pra não esquecer…

junho 27th, 2011

segurança

Posted by Felipe Olivaes in lighttpd, Linux, Windows

“The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine”

http://www.openinfosecfoundation.org/index.php/download-suricata

PArece interessante a ferramenta:

http://www.ossec.net/main/getting-started-with-ossec

Pelo que vi faz coisas como detecção de rootkit, bloqueio de webscanners, bloqueio contra tentativas de intrusao repetitivas, logs de alterações de arquivos, etc.

http://blog.alexos.com.br/?p=2650&lang=pt-br
http://blog.alexos.com.br/?p=2625&lang=pt-br

setembro 22nd, 2009

15% de desconto kinghost

Posted by Felipe Olivaes in Apache, IIS, lighttpd, Linux, Windows

considero a kinghost como uma das melhores empresas de hospedagem, por isso indico a todos que conheço!

Segue um código promocional para ter 15% de desconto durante 3 meses:
Código promocional: BIGDESCONTO

veja também:
código promocional kinghost
código kinghost
15% de desconto kinghost
desconto kinghost

setembro 20th, 2009

ssl – gerando gerando .pem

Posted by Felipe Olivaes in Apache, lighttpd, Linux

lado cliente:
.csr = requisição de certificado (—–BEGIN CERTIFICATE REQUEST—–)
.key = PRIVATE KEY (—–BEGIN RSA PRIVATE KEY—–)

lado certificadora:
.crt = certificado do domínio gerado pela certificadora (—–BEGIN CERTIFICATE—–)
.ca = certificado da certificadora (—–BEGIN CERTIFICATE—–)

criando/gerando .pem

# cat #cert-privatekey# #cert-crt# #cert-ca# > cert.pem

gerando .csr

# openssl req -new -nodes -keyout cliente.key -out cliente.csr 
julho 3rd, 2009

http benchmark tools

Posted by Felipe Olivaes in Apache, IIS, lighttpd, Linux

Bom, sempre me esqueço destas ferramentas, então aqui está o post “pra não esquecer”…

vou destacar 2 ferramentas, uma por ser em linux e outra por ser em windows….
1) siege para linux(http://www.joedog.org/JoeDog/Siege)
Ferramenta simples, não é nada difícil de utilizar…
Conheci esta ferramenta em uma palestra do criador do PHP Rasmus Lerdorf, no fisl 8 (http://talks.php.net/show/fisl08/7).

2) Ferramenta para windows, é uma ferramenta que vem junto com o Zend Server Community Edition, no Zend Controller, tem uma ferramenta simples para analise de requisições por segundo, pode ser útil para uma analise simples.

Abaixo segue uma lista detalhada que retirei de http://www.softwareqatest.com/qatweb1.html:

LoadStorm – A web-based load testing tool/service as a distributed application that leverages the power of Amazon Web Services to scale on demand with processing power and bandwidth as needed. As the test loads increase to hundreds or thousands of virtual users, LoadStorm automatically adds machines from Amazon’s server farm to handle the processing. Tests can be built using the tool in such a way as to simulate a large number of different users with unique logins and different tasks.

BrowserMob – On-demand, self-service, low-cost, pay-as-you-go service enables simulation of large volumes of real browsers hitting a website. Utilizes Amazon Web Services, Selenium. Uses real browsers for each virtual user so that traffic is realistic, AJAX & Flash support is automatic. Browser screen shots of errors included in reports.

Load Impact – Online load testing service from Gatorhole/loadimpact.com for load- and stress- testing of your website over the Internet; access to our distributed network of load generator nodes – server clusters with very fast connections to enable simulation of tens of thousands of users accessing your website concurrently. Free low level load tests for 1-50 simulated users; higher levels have monthly fees.

Pylot – Open source tool by Corey Goldberg for generating concurrent http loads. Define test cases in an XML file – specify requests – url, method, body/payload, etc – and verifications. Verification is by matching content to regular expressions and with HTTP status codes. HTTP and HTTPS (SSL) support. Monitor and execute test suites from GUI (wxPython), and adjust load, number of agents, request intervals, rampup time, test duration. Real-time stats and error reporting are displayed.

