that WMI can be painfully slow.
I have come across the DNS Provider API used by the Microsoft Provisioning Framework. Having searched some more though, it seems as if this framework has been retired.
So, does anyone out there know if it's possible to manage a Microsoft DNS without using WMI? As of yet, my only other alternative is to write a TCP server that manipulates the DNS files directly or executes the WMI calls locally on the machine (which seems to operate much faster).
Thanks, J
Well, doesn't seem like anyone had any answers or suggestions so I had to get a little creative... After a lot of consideration and a very strong desire NOT to write my own TCP server for this purpose I fell upon another, equally acceptable solution: web services.
The biggest problem we've experienced with WMI is only when making calls from a remote network (remote machines on the same LAN seem to operate fine) so really I just needed some framework to use as a proxy for the WMI calls. So I ended up writing a simple web service and things are working great; no having to worry about custom threading on an in-house TCP server or encrypting packets thanks to SSL.
Hope this helps anyone having the same problem!
J
Related
Our team is currently working on an Web API that runs in ExpressJS and is deployed via Google Cloud Functions. We've moved beyond our core MVP deliverable and now have time to beef up more of our security/logging features.
Being paranoid (as you should be when developing security) I would like to protect our api from malicious code introduced from one of our npm packages.
I understand that there are many attacks possible if this were to happen. But I would like to protect against the class that send information to the attackers server.
Is there a way to monitor/whitelist all outbound requests? Perhaps by wrapping the Node process itself or utilizing a feature created by Google.
Thank you very much for reading my question, and stay safe!
👋
This is late, obviously, but I still think it's a relevant question that probably many (should!) think about.
We've had a bit of experience with Puresec Function Shield which works for AWS Lambda and apparently also Google Cloud Functions. One of its features is in fact about blocking outbound network traffic.
You should also be able to put your function in a VPC and set its firewall rules to disallow any traffic that is not conformant to your own known ports and sources.
Hope that helps any late-comers into this question.
Is ngrok a safe tool to use? I was reading a tutorial which recommended to use ngrok test API responses that I make to outside services that need to connect to my endpoints also.
There is no source code available for Version 2.0, considering it started as an open source project in 2014. I am suspect of any code that opens a tunnel to my localhost from the cloud. Pretty scary stuff especially without source code!
It opens up a tunnel to your dev machine, which is partially secured by obscurity (a hard to guess subdomain), and can be further secured by requiring a password. But you're still opening yourself up to ngrok itself, and the company is completely opaque (no address, no employees, no business name, no LinkedIn presence; all I can find is that it has 1-10 employees and is private; not even sure what country its based in). On top of that the code is not open-sourced. No reason to think they're not legit, but not a lot of information available to build trust.
You may be able to use ngrok and other local tunnel services with more security by encrypting the traffic. See https://security.stackexchange.com/questions/177280/end-to-end-encryption-for-localtunnel-ngrok-setup/177357#177357 for more information.
I found good rating, but vacuous information here:
http://www.scamadviser.com/is-ngrok.com-a-fake-site.html
The kicker for me is
https://developer.atlassian.com/blog/2015/05/secure-localhost-tunnels-with-ngrok/
where the Atlassian folks recommend it highly.
I think I am going to use it.
If anyone is concerning compromising their development environment, you can use Docker. There are many ngrok/docker projects but here is the one I chose: https://github.com/gtriggiano/ngrok-tunnel
for macOS, use "TARGET_HOST=docker.for.mac.localhost"
They now offer a service where you locally run only ssh, no need to run any of their code on your machine.
You run something like ssh -R 80:localhost:8501 tunnel.us.ngrok.com http. This connects to one of their hosts and forwards connections they receive back to your machine and the service you run on localhost:8501.
This seems secure to me, the only thing is that you don't know what information they collect and who is connecting to your exposed service. They print all connections, but it's their binary that does this and someone might well listen in without you noticing. You can check connections on your end, but you cannot be sure who it is that connects.
Ngrok is a convenient and highly secure utility for creating tunnels to locally hosted applications via a reverse proxy. This is a utility for publishing locally hosted applications on the web. style="letter-spacing: 0px;">Simply put, any locally hosted application provides a publicly accessible web URL to the . H. Either a Spring Boot or Nodejs based web application, or a webhook for a chat application, etc.
