Twitter Monitoring..!!!!

22 Ebola outbreaks across 117 Unique Geographic Clusters

View: https://plot.ly/~geeqtoday/0/_22-ebola-outbreaks-across-117-unique-geographic-clusterssource-nature/

Data Source http://www.nature.com/articles/sdata201442#data-records

Download Source https://bitbucket.org/focusworkanalytics/ebola-outbreak-1/src

Configuration Management (CM) Suite

Configuration management is a crucial process for establishing and maintaining consistency across all the modules of a given system. With the growing complexities of futuristic systems/products there is a strong need to break configuration management as a separate discipline and CM Suite helps achieve this.

CM Suite which when applied over an existing system provides visibility and control over the entire system as a whole. It provides a systematic and standard approach for monitoring system parameter changes hence revising maintainability, performance and reliability with reduced cost and reduced risk liabilities of the system.

CM Suite helps query most crucial monitoring parameters out of the box. These include:

Monitoring and changing database connection parameters viz. connection pool, driver configuration, etc.

Monitoring and changing underlying system's business transaction parameters

Monitoring and changing integration parameters of the underlying system with third party systems

The core features of CM Suite which ensures complete configuration management include:

Identification:

This includes identifying system attributes for monitoring. The selected attributes are added to the CM Suite baseline. Internal code-generators help achieve this process.

Control:

This process includes role-based control over various system attributes. With this process CM Suite provides a secure access to the underlying system parameters.

Accounting:

This feature provides real-time monitoring to any given system attribute added to the baseline.

Audits:

CM Suite's reporting mechanism generates regular reports for comprehensive monitoring of various system attributes over prolonged duration

CM Suite has been designed to help maintain the most complex systems with highest level of simplicity at lowest cost. It aims to ensure that underlying system operates uninterrupted and hence achieve higher levels of "mission readiness".

Process Auditor and Forecaster (PAF) Dashboard

Process Auditor and Forecaster (PAF) is a tool that provides a graphical representation of workflow composites that are currently in progress and composites that are applicable in future. The various composites displayed in the PAF Dashboard include:

BPEL Process Components

Rule Decision Components

Human Task Components

With this solution in place, the user (workflow author or workflow tracker) can now perform following actions from the PAF Dashboard:

Monitor the Business Process progress: PAF Dashboard displays business processes have been completed, which steps are currently active and business processes that are yet to be triggered

Monitor and modify the Human Task assignment: PAF Dashboard displays the human tasks in its current state. The user has the option to fetch the entire task history for better clarity

Perform additional actions over these composites: PAF Dashboard empowers the user to perform additional viz. sending reminders, notifications, etc. for the designated composite.

Recover faulted Business Processes: PAF Dashboard has this unique feature for recovering faulted business processes, through this the user can perform custom recovery actions viz. retrigger, remove, etc.

Process Auditor and Forecaster has been designed to provide an interactive view of the process status and history, giving the most complete picture and state of the work and how the work reached a specific point.

Securing your MongoDB server

As I’m sure many of you know, there has been a massive amount of open MongoDB servers on the internet that have been discovered, and “hackers” have been taking advantage of this. Part of what makes these attacks so easy for “hackers” is that the tools are already there, just google “mongodb-tools” and you’ll see tools like mongodump, mongoexport, mongorestore, etc, as well as of course just the mongo shell. By leveraging these tools it’s incredibly easy for “hackers” to make extremely simple scripts to automate the process of dumping, dropping, and inserting a ransom note or in some cases, just dropping and inserting a ransom note.

Let’s get into how to protect against these kind of “attacks”. Now first of all, if you are running the MongoDB instance on the same server that your code that needs to access the MongoDB is running on, this is super easy. Just get a firewall (however you should still enable authentication, read further)! You should have one regardless. I recommend firewalld, as it’s super easy to use, works great, and is in basically every single distributions repositories. For CentOS 7/RHEL you can do:

sudo yum install firewalld # installs firewalld sudo systemctl enable firewalld # enables firewalld to run on boot sudo systemctl start firewalld # starts firewalld

There you go! Now if you need to run your MongoDB server on a server different than the one that is running your app itself, it’s slightly trickier, but still ridiculously easy, we just need to add authentication and a rule on who can access port 27017 on our MongoDB server. First, do the following in the mongo shell:

use admin db.createUser({  user: "<username>",  pwd: "<password>",  roles: [ "root" ] });

Now like with Regex, it’s best to be as specific as possible, so for example, if your application only needs access to the “production_memes” database, then just create a user that has the role: { role: “readWrite”, db: “production_memes” }, of course, you still should create a root user for yourself, just don’t use it in the application.

Then we make sure MongoDB is always started with authentication. Find your MongoDB configuration (for me it’s /etc/mongodb.conf) file and add the following line:

auth = true

Now since you can also start mongodb via the “mongod” command, we should add the following in our .bashrc in case we accidentally start mongod from bash instead of systemctl start mongodb:

alias mongod='mongod --auth'

Now to use the mongo shell as root and “login” we just do:

use admin db.auth("<username>", "<password>");

There we go! If you need to connect from mongoose for example, we would do:

mongodb://<username>:<password>@localhost:27017/<dbName>?authSource=admin

Remember to read the username and password from a file in another directory so that your application won’t accidentally expose it’s credentials if the source were to get leaked somehow.

Now let’s add the rule to our firewalld configuration to only accept traffic from the app’s main server:

firewall-cmd --permanent --zone=public --add-rich-rule='  rule family="ipv4"  source address="<your app server IP address>"  port protocol="tcp" port="27017" accept'

firewall-cmd --reload

Now I certainly did not cover all there is, so you should still check out the MongoDB Security Checklist. I hope this story taught you how easy it is to do these types of “attacks” and gave you a start on how to keep your MongoDB secure!