AppLoader – Load testing app from NRG Global for web and other applications accessible from a Windows desktop; generates load from the end user’s perspective. Protocol independent and supports a wide variety of enterprise class applications. Integrates with their Chroniker monitoring suite so results of load testing can be correlated with system behavior as load is increased. Runs from Win platforms.

fwptt – Open source tool by Bogdan Damian for load testing web applications. Capabilities include handling of Ajax. Generates tests in C#. For Windows platforms

JCrawler – An open-source stress-testing tool for web apps; includes crawling/exploratory features. User can give JCrawler a set of starting URLs and it will begin crawling from that point onwards, going through any URLs it can find on its way and generating load on the web application. Load parameters (hits/sec) are configurable via central XML file; fires up as many threads as needed to keep load constant; includes self-testing unit tests. Handles http redirects and cookies; platform independent.

vPerformer – Performance and load testing tool from Verisium Inc. to assess the performance and scalability of web apps. Use recorded scripts or customized scripts using Javascript. Targeted platforms: Windows

Curl-Loader – Open-source tool written in ‘C’, simulating application load and behavior of tens of thousand HTTP/HTTPS and FTP/FTPS clients, each with its own source IP-address. In contrast to other tools curl-loader is using real C-written client protocol stacks, namely, HTTP and FTP stacks of libcurl and TLS/SSL of openssl. Activities of each virtual client are logged and collected statistics include information about: resolving, connection establishment, sending of requests, receiving responses, headers and data received/sent, errors from network, TLS/SSL and application (HTTP, FTP) level events and errors.

RealityLoad XF On-Demand Load Testing – An on-demand load testing service (no licenses) from Gomez.com. Leverages Gomez’ peer panel, which consists of over 15,000 end-user desktop testing locations distributed across the world, to provide distributed load tests that accurately reproduce the network and latency characteristics encountered by real users in a live environment.

OpNet LoadScaler – Load test tool from OpNet Technologies Inc. Create tests without programming; generate loads against web applications, and other services including Web Services, FTP, and Email. Record end-user browser activity in the OPNET TestCreatorTM authoring environment to automatically generate test scripts in industry-standard JavaScript. Modify, extend and debug tests with the included JavaScript editor. Alternatively, drag and drop icons onto the test script tree. No knowledge of a scripting language is required to customize test scripts.

StressTester – Enterprise load and performance testing tool for web applications from Reflective Solutions Ltd. Advanced user journey modeling, scalable load, system resources monitors and results analysis. No scripting required. Suitable for any Web, JMS, IP or SQL Application. OS independent.

The Grinder – A Java-based load-testing framework freely available under a BSD-style open-source license. Orchestrate activities of a test script in many processes across many machines, using a graphical console application. Test scripts make use of client code embodied in Java plug-ins. Most users do not write plug-ins themselves, instead using one of the supplied plug-ins. Comes with a mature plug-in for testing HTTP services, as well as a tool which allows HTTP scripts to be automatically recorded.

Proxy Sniffer – Web load and stress testing tool from from Ingenieurbüro David Fischer GmbH Capabilities include: HTTP/S Web Session Recorder that can be used with any web browser; recordings can then be used to automatically create optimized Java-based load test programs; automatic protection from “false positive” results by examining actual web page content; detailed Error Analysis using saved error snapshots; real-time statistics.

Testing Master – Load test tool from Novosoft, capabilities include IP spoofing, multiple simultaneous test cases and website testing features for sites with dynamic content and secure HTTPS pages.

Funkload – Web load testing, stress testing, and functional testing tool written in Python and distributed as free software under the GNU GPL. Emulates a web browser (single-threaded) using webunit; https support; produces detailed reports in ReST, HTML, or PDF.

Avalanche – Load-testing appliance from Spirent Communications, designed to stress-test security, network, and Web application infrastructures by generating large quantities of user and network traffic. Simulates as many as two million concurrently-connected users with unique IP addresses, emulates multiple Web browsers, supports Web Services testing Supports HTTP 1.0/1.1, SSL, FTP, RTSP/ RTP, MS Win Media, SMTP, POP3, DNS, Telnet, and Video on Demand over Multicast protocols.

Loadea – Stress testing tool runs on WinXP; free evaluation version for two virtual users. Capture module provides a development environment, utilizes C# scripting and XML based data. Control module defines, schedules, and deploys tests, defines number of virtual users, etc. Analysis module analyzes results and provides reporting capabilities.

LoadManager – Load, Stress, Stability and Performance testing tool from Alvicom. Runs on all platforms supported by Eclipse and Java.

QEngine Web Performance Testing – Automated testing tool from AdventNet for performance testing (load and stress testing) of web applications and web services. For Linux and Windows.

