This document provides a summary of security best practices for Domino servers, including enabling SHA2 certificates, upgrading to TLS 1.2, enabling perfect forward secrecy and HTTP strict transport security, disabling insecure protocols like SSLv3, using a reverse proxy for SSL offloading and load balancing, and thoroughly testing configurations with tools like SSL Labs. It also covers antivirus exclusions needed for Domino servers and clients, securing LDAP connections to Active Directory, and new security features expected in future Domino releases like Java 8 support and encrypted Notes RPC.
Domino Security - not knowing is not an option - MWLUG 2015Darren Duke
There have been a ton of changes to Domino security over the past few months. See what they are, why you need them and how to implement them, including but not limited to: SSL/TLS Notes port encryption reverse proxies SHA2 certificates SAML/NFL Perfect Forward Secrecy Learn. Implement. Sleep well.
Find Site Performance from the server to WordPress. A look at how some good performance gains can be made in tuning MySQL and APC and getting the most of out W3 Total Cache.
Automate IBM Connections Installations and morepanagenda
IBM Connections pink is based on Conductor for Containers, which provides a collection of tools to work with Docker containers and Kubernetes. To manage containers in large environments, lots of DevOps are using Ansible (an agentless software to automate administration tasks).
So why don’t use these tools to prepare your Connections operating system, like creating users, adding security settings or install all necessary packages to deploy DB2, Installation Manager, and WebSphere Application Server? Or use one of the available roles or tasks to automate even the installation of WebSphere, create cell and profiles …
In this session, you get the basics of Ansible and some hands-on to start the learning journey into “”cloud”” based software management.
A presentation by Christoph Stoettner.
This document provides an overview of attacking ColdFusion applications. It begins with an introduction to ColdFusion and discusses how to find sites running it. Common vulnerabilities in ColdFusion like XSS, SQL injection, and exposed admin interfaces are explained. Specific exploits like BlazeDS XML injection and the locale traversal issue are covered in detail. The document also discusses brute forcing admin logins, interacting with CFCs, and abusing long-lived admin cookies. It concludes with a section on post-exploitation activities like scheduling tasks and executing code once administrative access is obtained.
Microsoft Windows 10 Bootcamp - Active directoryOlav Tvedt
This document summarizes a Microsoft Technical Bootcamp on Active Directory. It includes links and information on Active Directory templates, the central store, an Excel sheet template, and cleaning up the OU structure and using group and WMI filtering. It also discusses why modernizing Active Directory is important and the benefits of the Windows 10 Enterprise Mobility Suite, including mobile device and app management, information protection, identity and access management, and its integration with Microsoft Azure. Security topics like second factor authentication are also briefly mentioned.
Rooting Your Internals: Inter-Protocol Exploitation, custom shellcode and BeEFMichele Orru
This document discusses using the Browser Exploitation Framework (BeEF) and inter-protocol exploitation techniques to gain control of victim browsers. It begins with an overview of traditional browser attack vectors and their limitations. It then introduces BeEF and how it can be used to hook victim browsers through XSS and control them remotely with JavaScript. The document proposes revitalizing inter-protocol exploitation techniques to bypass cross-domain restrictions and allow executing commands on the victim's machine. It presents the design of a new BeEF Bind shellcode that sets up a web server to accept commands and control a process like cmd.exe on the victim internally without needing an outbound connection.
The document discusses using IBM Lotus Domino policies to manage clients. It provides an example of creating a registration policy to automatically populate common settings when new users are registered. It also discusses creating desktop settings policies to standardize settings for end users, such as enabling contact synchronization and setting mail checking preferences. The document outlines creating these policies step-by-step and assigning the settings to organizational policies to apply them broadly.
IBM Connections Adminblast - Soccnx 12 Editionpanagenda
Buckle up, join Christoph and Nico and get ready to learn 50 tips and tricks you can implement right away to improve your IBM Connections environment. Your users will thank you as they too benefit from this best practice list gathered from real-world projects while deploying and administering IBM Connections On-premises. Walk away with knowledge covering anything from Orient Me, Cognos integration, Docs, CCM and Forms Experience Builder to the back end like IBM Cloud private, DB2, TDI and SSO.
A presentation by Christoph Stoettner & Nico Meisenzahl
The document discusses various ways to identify and address performance issues that may be slowing down a web application. It describes tools that can help pinpoint where problems exist, such as in the client's browser, on the server running the application, or in networking between the two. Browser developer tools, operating system monitoring tools, network testing services, and page testing services that evaluate from external servers are recommended for examining the client perspective. Application servers, web servers, databases, and operating systems each have specific monitoring tools that can help identify server-side issues. Addressing problems may require optimizations found through resources like developer guides from Yahoo, Google, and others.
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application.It helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities.bWAPP prepares one to conduct successful penetration testing and ethical hacking projects.
This document discusses setting up a LAMP stack on an Ubuntu server using SSH and various commands like apt-get. It installs Apache, PHP, MySQL, Redis, and Varnish. It then discusses using rsync to copy files to the server and configuring the various components like enabling PHP modules and Apache rewrite rules.
Giancarlo Gomez presented on using websockets for realtime applications with ColdFusion. He began by explaining what websockets are and how they allow for bidirectional messaging with low latency compared to HTTP polling techniques. He then demonstrated how to enable and use websockets in ColdFusion, including securing connections and using websockets in a clustered environment. Finally, he discussed real world uses of websockets and issues to consider like network connections and application reloads.
The Angry Birds global web shop (at times the highest traffic Magento platform in the world) runs on Magento Enterprise, scales 100% automatically in the AWS infrastructure and is designed to easily handle 20x traffic peaks during marketing and new release peaks. Learn how to implement a Magento store for optimal performance, how to run it in a cloud environment, about the infrastructure and the applied strategies for continuous delivery, auto-scaling and zero-downtime rollouts.
This document discusses various free or low-cost security measures organizations can implement, including: using EMET to help prevent exploits; blocking Java user agents at the proxy to prevent Java-based exploits; implementing internal bug bounty programs; deploying port-forwarding honeypots; disabling WPAD; restricting internal DNS lookups; and using "evil canary" decoys to detect intruders. It also emphasizes the importance of monitoring for unusual traffic patterns and authentication events.
