Hash – Argon2id configuration – information security batch exchange

I read an article about how to use it Argon2id in C # Here.

Below is the code you wrote (easily edited):

using System;
using System.Diagnostics;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using Konscious.Security.Cryptography;   

namespace Playground
{
    class Program
    {
        // No. of CPU Cores x 2.
        private const int DEGREE_OF_PARALLELISM = 16;

        // Recommended minimum value.
        private const int NUMBER_OF_ITERATIONS = 4;

        // 600 MB.
        private const int MEMORY_TO_USE_IN_KB = 600000;

        static void Main(string() args)
        {
            var password = "SomeSecurePassword";               
            byte() salt = CreateSalt();
            byte() hash = HashPassword(password, salt);                

            var otherPassword = "SomeSecurePassword";                                
            var success = VerifyHash(otherPassword, salt, hash);                
            Console.WriteLine(success ? "Passwords match!" : "Passwords do not match.");                
        }

        private static byte() CreateSalt()
        {
            var buffer = new byte(16);
            var rng = new RNGCryptoServiceProvider();
            rng.GetBytes(buffer);

            return buffer;
        }

        private static byte() HashPassword(string password, byte() salt)
        {
            var argon2id = new Argon2id(Encoding.UTF8.GetBytes(password));
            argon2id.Salt = salt;
            argon2id.DegreeOfParallelism = DEGREE_OF_PARALLELISM;
            argon2id.Iterations = NUMBER_OF_ITERATIONS;
            argon2id.MemorySize = MEMORY_TO_USE_IN_KB;

            return argon2id.GetBytes(16);
        }

        private static bool VerifyHash(string password, byte() salt, byte() hash)
        {
            var newHash = HashPassword(password, salt);
            return hash.SequenceEqual(newHash);
        }
    }
}

I have following questions:

  1. On the Konscious.Security.Cryptography README page, Instead of argon2id.GetBytes(16), They use argon2.GetBytes(128) This returns a longer value.

Assuming the configurations are the same, that is 128 Approach safer than that 16 one because it's longer?

  1. As far as I know, we leave more memories Argon2id The safer it is, the better it is against customized hardware attacks.

I therefore assume, even if 40 Iterations with 70 MB and 4 Iterations with 600 MB Take about the same time because the higher storage costs of the latter configuration are justified because they are more secure. Is that correct?

Why aren't inherited scope options replicated between Win2019 DHCP servers in a failover configuration?

I have 2 Win 2019 DCs running both DHCP servers with a range configured for failover. If I explicitly set realm options, they will replicate properly to the other server. However, options inherited from the server options are not replicated (and neither are server-level options). Is this the expected behavior? This seems very undesirable. I am currently prototyping, but eventually I will have 8-9 areas that all have the most options in common. So it would be nice to configure and maintain them at the server options level.

Related – The settings only appear to replicate when I manually request replication, but I assume that this should happen automatically. I can't find any documentation for the standard replication interval. How often should they be replicated automatically?

How do I create a configuration file for the Systemd Service Unit for the MySQL server?

I am trying to start MySQL Server 5.7 with systemd for the first time after installation. The manual states that a configuration file should be created in / usr / lib / systemd / system However, this subdirectory does not exist (I'm on Ubuntu 04/18). I follow this guide:

https://dev.mysql.com/doc/mysql-secure-deployment-guide/5.7/de/secure-deployment-post-install.html#secure-deployment-systemd-startup

To configure the MySQL installation for use with systemd:

  1. Add a Systemd Service Unit configuration file with details about the MySQL service. The file is called mysqld.service and is located in / usr / lib / systemd / system.
shell> cd /usr/lib/systemd/system
shell> touch mysqld.service
shell> chmod 644 mysqld.service

Since I do not have the & # 39; system & # 39; from systemd, I just created the file mysql.service directly in / usr / lib / systemd.
After following the rest of the instructions, I had to:

shell> systemctl start mysqld

but it failed with:

Failed to enable unit: Unit file mysqld.service does not exist.

Would someone please explain what I did wrong? Thanks a lot.