NeoLoad – Load testing tool for web applications from Neotys with clear and intuitive graphical interface, no scripting/fast learning curve, clear and comprehensive reports and test results. Can design complex scenarios to handle real world applications. Features include data replacement, data extraction, SOAP support, system monitoring (Windows, Linux, IIS, Apache, WebLogic, Websphere…), SSL recording, PDF/HTML/Word reporting, IP spoofing, and more. Multi-platform: Windows, Linux, Solaris.

Test Complete Enterprise – Automated test tool from AutomatedQA Corp. includes web load testing capabilities.

QTest – Web load testing tool from Quotium Technologies SA. Capabilities include: cookies managed natively, making the script modelling phase shorter; HTML and XML parser, allowing display and retrieval of any element from a HTML page or an XML flux in test scripts; option of developing custom monitors using supplied APIs; more.

Test Perspective Load Test – Do-it-yourself load testing service from Keynote Systems for Web applications. Utilizes Keynote’s load-generating infrastructure on the Internet; conduct realistic outside-the-firewall load and stress tests to validate performance of entire Web application infrastructure.

SiteTester1 – Load test tool from Pilot Software Ltd. Allows definition of requests, jobs, procedures and tests, HTTP1.0/1.1 compatible requests, POST/GET methods, cookies, running in multi-threaded or single-threaded mode, generates various reports in HTML format, keeps and reads XML formatted files for test definitions and test logs. Requires JDK1.2 or higher.

httperf – Web server performance/benchmarking tool from HP Research Labs. Provides a flexible facility for generating various HTTP workloads and measuring server performance. Focus is not on implementing one particular benchmark but on providing a robust, high-performance, extensible tool. Available free as source code.

NetworkTester – Tool (formerly called ‘NetPressure’) from Agilent Technologies uses real user traffic, including DNS, HTTP, FTP, NNTP, streaming media, POP3, SMTP, NFS, CIFS, IM, etc. – through access authentication systems such as PPPOE, DHCP, 802.1X, IPsec, as necessary. Unlimited scalability; GUI-driven management station; no scripting; open API. Errors isolated and identified in real-time; traffic monitored at every step in a protocol exchange (such as time of DNS lookup, time to logon to server, etc.). All transactions logged, and detailed reporting available.

WAPT – Web load and stress testing tool from SoftLogica LLC. Handles dynamic content and HTTPS/SSL; easy to use; support for redirects and all types of proxies; clear reports and graphs.

Visual Studio Team System 2008 Test Edition – A suite of testing tools for Web applications and services that are integrated into the Microsoft Visual Studio environment. These enable testers to author, execute, and manage tests and related work items all from within Visual Studio.

OpenLoad – Affordable and completely web-based load testing tool from OpenDemand; knowledge of scripting languages not required – web-based recorder can capture and translate any user action from any website or web application. Generate up to 1000 simultaneous users with minimum hardware.

Apache JMeter – Java desktop application from the Apache Software Foundation designed to load test functional behavior and measure performance. Originally designed for testing Web Applications but has since expanded to other test functions; may be used to test performance both on static and dynamic resources (files, Servlets, Perl scripts, Java Objects, Data Bases and Queries, FTP Servers and more). Can be used to simulate a heavy load on a server, network or object to test its strength or to analyze overall performance under different load types; can make a graphical analysis of performance or test server/script/object behavior under heavy concurrent load.

TestMaker – Free open source utility maintained by PushToTest.com and Frank Cohen, for performance, scalability, and functional testing of Web application. Features test authoring of Web applications, Rich Internet Applications (RIA) using Ajax, Service Oriented Architecture, and Business Process Management environments. Integrates Selenium, soapUI, TestGen4Web, and HTMLUnit to make test development faster/easier. Repurposes tests from these tools into load and performance tests, functional tests, and business service monitors with no coding. Repurposes unit tests written in Java, Jython, JRuby, Groovy, and other dynamic scripting languages. Runs on any platform.

SiteStress – Remote, consultative load testing service by Webmetrics. Simulates end-user activity against designated websites for performance and infrastructure reliability testing. Can generate an infinitely scalable user load from GlobalWatch Network, and provide performance reporting, analysis, and optimization recommendations.

Siege – Open source stress/regression test and benchmark utility; supports basic authentication, cookies, HTTP and HTTPS protocols. Enables testing a web server with a configurable number of concurrent simulated users. Stress a single URL with a specified number of simulated users or stress multiple URL’s simultaneously. Reports total number of transactions, elapsed time, bytes transferred, response time, transaction rate, concurrency, and server response. Developed by Jeffrey Fulmer, modeled in part after Lincoln Stein’s torture.pl, but allows stressing many URLs simultaneously. Distributed under terms of the GPL; written in C; for UNIX and related platforms.