WordPress Security Presentation by Jason Conroy (from Finding Simple - http://findingsimple.com) for the March 2013 WordPress Canberra Meetup (http://wpcanberra.com.au)
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...Michele Orru
Browser exploits are a primary attack vector to compromise a victims internal network, but they have major restrictions including; limited current browser exploits; the huge price for 0-day browser exploits; and exploit complexity due to sandboxing. So, instead of exploiting the victims browser, what if the victims browser exploited internal systems for you?
The new "BeEF Bind Exploit Proxy" module does this! This BeEF (Browser Exploitation Framework) module will allow penetration testers to proxy exploits through a victims web browser to compromise internal services. Not only this, but the new "BeEF Bind" shellcode also enables the communication channel to the attacker to pass back through the existing browser session.
This attack technique (Inter-protocol Exploitation) removes browser-based attacks from being dependent upon browser vulnerabilities. It increases the number of potential exploits to include many service vulnerabilities throughout the internal corporate network. This includes whatever service can be contacted via a browser request. This increases the success rate of client-side exploitation attempts by dramatically increasing the number of vulnerabilities accessible to the attacker.
So how does the new BeEF Bind Exploit Proxy work? BeEF is configured to use the BeEF Bind Exploit Proxy, and is set as the payload for XSS exploits or Phishing attacks. Once the victim visits the malicious site, their web browser becomes hooked and performs JavaScript port scanning across the internal corporate network looking for chosen open ports. Once a server has been identified, the BeEF server is notified and begins to send exploits through the hooked web browser to the service on the internal server. Each of these exploits are configured to use the new BeEF Bind shellcode.
Once an exploit has successfully triggered a vulnerability within the internal service, the BeEF Bind shellcode is executed. This shellcode is designed to setup a web-listener that proxies commands through to a shell on the compromised server. This allows the attacker to send commands through the hooked web browser to the BeEF Bind payload. The command is executed on the compromised server and returned to the web browser in HTTP responses. The hooked web browser is then able to receive the command output and proxy it back to the attacker at the BeEF server.
Penetration testers can now inject steroids into their XSS exploits by replacing simple alert boxes with demonstrations of actual compromised internal machines. They can also now increase the scope and success rate of their Phishing attacks to compromise internal servers. This new approach also minimizes the likelihood of IDS/IPS detection, and does not require an additional socket open back to the attacker via the firewall.
This document provides suggestions for free or low-cost defenses that can frustrate attackers, including enabling EMET, blocking Java user agents at the proxy, port forwarding honeypots, authenticated splash proxies, and deploying "evil canaries" to detect intruders on the network. It emphasizes logging, vulnerability scanning, and getting penetration testers and the help desk involved in security efforts. The document aims to demonstrate mostly free techniques that can significantly improve the security of an organization.
I'm the butcher would you like some BeEFMichele Orru
This document describes using the Browser Exploitation Framework (BeEF) to conduct social engineering attacks. It introduces the creators and outlines how BeEF's web cloning and mass mailing extensions can be automated through a RESTful API to conduct phishing campaigns. Demostrations are provided of cloning a webpage to intercept login credentials, creating an HTML email template, and combining the extensions to send cloned phishing links at scale. The summary emphasizes automating social engineering attacks using BeEF's client-side exploitation abilities.
IBM Lotus Domino Domain Monitoring (DDM)Austin Chang
This document provides an overview of Lotus Domino Server Domain Monitoring (DDM) for administrators. DDM allows administrators to monitor servers in their domain through configurable probes that check for issues and automate corrective actions. It discusses the key components of DDM including the server collection hierarchy, monitoring configuration, probes, and filters. It also provides examples of how to set up monitoring for common scenarios like database compaction, replication, and system resources.
This document provides information about becoming an IBM Connections administrator. It discusses the wide range of skills and technologies required, including CSS, Java, LDAP, databases, IBM HTTP Server configuration, and WebSphere administration. It emphasizes planning resources, verifying configurations, backing up data, monitoring logs, and following documentation to install, customize, and maintain Connections successfully.
This document provides an overview of single sign-on technologies including Single Sign-On (SSO), Security Assertion Markup Language (SAML), Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO), and OAuth. It defines each technology, provides examples of how they work, and discusses their requirements, limitations, and use cases. The presenter emphasizes choosing solutions based on specific business needs and priorities, as technologies range from relatively easy to implement like single password or SPNEGO, to more complex such as SAML or OAuth.
Installing & Configuring IBM Domino 9 on CentOSDevin Olson
The document provides step-by-step instructions for installing and configuring IBM Domino 9 Social Edition on CentOS 6. It includes installing CentOS minimal, configuring networking and security settings, creating a user account, installing necessary packages, configuring the firewall to allow required Domino ports, and performing Domino-specific configurations such as disabling competing services and increasing file handles. The instructions conclude with installing and setting up Domino, including selecting an installation directory and allowing Domino to tune the Linux kernel.
HTTP Strict Transport Security (HSTS), zajistí zabezpečený „převoz“ informací bez možnosti odstranění HTTPS (SSL Strip). HSTS je HTTP hlavička, kterou posílá server. Browser poté bude po X sekund interně přesměrovávat http:// na https://.
A Technical Guide To Deploying Single Sign OnGabriella Davis
This document provides instructions for configuring different single sign-on options for IBM Notes clients, including Notes Shared Logon, LDAP authentication, Kerberos/SPNEGO/IWA, and SAML. It describes what each option does, examples of how it works, and requirements to set it up. SAML provides single sign-on across multiple systems using a centralized identity provider, but has more complex setup involving configuring identity providers, service providers, certificates, and policies in both Active Directory and Domino.