RAID configuration help

Hello,

I have rented a new OVH server with 3 hard drives and I want to use this layout:

– 2 drives in RAID 1
– 1 drive without RAID for ba … | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1802553&goto=newpost

Configuration management – structure of the configuration XML file for iterative storage in each form. Send a pair of values

I have a form with 2 values ​​that should be saved when sending:

 public function submitForm(array &$form, FormStateInterface $form_state) {
    if ($_POST('op') == 'Import Accounts') {
      $filter = $form_state->getValue('ldap_filter');
      Drupal::configFactory()->getEditable('amu_import_ldap.settings')
        ->set('ldap_filter', $filter)
        ->save();

      $roles = $form_state->getValue('roles_list');
      Drupal::configFactory()->getEditable('amu_import_ldap.settings')
        ->set('roles', $roles)
        ->save();       
      }

It works, but any save overwrites the previous one.

How can I structure the yml to iteratively store a list of data?

/config/install/my_module.settings.yml

ldap_filter: ""
roles: null

I tried a schema file, although I'm not sure if it will be considered at all

/config/schema/my_module.schema.yml

amu_import_ldap.settings:
  type: config_object
  label: 'couple filtreLDAP / roles'
  mapping:
    ldap_filter:
      type: text
      label: 'Filtre LDAP'
    role:
      type: array
      label: 'Rôles'

I've seen things like that

node.type. *:

?

Touchscreen – Touch Point Match rendering of the Android touch table configuration – via ADB (A ++)

I am currently building a dream project of mine. It is a 55 inch multitouch touch screen coffee table with Android phone. When I detail things, please remember that I just wanted to make this possible and will update parts and software as soon as possible, but I am trying to do this from scratch.

I have the TV that I use for it. It is a Fire TV OS device. I am using a Google Pixel 3XL as a power supply Android device. The touchscreen add-on I bought can be found here and works.
(no ad) https://www.amazon.com/gp/product/B07D1ZFRYQ/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1

IR touch detection works through a USB hub connected to the phone. Unfortunately, the phone is no longer in Chromecast to connect the pictures to the TV, and I'm working on getting around it. I have a lot of Android devices, but I wait until the screen works almost right.

problem

For some reason, when I connect the device (Pixel 3XL) to the screen (via Chromecast or whatever) it only renders the way it is rendered on the phone. In portrait mode, it only occupies the center of the screen. When I rotate the Devie and use my touch device that I have attached to the screen, all touches are rotated as if the screen was not rotating.

In portrait mode, only the middle third of the screen is drawn, but touches extend to the edges and beyond where the visual interaction is to take place.

In landscape format, the device has all touches and gestures on reverse axes.

Forms – Drupal 8 module – Link is not displayed in the configuration

I am a Drupal 8 newbie writing my first module. I have a functioning yet basic module from which I can learn. I am currently working on getting a value from a configuration page. If I go straight to the URL for the custom configuration page, it works. I'm having trouble getting a link to my custom configuration page that appears on the main configuration page. I've worked through every tutorial I can find on the subject, and I just can't figure out why it doesn't work. I hope you can help everyone. Here are my yml files.

itemrequest.info.yml

name: Item Request
type: module
description: Allow the public to request items for the District to purchase.
package: YCFLD
core: 8.x
configure: itemrequest.settings

itemrequest.routing.yml

itemrequest.itemrequest:
  path: '/itemrequest'
  defaults:
    _controller: 'DrupalitemrequestControllerItemrequestController::itemrequestpage'
    _title: 'Request an Item'
  requirements:
    _permission: 'access content'
itemrequest.settings:
  path: '/admin/config/itemrequest/settings'
  defaults:
    _form: 'DrupalitemrequestFormItemrequestForm'
    _title: 'Item Request'
  requirements:
    _permission: 'access administration pages'
  options:
    _admin_route: TRUE

itemrequest.links.menu.yml

itemrequest.settings:
  title: 'Item Request Form'
  description: 'Settings for Item Request form"
  route_name: itemrequest.settings
  parent: system.admin_config

Do you see anything wrong with my yml files? Can I do something to fix this?

Thanks a lot!

openstack – Change the Microstack Snap Nova configuration

I installed the Microstack Snap and wondered how I can change the nova.conf.

The running snap tells me that the change should be made in $ SNAP_COMMON / etc / nova.conf.d, but firstly the configuration is not there and secondly after a snap restart I don't see it when I create it.

The reason for the change is that I want to test with SRIOV, so I have to whitelist some hardware in de nova.conf

Domain Name System – How do I migrate the BIND configuration from automatic DNS maintenance without interruption to the DNS policy?

