Archives (2008 - 2023)

Ca fait un petit moment déjà que j'essaie de me créer un environnement de développement distant, c'est à dire que je me connecte sur une machine en ligne pour faire ce que j'ai à faire. C'est assez sympa d'utiliser le protocol NX, il marche bien en plus. Mais je me suis très vite trouné vers une solution entièrement sur un terminal. Je zappe tout ce qui est configuration de screen, mc, finch, irssi etc.. Je vais vous présenter ma personnalisation de vim, un éditeur de texte.

Cacoo is a user friendly online drawing tool that allows you to create a variety of diagrams such as site maps, wire frames, UML and network charts. Cacoo can be used free of charge.

xtractr is a hybrid cloud application for indexing, searching, reporting, extracting and collaborating on pcaps. This enables you to rapidly identify field issues and perform network forensics and troubleshooting with just a few clicks. This lite version of xtractr can index up to 2.5 million packets or 250 Mbytes of pcaps. While xtractr can be used as a standalone application, it works best with Mu Studio to convert the problematic conversation into a stateful test case.

Designed by educators for educators, Sakai is an enterprise teaching, learning and academic collaboration platform that best meets the needs of today's learners, instructors and researchers.

Neo4j is a graph database. It is an embedded, disk-based, fully transactional Java persistence engine that stores data structured in graphs rather than in tables. A graph (mathematical lingo for a network) is a flexible data structure that allows a more agile and rapid style of development. You can think of Neo4j as a high-performance graph engine with all the features of a mature and robust database. The programmer works with an object-oriented, flexible network structure rather than with strict and static tables — yet enjoys all the benefits of a fully transactional, enterprise-strength database.

Request Queuing allows your system to operate at optimal throughput.  In the above example : the optimal throughput was at 500 concurrency.  The concurrency at which optimal throughput is achieved is usually right below where exponential degradation starts to take place.  At all times the system was operating at this optimal throughput Your users only experience linear degradation versus exponential degradation. As shown in the diagram, with no request queueing your users and your system would have experienced exponential degradation after 500 requests.  Requests 0-500 take 1 second, 501-1000 takes 2 seconds, 1001-1500 take 3 seconds and so on – With Request queueing – the response times become linear Your system experiences NO degradation – This is worth repeating.  The system is always operating at an optimal throughput.  The only attribute that is dynamic is the queue size.  The system remains in the green zone as highlighted in the diagram.

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all. The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of vulnerabilities that plague the software industry, by identifying and avoiding all-too-common mistakes that occur before software is even shipped. Software customers can use the same list to help them to ask for more secure software. Researchers in software security can use the Top 25 to focus on a narrow but important subset of all known security weaknesses. Finally, software managers and CIOs can use the Top 25 list as a measuring stick of progress in their efforts to secure their software. The list is the result of collaboration between the SANS Institute, MITRE, and many top software security experts in the US and Europe. It leverages experiences in the development of the SANS Top 20 attack vectors (http://www.sans.org/top20/) and MITRE's Common Weakness Enumeration (CWE) (http://cwe.mitre.org/). MITRE maintains the CWE web site, with the support of the US Department of Homeland Security's National Cyber Security Division, presenting detailed descriptions of the top 25 programming errors along with authoritative guidance for mitigating and avoiding them. The CWE site contains data on more than 800 programming errors, design errors, and architecture errors that can lead to exploitable vulnerabilities. The 2010 Top 25 makes substantial improvements to the 2009 list, but the spirit and goals remain the same. The structure of the list has been modified to distinguish mitigations and general secure programming principles from more concrete weaknesses. This year's Top 25 entries are prioritized using inputs from over 20 different organization