Having a full set of Sametime features available on mobile devices has been a priority for IBM so if you are deploying, whether it’s the complete feature set including meetings audio and video or just instant messaging you can extend the functionality using IBM Connections Chat and IBM Connections Meetings applications which are available for most mobile platforms. In this session we will review both the backend server configuration and the features available via the mobile applications and discuss usability, bandwidth and security implications
IBM Traveler Management, Security and PerformanceGabriella Davis
Traveler is a core component of most companies’ mail infrastructure but its maintenance and security goes far beyond Domino server management. In this session we’ll look at a Traveler environment from daily tasks to enforcing TLS and starting with understanding how Traveler behaves. We’ll review both standalone and high availability configurations and discuss common problems, as well how best to plan and design a secure and stable infrastructure.
How often do you hear that the business is discussing moving mail platforms because “our users want X” where X is nothing to do with the server and everything to do with the client UI. Domino remains the best mail server available but often user dissatisfaction drives a move and that comes from being asked to use the wrong client or from a bad deployment. If you’re using Domino you have an ever expanding range of clients to choose from browsers, iNotes, Verse, Traveler with iOS integration, Android applications, POP3 and IMAP. Come to this session to learn how to find the right client to fit the business and keep your Domino infrastructure.
In this recorded online session we looked at all the options to upgrade your existing Sametime environment to Sametime 9.0.1. Whether you have only a single Community server on an early Sametime version or an entire infrastructure including audio and video on 9.0 we outlined how to plan for an upgrade and the pros and cons of doing the work side by side vs in place.
Simplifying The S's: Single Sign-On, SPNEGO and SAMLGabriella Davis
This document provides an overview and comparison of several technologies for single sign-on (SSO) and federated identity: Single Password, SPNEGO, SAML, and OAuth. It defines each technology and provides examples of how they work. Single Password involves authenticating against a single password stored in a centralized location. SPNEGO uses Kerberos tickets to authenticate users logged into Active Directory. SAML allows users to authenticate once at an identity provider and gain access to connected service providers without reauthenticating. OAuth allows third-party applications to access user data with their permission. The document explains the requirements, limitations, and use cases for each technology. It emphasizes choosing solutions based on specific business needs and priorities.
Benefits and Risks of a Single Identity - IBM Connect 2017Gabriella Davis
What is valuable about a single identity, why is that something people want and how achievable is it? As people work across multiple systems they encounter an equal number of barriers where they must authenticate or otherwise prove their identity in order to gain access. Ideally we always want to be showing the same information about ourselves regardless of where someone searches or how we are found. In this session we’ll discuss the issues behind both creating a single identity and simplifying authentication. We’ll also review the risks you need to be aware of, the technologies available to you and the importance of good and current personal information.
This is an updated presentation that includes some speaker notes for clarity
Ricardo Vice Santos discusses distributed, web-scale systems used at Spotify. He explains that Spotify uses a decentralized architecture with services that are decoupled and horizontally scalable. Key services are read-only for scalability and use techniques like DNS lookups, sharding via consistent hashing, and eventual consistency across replicas to distribute load. This allows Spotify to provide fast, reliable music streaming at a massive scale.
Tom Conley presented on enabling SSL encryption for TN3270 traffic to prevent passwords from traversing internal networks in clear text. Setting up SSL with a self-signed certificate takes about 10 minutes. Ed Jaffe discussed improvements to Hardware Management Console interfaces since 1994 that provide easier navigation and topology views. Sam Knutson provided an overview of the Hercules mainframe emulator and Turnkey MVS 3.8j system that can be run within Hercules to gain experience with vintage MVS. Skip Robinson described issues encountered when migrating system automation from R13 to z/OS 2.1 due to changes in NetView and subsystem definitions.
SSL Checklist for Pentesters (BSides MCR 2014)Jerome Smith
This document provides a summary of checks that a pentester should perform when evaluating the security of SSL/TLS implementations. It discusses checking for support of outdated and insecure protocols like SSLv2 and SSLv3. It also recommends validating support for newer, more secure versions like TLSv1.1 and TLSv1.2. The document outlines steps to check for vulnerabilities like Heartbleed, BEAST, and CRIME. It also provides guidance on evaluating certificate validity, cipher suites, and renegotiation support. Web application considerations like mixed content and HTTP Strict Transport Security are also covered at a high level. The presenter provides these checks and recommendations from the perspective of a pentester to identify potential issues to consider reporting
Day 2 General Session Presentations RedisConfRedis Labs
The document discusses new memory technologies like persistent memory and their implications. It provides latency and bandwidth numbers for different memory types and notes that heterogeneous memory systems using tiers of DRAM and NVM provide opportunities for better performance and cost. Examples are given of key-value stores and databases leveraging NVM to achieve high performance while reducing costs. The talk also discusses how new distributed data structures like CRDTs could be used across servers with shared memory.
The document discusses securing web applications. It argues that traditional approaches like blaming developers or banning third-party cookies are not effective solutions. Adding random tokens manually to URLs is difficult for developers. Using the referer header is unreliable due to inconsistencies across browsers and plugins. The origin header has similar problems. The document proposes an "interpreter suicide" approach where JavaScript detects cross-site navigation and prevents further execution to block attacks. This provides a client-side way to enforce session context without requiring manual token management.
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)Gabriella Davis
This document discusses deploying SHA2 certificates and the SSL problem. It begins with introductions of the presenters. It then provides background on encryption, certificates, and common acronyms related to security like SSL, TLS, HTTPS. The document outlines several past security vulnerabilities like POODLE, Heartbleed, and discusses solutions deployed. It then provides step-by-step instructions for creating certificates using OpenSSL and deploying them for Domino and WebSphere servers.
The document discusses various SSL/TLS security issues including Heartbleed, GNUTLS bugs, Apple bugs, Lucky13, BEAST, and CRIME. It provides details on the Heartbleed bug in OpenSSL, explaining how it allowed retrieval of up to 64KB of private data from affected servers. It also discusses other exploits like BEAST, CRIME, and Lucky13. The document advises administrators to patch systems, monitor for issues, and leverage big data to identify anomalies. Developers are advised to carefully manage library dependencies and versions to prevent vulnerabilities.
