On Linux, macOS, or Windows, we can use ssh -V (uppercase V) to check the OpenSSH version currently installed. Example 1 Terminal $ ssh -V OpenSSH_9.0p1, LibreSSL 3.3.6 Example 2 Terminal $ ssh -V OpenSSH_8.4p1 Debian-5+deb11u1, OpenSSL 1.1.1n 15 Mar 2022 References Wikipedia – OpenSSH OpenSSH Release Notes
In Java, we can find the java.security file at the following location: $JAVA_HOME/jre/lib/security/java.security $JAVA_HOME/conf/security For Java 8, and early version, we can find the java.security file at $JAVA_HOME/jre/lib/security/java.security. Terminal $ /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security$ ls -lsah total 12K 4.0K drwxr-xr-x 3 root root 4.0K Mei 12 11:53 . 4.0K drwxr-xr-x 8 root root 4.0K Mei 12 11:53 .. …
This tutorial shows how to install ModSecurity (open source web application Firewall) in Nginx, and also enable the OWASP ModSecurity Core Rule Set (CRS). Tested: Nginx Open Source 1.17.7 ModSecurity 3.0 OWASP ModSecurity CRS 3.2.2 Debian The official guide of installing ModSecurity for NGINX is very detail and well documented, and you should refer it. …
This article shows you a few ways to convert byte arrays or byte[] to a hexadecimal (base 16 or hex) string representative. String.format Integer.toHexString Apache Commons Codec – commons-codec Spring Security Crypto – spring-security-crypto Bitwise shifting and masking. (educational purposes) Note Both Apache Commons-Codec and Spring Security Crypto modules are using the similar 5. Bitwise …
A Spring Boot Thymeleaf example, uses Spring Security to protect path /admin and /user Technologies used : Spring Boot 1.5.3.RELEASE Spring 4.3.8.RELEASE Spring Security 4.2.2 Thymeleaf 2.1.5.RELEASE Thymeleaf extras Spring Security4 2.1.3 Tomcat Embed 8.5.14 Maven 3 Java 8 1. Project Directory 2. Project Dependencies Declares spring-boot-starter-security, it will get anything you need to develop …
Symmetric-Key Cryptography is an encryption system in which the same key is used for the encoding and decoding of the data. The safe distribution of the key is one of the drawbacks of this method, but what it lacks in security it gains in time complexity. One should always assume that the encryption algorithms are …
SecureRandom class in Java provides a cryptographically secure pseudo – random number generator and its intended use is for security sensitive applications. In this example, we will not use it for its intended purpose, but rather present its methods in a simple password generator. 1.Password Generator Using Secure Random A convention, we made for our …
When editing post or page in WordPress, sometime the server’s firewall will block my IP address, and the log showed the following error: Terminal lfd: (mod_security) mod_security triggered by xx.xx.xx.xx : 5 in the last 300 secs The quick fix is to restart the modem or uses a VPN to get a new IP to …
Problem Developing Struts2 (v 2.3.1.2) on Google App Engine (SDK v1.6.3.1), local development, hit “java.security.AccessControlException: access denied” error? Solution Normally, this is because you turn the “devMode on” in struts.xml file. File : struts.xml <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN" "http://struts.apache.org/dtds/struts-2.0.dtd"> <struts> <constant name="struts.devMode" value="true" /> //… </struts> …
One of the common way to handle authentication in JAX-WS is client provides “username” and “password”, attached it in SOAP request header and send to server, server parse the SOAP document and retrieve the provided “username” and “password” from request header and do validation from database, or whatever method prefer. In this article, we show …
In this tutorial, we will learn how to unzip a ZIP file using Java’s built-in java.util.zip package, while also discussing the Zip Slip vulnerability and how to avoid it. Table of Contents: 1. Extracting a ZIP File in Java 2. Understanding the Zip Slip Vulnerability What is Zip Slip? How to Prevent Zip Slip? Secure …
Here are a few Java examples of converting between String or ASCII to and from Hexadecimal. Apache Commons Codec – Hex Integer Bitwise 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F 1. Apache Commons Codec Both Hex.encodeHex and Hex.decodeHex can convert String to Hex and vice versa. …
In this article, we show you how to use Java Cryptography Extension (JCE) to encrypt or decrypt a text via Data Encryption Standard (DES) mechanism. 1. DES Key Create a DES Key. KeyGenerator keygenerator = KeyGenerator.getInstance("DES"); SecretKey myDesKey = keygenerator.generateKey(); 2. Cipher Info Create a Cipher instance from Cipher class, specify the following information and …