JBlitz – Load, performance and functional test tool from Clan Productions. Runs multiple concurrent virtual users.to simulate heavy load. Validates each response using plain text or regular expression searches, or by calling out to your own custom code. Full Java API. For testing and ‘bullet-proofing’ server side software – ASPs, JSPs, servlets, EJBs, Perl / PHP / C / C++ / CGI scripts etc.

WebServer Stress Tool – Web stress test tool from Paessler AG handles proxies, passwords, user agents, cookies, AAL.

Web Polygraph – Freely available benchmarking tool for caching proxies, origin server accelerators, L4/7 switches, and other Web intermediaries. Other features: for high-performance HTTP clients and servers, realistic traffic generation and content simulation, ready-to-use standard workloads, powerful domain-specific configuration language, and portable open-source implementation. C++ source available; binaries avail for Windows.

OpenSTA – ‘Open System Testing Architecture’ is a free, open source web load/stress testing application, licensed under the Gnu GPL. Utilizes a distributed software architecture based on CORBA. OpenSTA binaries available for Windows.

PureLoad – Java-based multi-platform performance testing and analysis tool from Minq Software. Includes ‘Comparer’ and ‘Recorder’ capabilities, dynamic input data, scenario editor/debugger, load generation for single or distributed sources.

ApacheBench – Perl API for Apache benchmarking and regression testing. Intended as foundation for a complete benchmarking and regression testing suite for transaction-based mod_perl sites. For stress-testing server while verifying correct HTTP responses. Based on the Apache 1.3.12 ab code. Available via CPAN as .tar.gz file.

Torture – Bare-bones Perl script by Lincoln Stein for testing web server speed and responsiveness and test stability and reliability of a particular Web server. Can send large amounts of random data to a server to measure speed and response time of servers, CGI scripts, etc.

WebSpray – Low-cost load testing tool from CAI Networks; includes link testing capabilities; can simulate up to 1,000 clients from a single IP address; also supports multiple IP addresses with or without aliases. For Windows.

eValid LoadTest – Web test tool from Software Research, Inc that uses a ‘Test Enabled Web Browser’ test engine that provides browser based 100% client side quality checking, dynamic testing, content validation, page performance tuning, and webserver loading and capacity analysis.

WebPerformance Load Tester – Load test tool emphasizing ease-of-use, from WebPerformance Inc. Supports all browsers and web servers; records and allows viewing of exact bytes flowing between browser and server; no scripting required. Modem simulation allows each virtual user to be bandwidth limited. Can automatically handle variations in session-specific items such as cookies, usernames, passwords, IP addresses, and any other parameter to simulate multiple virtual users. For Windows, Linux, Solaris, most UNIX variants.

WebSuite – A collection of load testing, capture/playback, and related tools from Technovations for performance testing of web sites. Modules include WebCorder, Load Director, Report Generator, Batch, Manager, and others. WebSizr load testing tool supports authentication, SSL, cookies, redirects. Recorded scripts can be modified manually. For Windows.

FORECAST – Load testing tool from Facilita Software for web, client-server, network, and database systems. Capabilities include proprietary, Java, or C++ scripting; windows browser or network recording/playback. Supports binary encoded data such as Adobe Flex/AMF, Serialised Java objects etc.SSL; supports NTLM, kerberos, proxies, authentication, redirects, certificates, cookies, caching, bandwidth limitation and page validation. Virtual user data can be parameterized. Works with a wide variety of platforms.

http-Load – Free load test application from ACME Labs to generate web server loads, from ACME Software. Handles HTTP and HTTPS; for Unix.

QALoad – Compuware’s tool for load/stress testing of web, database, and character-based systems. Supports HTTP, SSL, SOAP, XML, Streaming Media. Works with a variety of databases, middleware, ERP.

Microsoft WCAT load test tool – Web load test tool from Microsoft for load testing of MS IIS servers; other MS stress tools also listed.

IBM Rational Performance Tester – Performance testing tool from IBM/Rational; has optional extensions to Seibel applications and SAP Solutions. Supports Windows, Linux and z/OS as distributed controller agents; provides high-level and detailed views of tests.

SilkPerformer – Enterprise-class load-testing tool from Borland (formerly Segue). Can simulate thousands of users working with multiple protocols and computing environments. Allows prediction of behavior of e-business environment before it is deployed, regardless of size and complexity.