BIND 9.16 introduced a new one dnssec-policy Function as a further automated DNSSEC key management and signature function for a long time auto-dnssec maintain Functionality.

The documentation doesn't seem to cover migrating from the old to the new, but the associated wiki page seems to indicate that existing keys are being fetched from dnssec-policy.

That means setting up a new zone dnssec-policy is simple enough but to migrate an existing zone from auto-dnssec maintain to dnssec-policy doesn't seem to work as you might expect.
What I would have expected was that a policy compatible with the existing keys would continue to use these keys.

What seems to be happening is that all existing keys are immediately deleted from the zone because they have "expired" and are replaced with new keys, although the new policy includes a compatible set of keys (same algorithm and size) and the existing keys prescribes no end-of-life properties defined (only Created, Publish and Activate Timings in the .key files).

The guideline that I used for testing is as follows (named to show what happens when testing):

dnssec-policy alg13-ksk-unlimited-zsk-60day {
     keys {
         ksk key-directory lifetime unlimited algorithm ECDSAP256SHA256;
         zsk key-directory lifetime P60D algorithm ECDSAP256SHA256;
     };
};

This is the log output if the configuration was changed from auto-dnssec maintain; to dnssec-policy alg13-ksk-unlimited-zsk-60day;::

zone zone.example/IN (signed): reconfiguring zone keys
keymgr: DNSKEY zone.example/ECDSAP256SHA256/49004 (KSK) created for policy alg13-ksk-unlimited-zsk-60day
keymgr: DNSKEY zone.example/ECDSAP256SHA256/54646 (ZSK) created for policy alg13-ksk-unlimited-zsk-60day
Removing expired key 20481/ECDSAP256SHA256 from DNSKEY RRset.
DNSKEY zone.example/ECDSAP256SHA256/20481 (ZSK) is now deleted
Removing expired key 12506/ECDSAP256SHA256 from DNSKEY RRset.
DNSKEY zone.example/ECDSAP256SHA256/12506 (KSK) is now deleted
Fetching zone.example/ECDSAP256SHA256/49004 (KSK) from key repository.
DNSKEY zone.example/ECDSAP256SHA256/49004 (KSK) is now published
DNSKEY zone.example/ECDSAP256SHA256/49004 (KSK) is now active
Fetching zone.example/ECDSAP256SHA256/54646 (ZSK) from key repository.
DNSKEY zone.example/ECDSAP256SHA256/54646 (ZSK) is now published
DNSKEY zone.example/ECDSAP256SHA256/54646 (ZSK) is now active
zone zone.example/IN (signed): next key event: 22-Mar-2020 15:08:19.805

As can be seen, the existing keys were deleted immediately (not even using the normal rollover procedure!) And replaced with new keys of the same type.
Considering that instantly replacing the keys instead of the intended rollover will destroy everything, it's obvious that the configuration is simply switched to dnssec-policy is a no-go.

When looking at the key files I find that there is an additional one .state The file is added next to the old and new keys.
I don't know if this file is a prerequisite for proper use dnssec-policy Surgery somehow? Would creating these files in advance somehow avoid this behavior?

The key question is: is there a way to migrate to use? dnssec-policy uninterrupted? If so, how?

SQL Server 2012 – TempDB configuration with 8 TempDB data files

On a production server with 512 GB RAM, 2 sockets and 24 cores (Total Logical Processors 48) I have 8 TempDB data files (primary) with 4096 MB growth of 1024 MB each and a log file with 1024 to 2048 MB configured MB growth and trace -Flag 1117 configured at start.

the OLTP database of approx. The 100 GB data file is accessed by the Dynamics AX application. The AX application server is on a different server.

There is concern that the AX application will run very slowly even after rebuilding / reorganizing indexes and setting MAXDOP according to the AX Dynamics recommendation.

For which I tried to determine the average write performance of all databases
sys.dm_io_virtual_file_stats (io_stall_write_ms / num_of_writes <20) is displayed over 100 ms. although the reading performance is well below 10 ms.

The TempDB is stored on another hard drive (which serves as a dedicated cluster storage H drive – free space 66 GB), and other DB files are stored on another hard drive (cluster storage drive).

In this case, what needs to be done to improvise the writing performance?
Do I continue to increase the size of the TempDB data file?

Append the image of the output from sys.dm_io_virtual_file_stats.

Enter the image description here?