Few questions in one. I'm a mobile developer, and as a pet project I've set up a small server (on a raspberry pi) that I use as my backend development sever
I think I have set up the server fairly securely and have avoid the common blunders.
The problem is when it comes to security I'm completely neurotic, not because I have something to hide, but because I don't want to be victim of my own naivety / stupidity.
Currently I check my apache2 logs daily to find out what traffic (bar my own) has hit the server. Every day there seems to be between 4-5 hits from random ip's looking for directories that dont exist. Am I correct in assuming there are servers that randomly trawl through ip's searching for known weaknesses in sever software?
My main question is, is there a way for me to log every hit to the server in an sql database? That way I can see if somebody is really trying to get in by querying the number of hits from that ip without trawling through the logs manually.
Secondly, anybody got any more obscure security tips / things I should do on a daily basis?
Thanks for your time!
Edit: - Also, are their any good automatic penetration tools out there that can tell me if I have any vulnerability?
Am I correct in assuming there are servers that randomly trawl through ip's searching for known weaknesses in sever software?
Yes.
My main question is, is there a way for me to log every hit to the server in an sql database?
You could use mod_log_sql: http://www.outoforder.cc/projects/apache/mod_log_sql/
anybody got any more obscure security tips / things I should do on a daily basis?
you could setup a firewall, use port knocking, expose services only locally and connect via VPN, ...
I'd like to know the best solutions to get a public static dns or IP adress to access a computer on a routed network (for example to access from the internet a PC in my home LAN).
I heard about no-ip and dyndns.
Are they good? which one is the best? Is it really reliable ?
This is a server fault question, but to provide an answer anyway, I use dyndns.org, it works nicely ( most routers even have auto update support built in, and for those that dont there desktop updater works just fine. )
dyndns.org seems to have amazingly reliable uptime, and i cant talk for noip as i have never used it. give them a try and see which one you like more.
There are several free dynamic DNS services like afraid.org, dynu.com etc. You may want to go with one which has an open API so that you can use it from within your application.
May be you can have a look at https://www.good-dns.net/
Very simple to use, provides a URL for automatic IP update, so suitable for dynamic IPs.
There a lot options available - as far as I know dyn.org are not free for while already. And I am using https://myonlineportal.net
But you have to test by yourself and figure out which suit best for you. Sometimes it's just the available domain name.
Has anyone been able to get an NHibernate-based project up and running on a shared web host?
NHibernate does a whole lot of fancy stuff with reflection behind the scenes but the host that I'm using at the moment only allows applications to run in medium trust, which limits what you can do with reflection, and it's throwing up all sorts of security permission errors. This is the case even though I'm only using public properties in my mapping files, though I do have some classes defined as proxies.
Which companies offer decent (and reasonably priced) web hosting that allows NHibernate to run without complaining?
Update: It seems from these answers (and my experimentation -- sorry Ayende, but I still can't get it to work on my web host even after going through the article you linked to) is to choose your hosting provider wisely and shop around. It seems that WebHost4Life are pretty good in this respect. However, has anyone tried NHibernate with Windows shared hosting with 1and1? I have a Linux account with them already and I'm fairly satisfied on that front, and if I could get NHibernate to work seamlessly with Windows I'd probably stick with them.
I have had no issues with running NHibernate based apps on WebHost4Life, although I don't like them.
Getting NHibernate to run on medium trust is possible. A full description on how this can be done is found here:
http://blechie.com/WPierce/archive/2008/02/17/Lazy-Loading-with-nHibernate-Under-Medium-Trust.aspx
I ran my my own geek siteoff N2 (which uses NHibernate and Windsor Castle) and 4 pet NHibernate/Fluent projects on dailyrazor.com for a while.
You get a good deal for $5 a month, including unlimited SQL Server databases and subdomains and it runs off Plesk with FTP and remote SQL Server Management Studio access.
I'm using a Finnish host called Nebula that happily runs my NHibernate-leveraging applications. I had an issue once with trust levels; the machine.config on the host was configured to deny reflection but I successfully overrode it in the web.config.