Web Sockets in Java EE 7 allows for real-time communication between clients and servers through bidirectional connections. The speaker discusses the history and specification of Web Sockets, how they enable low-latency push communication compared to traditional polling techniques, and their support in Java EE 7 through JSR 356 which provides APIs and reference implementations. A demo is shown of a Web Sockets application using GlassFish.
Joseph Salowey, Tableau Software
Transport Layer Security (TLS) 1.3 is almost here. The protocol that protects most of the Internet secure connections is getting the biggest ever revamp, and is losing a round-trip. We will explore differences between TLS 1.3 and previous versions in detail, focusing on the performance and security improvements of the new protocol as well as some of the challenges we face around securely implementing new features such as 0-RTT resumption.
ExpressionEngine - Simple Steps to Performance and Security (EECI 2014)Nexcess.net LLC
This document discusses steps website administrators can take to improve the performance and security of websites built with ExpressionEngine. It begins by demonstrating through benchmarks how upgrading to newer versions of PHP can significantly improve performance. It then provides recommendations for optimizing ExpressionEngine settings and plugins, and using caching, CDNs and hardware. For security, it advises keeping software updated, restricting access, using firewalls and HTTPS, and securely managing user accounts and publishing workflows. The overall message is that ongoing performance and security efforts can directly benefit websites and should be made part of the development process.
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal44CON
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
Residential gateway (/SOHO router) exploitation is a rising trend in the security landscape - ever so often do we hear of yet another vulnerable device, with the occasional campaign targeted against specific versions of devices through independent scanning or Shodan dorking. We shine a bright light on TR-069/CWMP, the previously under-researched, de-facto CPE device management protocol, and specifically target ACS (Auto Configuration Server) software, whose pwnage can have devastating effects on critical amounts of users. These servers are, by design, in complete control of entire fleets of consumer premises devices, intended for use by ISPs and Telco providers. or nation-state adversaries, of course (sorry NSA, we know it was a cool attack vector with the best research-hours-to-mass-pwnage ratio). We investigate several TR-069 ACS platforms, and demonstrate multiple instances of poorly secured deployments, where we could have gained control over hundreds of thousands of devices. During the talk (pending patch availability), we will release exploits to vulnerabilities we discovered in ACS software, including RCEs on several platforms.
During this XMPP academy session I talk about Google and Apple Push Notifications, XEP-0357, Websockets, XMPP playground and Message Archiving.
Full session can be seen on Youtube: https://www.youtube.com/watch?v=LToKLTf-N_E
This document discusses optimizing performance when using SPDY and SSL. It describes how SPDY works by encapsulating HTTP requests within a single encrypted SSL connection. It focuses on setting up a valid SSL connection that supports SPDY and optimizing SSL handshakes, certificates, and encryption to improve performance. Specific techniques discussed include resuming SSL sessions, avoiding delays from certificate validation, using appropriate encryption algorithms and keys, and ensuring all traffic is redirected to HTTPS. Tools for analyzing SSL/SPDY configuration like SSL Labs and SPDYCheck are also mentioned.
BSides Edinburgh 2017 - TR-06FAIL and other CPE Configuration Disastersinfodox
This document discusses vulnerabilities in TR-064 and TR-069 protocols for managing broadband network devices. It describes how TR-064 had issues with no password protection and readable credentials, allowing full device access. It also discusses prior vulnerabilities like Misfortune Cookie that allowed bypassing authentication in TR-069. The document then demonstrates how exploiting a persistent cross-site scripting vulnerability in the FreeACS server software through TR-069 requests could allow adding an administrative user and completely compromising the server. This could potentially allow attacking and reconfiguring millions of networked devices.
Application Performance Troubleshooting 1x1 - Von Schweinen, Schlangen und Pa...rschuppe
Application Performance doesn't come easy. How to find the root cause of performance issues in modern and complex applications? All you have is a complaining user to start with?
In this presentation (mainly in German, but understandable for english speakers) I'd present the fundamentals of trouble shooting and have concrete examples on how to tackle issues.
Similar to Domino Security - not knowing is not an option (2016 edition) (20)
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...Chris Swan
Have you noticed the OpenSSF Scorecard badges on the official Dart and Flutter repos? It's Google's way of showing that they care about security. Practices such as pinning dependencies, branch protection, required reviews, continuous integration tests etc. are measured to provide a score and accompanying badge.
You can do the same for your projects, and this presentation will show you how, with an emphasis on the unique challenges that come up when working with Dart and Flutter.
The session will provide a walkthrough of the steps involved in securing a first repository, and then what it takes to repeat that process across an organization with multiple repos. It will also look at the ongoing maintenance involved once scorecards have been implemented, and how aspects of that maintenance can be better automated to minimize toil.
Quality Patents: Patents That Stand the Test of TimeAurora Consulting
Is your patent a vanity piece of paper for your office wall? Or is it a reliable, defendable, assertable, property right? The difference is often quality.
Is your patent simply a transactional cost and a large pile of legal bills for your startup? Or is it a leverageable asset worthy of attracting precious investment dollars, worth its cost in multiples of valuation? The difference is often quality.
Is your patent application only good enough to get through the examination process? Or has it been crafted to stand the tests of time and varied audiences if you later need to assert that document against an infringer, find yourself litigating with it in an Article 3 Court at the hands of a judge and jury, God forbid, end up having to defend its validity at the PTAB, or even needing to use it to block pirated imports at the International Trade Commission? The difference is often quality.
Quality will be our focus for a good chunk of the remainder of this season. What goes into a quality patent, and where possible, how do you get it without breaking the bank?
** Episode Overview **
In this first episode of our quality series, Kristen Hansen and the panel discuss:
⦿ What do we mean when we say patent quality?
⦿ Why is patent quality important?
⦿ How to balance quality and budget
⦿ The importance of searching, continuations, and draftsperson domain expertise
⦿ Very practical tips, tricks, examples, and Kristen’s Musts for drafting quality applications
https://www.aurorapatents.com/patently-strategic-podcast.html
Implementations of Fused Deposition Modeling in real worldEmerging Tech
The presentation showcases the diverse real-world applications of Fused Deposition Modeling (FDM) across multiple industries:
1. **Manufacturing**: FDM is utilized in manufacturing for rapid prototyping, creating custom tools and fixtures, and producing functional end-use parts. Companies leverage its cost-effectiveness and flexibility to streamline production processes.