Radview’s WebLoad – Load testing tool from Radview Software. Capabilities include over 75 Performance Metrics; can view global or detailed account of transaction successes/failures on individual Virtual Client level, assisting in capturing intermittent errors; allows comparing of running test vs. past test metrics. Test scripting via visual tool or Javascript. Wizard for automating non-GUI-based services testing; DoS security testing.

Loadrunner – HP’s (formerly Mercury’s) load/stress testing tool for web and other applications; supports a wide variety of application environments, platforms, and databases. Large suite of network/app/server monitors to enable performance measurement of each tier/server/component and tracing of bottlenecks.

março 11th, 2009

kinghost hospedagem com lighttpd – código promocional

Posted by Felipe Olivaes in Apache, ColdFusion, IIS, lighttpd, Linux, shell

não sei se o vocês já conhecem a KingHost, mas simplismente os caras são estão sempre inovando…

Lançaram agora hospedagem com suporte a linux com lighttpd. Fizeram uma página no painel de controle aonde é possível configurar o mod rewrite (que no lighttpd não tem .htaccess) e configurar diversas diretivas como: diretory index, diretory autentication, mime-types, file cache… simplismente mto bom…

Não existe um plano especial para lighttpd, quando o cara assina cai direto no apache e pode solicitar migração para lighttpd através de ticket (nesta primeira fase disseram que vai ser assim, mas logo será opcional a mudança através do painel de controle). Simplismente eu escolho se quero trabalhar com apache ou lighttpd!

Testei e aprovei… para quem quiser testar, consegui um código promocional…

ganhe 15% de desconto nos 3 primeiros meses.

Utilize o código promocional: BIGDESCONTO
no passo 3 do cadastro

nunca foi tão fácil ganhar desconto hein…

abril 1st, 2008

lighttpd: dlopen() failed for: /usr/local/lib/mod_magnet.so

Posted by Felipe Olivaes in lighttpd, Linux

2008-04-01 00:24:53: (plugin.c.165) dlopen() failed for: /usr/local/lib/mod_magnet.so /usr/local/lib/mod_magnet.so: cannot restore segment prot after reloc: Permission denied

no: /etc/selinux/config
troque:
SELINUX=enforcing
por:
SELINUX=disabled
e comenta o resto que estiver ativo

e reboot no server…

valeu jóris bredowww! =)

fevereiro 26th, 2008

lua copilation: /usr/bin/ld: cannot find -lncurses

Posted by Felipe Olivaes in lighttpd, Linux

/usr/bin/ld: cannot find -lncurses
collect2: ld returned 1 exit status

baixar última versão:
ftp://ftp.gnu.org/gnu/ncurses/

=) dã

dezembro 2nd, 2007

lua copilation

Posted by Felipe Olivaes in lighttpd, Linux

Error:
luaconf.h:263:31: error: readline/readline.h: No such file or directory
luaconf.h:264:30: error: readline/history.h: No such file or directory

Install:
libreadline – http://tiswww.case.edu/php/chet/readline/rltop.html

ou
readline-devel-5.1-1.1.i386.rpm
libtermcap-devel-2.0.8-46.1.i386.rpm
= )

setembro 26th, 2007

desconto kinghost

Código promocional Kinghost!

Ganhe 15% de desconto nas 3 primeiras mensalidades na melhor empresa de hospedagem do brasil com toda certeza…

Acesse o link abaixo
http://www.kinghost.com.br/promo/BIGDESCONTO.html
ou digite o código promocional BIGDESCONTO no cadastro

setembro 20th, 2007

Código promocional Kinghost

Código promocional Kinghost!

Ganhe 15% de desconto nas 3 primeiras mensalidades na melhor empresa de hospedagem do brasil com toda certeza…

Acesse o link abaixo
http://www.kinghost.com.br/promo/BIGDESCONTO.html
ou digite o código promocional BIGDESCONTO no cadastro

julho 20th, 2007

lighttpd – mod_magnet – LUA

Posted by Felipe Olivaes in lighttpd, xalassa

para copilar lighttpd com mod_magnet com lua…
copile assim:

[code]$ export LUA_CFLAGS=”-I/usr/local/include”
$ export LUA_LIBS=”-L/usr/local/lib -llua”
$ ./configure –with-pcre –with-lua
$ make
[/code]




nuvem de tags:

24 horas acentuação Apache bash benchmark bios boot celular centos charset comando console Download esxi Firebird firefox http importação intel ipod kinghost legenda Linux lost mod_deflate msn mssql MySQL owner Padel PHP placa mãe portabilidade Postgre SQL recovery root password rewrite shell sinuca sql server svn temporada completa veronica mars vmware Windows ícones