CVE-2017-5638: Apache Struts 2 Vulnerability

Struts-Shock-Blog

Apache Struts 2 is an open-source development framework for Java applications.
On March 6th, 2017, a vulnerability tracked as CVE-2017-5638 in Apache Struts 2 was made public. This vulnerability could allow an attacker to perform remote code execution with a malicious Content.
This particular vulnerability can be exploited if the attacker sends a  request to upload a file to a vulnerable server that uses a Jakarta-based plugin to process the upload request.
The attacker can then send malicious code in the Content-Type header to execute the command on a vulnerable server.
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string as exploited in the wild in March 2017.

Solution
===========
Both Cisco and Apache researchers asked administrators to upgrade their systems to Apache Struts version 2.3.32 or 2.5.10.1

Configuration of HAProxy Load Balancer on CentOS

HAProxy stands for High Availability proxy.  It is a very fast and reliable solution for high availability and load balancing. HAProxy is used as TCP/HTTP Load Balancer and for proxy Solutions.The HAProxy application will share the workload with multiple servers.

Steps for Installation and configuring  HAproxy
===========

Step 1: Before proceeding with the installation of  HAProxy in the server, we need to install epel repository on our system depending on the operating system version using the following command.
Continue reading…

Netflix Model Of Cloud Streaming

Netflix_logo

How is the Biggest Video-On-Demand Streaming company running seamlessly?

In 1998, about a year after Netflix’s founding, the company grew by starting in the DVD by mail business. In 2007, Netflix expanded its business with the introduction of streaming media, while retaining the DVD and Blu-ray rental service. The company expanded internationally, with streaming made available to Canada in 2010 and continued growing its streaming service from there; by January 2016, Netflix services operated in over 190 countries. Netflix entered the content-production industry in 2013, debuting its first series, House of Cards. It has greatly expanded the production of both film and television series since then, offering “Netflix Original” content through its online library of films and television. Netflix released an estimated 126 original series or films in 2016, more than any other network or cable channel.

Continue reading…