2. **Medical**: In the medical field, FDM is used to create patient-specific anatomical models, surgical guides, and prosthetics. Its ability to produce precise and biocompatible parts supports advancements in personalized healthcare solutions.
3. **Education**: FDM plays a crucial role in education by enabling students to learn about design and engineering through hands-on 3D printing projects. It promotes innovation and practical skill development in STEM disciplines.
4. **Science**: Researchers use FDM to prototype equipment for scientific experiments, build custom laboratory tools, and create models for visualization and testing purposes. It facilitates rapid iteration and customization in scientific endeavors.
5. **Automotive**: Automotive manufacturers employ FDM for prototyping vehicle components, tooling for assembly lines, and customized parts. It speeds up the design validation process and enhances efficiency in automotive engineering.
6. **Consumer Electronics**: FDM is utilized in consumer electronics for designing and prototyping product enclosures, casings, and internal components. It enables rapid iteration and customization to meet evolving consumer demands.
7. **Robotics**: Robotics engineers leverage FDM to prototype robot parts, create lightweight and durable components, and customize robot designs for specific applications. It supports innovation and optimization in robotic systems.
8. **Aerospace**: In aerospace, FDM is used to manufacture lightweight parts, complex geometries, and prototypes of aircraft components. It contributes to cost reduction, faster production cycles, and weight savings in aerospace engineering.
9. **Architecture**: Architects utilize FDM for creating detailed architectural models, prototypes of building components, and intricate designs. It aids in visualizing concepts, testing structural integrity, and communicating design ideas effectively.
Each industry example demonstrates how FDM enhances innovation, accelerates product development, and addresses specific challenges through advanced manufacturing capabilities.
Details of description part II: Describing images in practice - Tech Forum 2024BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and transcript: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
Mitigating the Impact of State Management in Cloud Stream Processing SystemsScyllaDB
Stream processing is a crucial component of modern data infrastructure, but constructing an efficient and scalable stream processing system can be challenging. Decoupling compute and storage architecture has emerged as an effective solution to these challenges, but it can introduce high latency issues, especially when dealing with complex continuous queries that necessitate managing extra-large internal states.
In this talk, we focus on addressing the high latency issues associated with S3 storage in stream processing systems that employ a decoupled compute and storage architecture. We delve into the root causes of latency in this context and explore various techniques to minimize the impact of S3 latency on stream processing performance. Our proposed approach is to implement a tiered storage mechanism that leverages a blend of high-performance and low-cost storage tiers to reduce data movement between the compute and storage layers while maintaining efficient processing.
Throughout the talk, we will present experimental results that demonstrate the effectiveness of our approach in mitigating the impact of S3 latency on stream processing. By the end of the talk, attendees will have gained insights into how to optimize their stream processing systems for reduced latency and improved cost-efficiency.
The Rise of Supernetwork Data Intensive ComputingLarry Smarr
Invited Remote Lecture to SC21
The International Conference for High Performance Computing, Networking, Storage, and Analysis
St. Louis, Missouri
November 18, 2021
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...Bert Blevins
Today’s digitally connected world presents a wide range of security challenges for enterprises. Insider security threats are particularly noteworthy because they have the potential to cause significant harm. Unlike external threats, insider risks originate from within the company, making them more subtle and challenging to identify. This blog aims to provide a comprehensive understanding of insider security threats, including their types, examples, effects, and mitigation techniques.
Support en anglais diffusé lors de l'événement 100% IA organisé dans les locaux parisiens d'Iguane Solutions, le mardi 2 juillet 2024 :
- Présentation de notre plateforme IA plug and play : ses fonctionnalités avancées, telles que son interface utilisateur intuitive, son copilot puissant et des outils de monitoring performants.
- REX client : Cyril Janssens, CTO d’ easybourse, partage son expérience d’utilisation de notre plateforme IA plug & play.
INDIAN AIR FORCE FIGHTER PLANES LIST.pdfjackson110191
These fighter aircraft have uses outside of traditional combat situations. They are essential in defending India's territorial integrity, averting dangers, and delivering aid to those in need during natural calamities. Additionally, the IAF improves its interoperability and fortifies international military alliances by working together and conducting joint exercises with other air forces.
Coordinate Systems in FME 101 - Webinar SlidesSafe Software
If you’ve ever had to analyze a map or GPS data, chances are you’ve encountered and even worked with coordinate systems. As historical data continually updates through GPS, understanding coordinate systems is increasingly crucial. However, not everyone knows why they exist or how to effectively use them for data-driven insights.
During this webinar, you’ll learn exactly what coordinate systems are and how you can use FME to maintain and transform your data’s coordinate systems in an easy-to-digest way, accurately representing the geographical space that it exists within. During this webinar, you will have the chance to:
- Enhance Your Understanding: Gain a clear overview of what coordinate systems are and their value
- Learn Practical Applications: Why we need datams and projections, plus units between coordinate systems
- Maximize with FME: Understand how FME handles coordinate systems, including a brief summary of the 3 main reprojectors
- Custom Coordinate Systems: Learn how to work with FME and coordinate systems beyond what is natively supported
- Look Ahead: Gain insights into where FME is headed with coordinate systems in the future
Don’t miss the opportunity to improve the value you receive from your coordinate system data, ultimately allowing you to streamline your data analysis and maximize your time. See you there!
Best Programming Language for Civil EngineersAwais Yaseen
The integration of programming into civil engineering is transforming the industry. We can design complex infrastructure projects and analyse large datasets. Imagine revolutionizing the way we build our cities and infrastructure, all by the power of coding. Programming skills are no longer just a bonus—they’re a game changer in this era.
Technology is revolutionizing civil engineering by integrating advanced tools and techniques. Programming allows for the automation of repetitive tasks, enhancing the accuracy of designs, simulations, and analyses. With the advent of artificial intelligence and machine learning, engineers can now predict structural behaviors under various conditions, optimize material usage, and improve project planning.
Paradigm Shifts in User Modeling: A Journey from Historical Foundations to Em...Erasmo Purificato
Slide of the tutorial entitled "Paradigm Shifts in User Modeling: A Journey from Historical Foundations to Emerging Trends" held at UMAP'24: 32nd ACM Conference on User Modeling, Adaptation and Personalization (July 1, 2024 | Cagliari, Italy)
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfNeo4j
Presented at Gartner Data & Analytics, London Maty 2024. BT Group has used the Neo4j Graph Database to enable impressive digital transformation programs over the last 6 years. By re-imagining their operational support systems to adopt self-serve and data lead principles they have substantially reduced the number of applications and complexity of their operations. The result has been a substantial reduction in risk and costs while improving time to value, innovation, and process automation. Join this session to hear their story, the lessons they learned along the way and how their future innovation plans include the exploration of uses of EKG + Generative AI.
Are you interested in dipping your toes in the cloud native observability waters, but as an engineer you are not sure where to get started with tracing problems through your microservices and application landscapes on Kubernetes? Then this is the session for you, where we take you on your first steps in an active open-source project that offers a buffet of languages, challenges, and opportunities for getting started with telemetry data.
The project is called openTelemetry, but before diving into the specifics, we’ll start with de-mystifying key concepts and terms such as observability, telemetry, instrumentation, cardinality, percentile to lay a foundation. After understanding the nuts and bolts of observability and distributed traces, we’ll explore the openTelemetry community; its Special Interest Groups (SIGs), repositories, and how to become not only an end-user, but possibly a contributor.We will wrap up with an overview of the components in this project, such as the Collector, the OpenTelemetry protocol (OTLP), its APIs, and its SDKs.
Attendees will leave with an understanding of key observability concepts, become grounded in distributed tracing terminology, be aware of the components of openTelemetry, and know how to take their first steps to an open-source contribution!
Key Takeaways: Open source, vendor neutral instrumentation is an exciting new reality as the industry standardizes on openTelemetry for observability. OpenTelemetry is on a mission to enable effective observability by making high-quality, portable telemetry ubiquitous. The world of observability and monitoring today has a steep learning curve and in order to achieve ubiquity, the project would benefit from growing our contributor community.
Measuring the Impact of Network Latency at TwitterScyllaDB
Widya Salim and Victor Ma will outline the causal impact analysis, framework, and key learnings used to quantify the impact of reducing Twitter's network latency.
Measuring the Impact of Network Latency at Twitter
Domino Security - not knowing is not an option (2016 edition)
1. Darren Duke
Janitor Level 57 56
Simplified Technology Solutions, Inc
Domino Security - not knowing is not an option
Updated and all new
(well, some new)
2. 10,000 feet view
•What we’ll (hopefully) cover
•Server Security
•SSL/TLS/SHA2
•Reverse Proxies
•Testing
•Antivirus settings on the client and server
3. 1 Slide Review
•Get a SHA2 certificate
•Remove any SSLCipherSpec settings from notes.ini
•Upgrade to 9.0.1 FP6 IFx
•Restart HTTP
•Get a “B” on SSL Labs
•Ignore the rest of this presentation
•But you’ll miss a lot of snark……And how to get an “A+”
4. About Me
• I’m just a poor boy
• From a poor family
• He’s just a poor boy from a poor family
• Spare him his life from this monstrosity
• Easy come, easy go, will you let me go
5. About Me
• AKA my favorite slide
• Started with “Lotus Notes” in R3
• Yes, really….R3
• That means 1996
• Yes, really….1996
• Founder of STS (2005) based in Atlanta
• Sometime blogger, ranting Tweeter, ex-co-host of This Week In
Lotus, Speaker (?), soon to be born-again podcaster
• http://blog.darrenduke.net
• Twitter @darrenduke
6. Disclaimer
• Everything in MY presentations are REAL
– Except maybe the 9.0.1 FP7 parts
– No real need to have lawyers interject a crappy slide here
– But as not having unreadable garbage on this slide may diminish my
professional reputation, here you go
• Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed rhoncus interdum leo, in aliquet velit mattis porttitor. Mauris vestibulum suscipit aliquam.
Suspendisse sed euismod eros. Vestibulum pharetra vestibulum fermentum. Phasellus malesuada maximus libero, sit amet egestas justo vestibulum non. Vivamus at nisl
id est consectetur sodales vitae nec quam. Nunc et consectetur nibh.
• Cras nec ultricies risus. Maecenas condimentum, tortor at venenatis elementum, lectus turpis mattis enim, et egestas nisl sem et turpis. Vivamus blandit tristique tortor,
eu cursus augue. Donec lacinia mi id malesuada lobortis. Vivamus tristique, tellus id tincidunt feugiat, justo nulla commodo risus, in commodo enim augue non metus.
Proin varius rutrum velit, ac pretium lorem efficitur a. Nulla non sem arcu. Suspendisse eleifend dui at lacus scelerisque, et scelerisque elit accumsan. Nullam eu iaculis
nibh. Etiam ac diam quis mauris tincidunt bibendum. Pellentesque eleifend laoreet ultricies. Cras sollicitudin, quam vel fermentum ullamcorper, nisl metus volutpat odio,
et lobortis eros eros id leo. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur sollicitudin ac massa efficitur eleifend.
• Cras orci lorem, tempus quis maximus ut, fermentum sit amet odio. Integer dolor diam, ullamcorper sit amet dignissim eu, facilisis rhoncus erat. In condimentum viverra
accumsan. Maecenas metus mi, porta non augue nec, finibus finibus arcu. Integer quis augue quis massa fringilla ullamcorper feugiat et massa. Aenean et neque ante.
Nam tristique elementum ipsum, ac tempus lorem euismod vitae. Ut ornare enim a nibh tincidunt cursus. Suspendisse at enim sodales, ullamcorper justo vitae, semper
lectus. Nullam ex felis, sollicitudin vel lacinia quis, ultricies cursus turpis. Nullam elementum blandit risus vel porta. Nullam tempus eget augue a fringilla. Class aptent
taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos.
• Integer a ipsum a nisl eleifend dapibus. Nunc porttitor mi quis urna euismod consectetur. Donec placerat nisl gravida odio lacinia, non scelerisque urna aliquam. Sed dolor
justo, varius id fermentum ut, fermentum ac mi. Curabitur eu sollicitudin nunc. Proin sodales, metus non dictum mollis, justo lectus sagittis quam, elementum fringilla est
erat nec felis. Sed non euismod lorem, in hendrerit arcu. Donec eu euismod metus. Cras justo est, faucibus ut posuere quis, viverra a dolor.
• Sed gravida velit lacus, sed volutpat metus venenatis quis. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Donec iaculis accumsan
ante eget porta. Duis sit amet commodo velit. Integer est tortor, euismod congue sem quis, lobortis convallis erat. Aliquam erat volutpat. Mauris pretium rutrum
interdum. Nullam non magna nunc.
• Generated 5 paragraphs, 408 words, 2794 bytes of Lorem Ipsum
7. SHA2
•SHA = Security Hashing Algorithm
•Each SSL certificate is either SHA1 or SHA2
•SHA2 far more secure than SHA1
•SHA1 is dead. Browsers now have issues with SHA1.
•SHA2 Support in Domino
•If you are on 8.5.3, upgrade to 9.0.1 or put a proxy in front of it
•For 9.0.1 FP3+ you can now create SHA2 CSR’s and import SHA2
certificates in Domino. Go to at least 9.0.1 FP5
•This is a very different process than what you are used to
•See Gab’s excellent step-by-step on how to do this:
–http://turtleblog.info/2015/06/22/creating-sha-2-4096-ssl-certificates-for-
domino/
–http://www-01.ibm.com/support/docview.wss?uid=swg21418982
8. Server Security SSL/TLS/SHA2
•SSLv3 is dead (SSLv2 has been dead for a long time)
•Unless you need it for SMTP STARTTLS compatibility
•Disable it if you can (you can….no really, you can)
•Server notes.ini DISABLE_SSLV3=1
9. Server Security SSL/TLS/SHA2
•TLS is King, long live the King
–TLS 1.0 via IF for the following releases
•With 8.5.3 FP6
•9.0
•9.0.1 FP2+
–TLS 1.2 for
•9.0.1 FP3 (plus IF)
•9.0.1 FP4+
•Perfect Forward Secrecy/HSTS
•Additional (more secure) ciphers
•SHA2
10. Server Security SSL/TLS/SHA2
•Don’t forget Perfect Forward Secrecy
•In cryptography, forward secrecy (FS; also known as perfect forward
secrecy, or PFS) is a property of key-agreement protocols ensuring that
a session key derived from a set of long-term keys cannot be
compromised if one of the long-term keys is compromised in the
future. (via wikipedia)
•Domino now supports it as of 9.0.1 FP3 IF2/3 and higher
•The data is secure even of the server private key is compromised in the
future
•This is a good thing. Use it.
11. Server Security SSL/TLS/SHA2
•Don’t forget HSTS
•HTTPS Strict Transport Security
•It allows web servers to declare that web browsers (or other complying
user agents) should only interact with it using secure HTTPS connections,
and never via the insecure HTTP protocol (via wikipedia)
•Domino now supports HSTS as of 9.0.1 FP4+
•Add these to the server notes.ini
–HTTP_HSTS_INCLUDE_SUBDOMAINS=1
–HTTP_HSTS_MAX_AGE=63072000
•Will get you an A+ on SSL Labs with Domino native HTTP stack
•Also see https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/domino-adds-
hsts-to-its-security-arsenal.htm
12. Server Security SSL/TLS/SHA2
•Don’t forget OSCP Stapling
•What is it?
•OCSP stapling, formally known as the TLS Certificate Status Request
extension, is an alternative approach to the Online Certificate Status
Protocol (OCSP) for checking the revocation status of X.509 digital
certificates.[1] It allows the presenter of a certificate to bear the resource
cost involved in providing OCSP responses by appending ("stapling") a
time-stamped OCSP response signed by the CA to the initial TLS
Handshake, eliminating the need for clients to contact the CA
•Go faster strips for HTTPS connections
•Domino now supports OSCP Stapling as of 9.0.1 FP4+
•To configure see
– https://blog.darrenduke.net/Darren/DDBZ.nsf/dx/supercharge-your-
domino-servers-with-ocsp-stapling-real-go-faster-stripes.htm
13. Server Security SSL/TLS/SHA2
•SMTP with STARTTLS
•You fix a lot of problems with
•Server notes.ini SSL_ENABLE_INSECURE_SSLV2_HELLO=1
•Ciphers
–No longer controlled in the Server/Internet doc (9.0.1). Now a
notes.ini, but you don’t really need to anymore
–Domino server now dictates the preferred cipher list
•For < 9.0.1 FP3 Server notes.ini SSLCipherSpec=AABBCCDDEE..ZZ
•Just upgrade to FP4+ and remove the SSLCipherSpec setting
•For all TLS 1.2 options see
–http://www-10.lotus.com/ldd/dominowiki.nsf/dx/TLS_1.2
–http://www-10.lotus.com/ldd/dominowiki.nsf/dx/TLS_Cipher_Configuration
read this one!!
14. Server Security SSL/TLS/SHA2
•If you org only wants to allow TLS 1.2
•You can disable TLS 1.0 (and obviously SSLv3)
•Server notes.ini SSL_DISABLE_TLS_10
–This could cause SMTP STARTTLS issues so beware
–All recent browsers have TLS 1.2 enabled by default now
•Older browsers (IE on XP) may not
15. Reverse Proxies
•What is a Reverse Proxy?
•In computer networks, a reverse proxy is a type of proxy server that
retrieves resources on behalf of a client from one or more servers.
These resources are then returned to the client as though they
originated from the proxy server itself - Wikipedia
16. Reverse Proxies
•Benefits
•You can handle more than one web server per proxy
•Reduce (potential attack) surface area
SSL offloading
•Have the reverse proxy handle all your SSL/TLS
•When security issue detected, one place to fix
–Security
•Hide version/platform/application from the browser
•No direct access to backend servers
•Restrict URL access to Domino for only required URLs for
–iNotes
–Traveler
–Domino web applications (allow Quickr to work with “modern browsers”
–Load balancing
•Provide HA for iNotes, Traveler, etc
17. Reverse Proxies
•The Proxies
•NGINX (pronounced Engine X)
•Most popular today, used by Netflix, Zappos, et al
•Open source
•Can do mail and other TCP connections, not just HTTP(S)
–IMAP
–SMTP (including STARTTLS)
–Apache
•Most famous
•Open source
•I have a free Apache VM using Ubuntu you can use as starting point:
–http://blog.darrenduke.net/darren/ddbz.nsf/dx/here-is-a-freely-available-
vm-to-reverse-proxy-domino-shoot-the-poodle.htm
–I would normally use HAProxy in addition to the above to provide HA
functions (on the same Linux Ubuntu server)
18. Reverse Proxies
•The Proxies
•IBM HTTP Server (IHS)
•No longer recommended by IBM as a front end to Windows Domino
Servers
–Was in 9.0
–But only on Windows
•Never extended to other platforms
–Shocker, I know
–This was IBM’s original fix in Domino 9 to add TLS1.0
•Don’t do this anymore
–Websphere Edge Proxy
•It has the word “Websphere” in the title so won’t touch it unless
someone connects a car battery to my genitals
19. Reverse Proxies
•The Real Reason to use a Proxy
•With a Proxy you may have avoided SSLv3 and this:
Date Spec Released Date IBM Added to
Domino
Time Taken by IBM
(in years)
TLS 1.0 1999 2014* 15
TLS 1.2 2008 2015 7
PFS 2011* 2015 4
20. Testing
•So you *think* you’re secure? OK…..
•Testing is what elevates belief to evidence
•QualSYS SSL Labs test site for web sites
•https://www.ssllabs.com/ssltest/
•Scan a server, get a grade
•Will take a few minutes
•Also lists potential remediation
•Tons of useful information
•If you get a “A” or higher you’re good
•Scan every quarter or so. Things change!
•Use on sites other that your own
•Be scared. Be real scared.
22. Testing
• Here is an iNotes server via SSL on Domino native (no proxy)
23. Testing
• A Note about Windows XP/2003 with IE Support and ciphers
– I know, you have a plan to get off XP and 2003
– No, really, we believe you
– Yes, I know you need to sunset your Windows 98 SE workstations
first….
– Most people think you need RC4 to support XP with IE
– YOU DON’T!!!
• 3DES will provide support for XP/2003 with IE
• Domino now enables RC4 ONLY if TLS 1.2 is disabled
• Chrome and FF on XP can do better than 3DES
• The issue with embedding a browser into an OS…..
24. Testing
• Test SMTP STARTTLS at CheckTLS.com
– https://www.checktls.com/testreceiver.html
– Test both send and receive
• Receive
25. Testing
• Send
– You send email with a code in it, CheckTLS then replies to you with
the transaction
26. Antivirus Settings (OS)
•Domino Server Exclusions
•Transaction Logs
•Domino Data
•DAOS repository
•View Rebuild Dir folder
–See https://www-
304.ibm.com/support/docview.wss?uid=swg21417504
•Notes Client Exclusions
–Notesframework
–Notesdataworkspace.configorg.eclipse.osgi
–JAR files
–See http://www-
01.ibm.com/support/docview.wss?uid=swg21407945
27. Antivirus Settings (OS)
• But Darren, what about when my users click on a virus infested
email attachment?
• IBM Notes and Attachments
– All Notes attachments are saved to %TEMP% on Windows
– So long as the OS AV has real time scanning of %TEMP% you are
safe
– Remember, %TEMP% could be different per user
28. Securing LDAP
•Using DA to AD for internet passwords?
–Also secure this otherwise your users AD passwords are going from
Domino to AD in plain text
–Just checking the box in DA.NSF is not sufficient!!!!
–You also need to import your AD server SSL certificate in your
server.id file
•See http://blog.darrenduke.net/Darren/DDBZ.nsf/dx/solution-domino-
directory-assistance-to-active-directory-when-using-ssl-does-not-break-
with-9.0.1-fp4.htm for details on how to do this (it’s really not obvious)
29. Arriving in 9.0.1 FP7
•Java
•Java 8 support
•First to the server, then a few “weeks” later to the client
30. Arriving in 9.0.1 FP7
•Notes NRPC Port Security
•AES support
•It’s currently 128 bit RC4
•Which you could find out in technote 1097816
–BUT IBM DELETED IT
•I would expect 128 bit AES, with maybe an option to enable 256 bit AES
31. Speaking of Fix Packs
•As a general rule, the newer the FP and the newer the IF, the more
secure your server or client will be
•Fix Packs are cumulative. FP6 contains FP5 *and* some new stuff
•IBM are most likely changing the nomenclature around fix packs in the
next few months
•I doubt this includes making them easier to find on PPA or FC though
•Strongly consider going to 9.0.1 FP5/6
•SHA2
•TLS 1.2/PFS/much higher quality ciphers
•You are most likely paying for it anyway
•News Flash!!!! No new security features are coming to 9.0 or 8.5.x
•Fixpacks, IFs and Java updates are on IBM Fix Central
32. SAML
•Security Assertion Markup Language
•Allows Notes users to go password-less
•This can be a huge selling point
•Can also be set up so that the Notes ID is never stored on the
user’s PC
•It gets downloaded and stored in memory each time the user starts
Notes (well…..)
•User NEVER has to enter password
•You need 9.0.1, ID Vault, patience
•No password = no post-it note with
password written on it!
33. Knowledge is Power
•Forewarned is forearmed and there are resources that allow you
to be pro-active
•IBM My Notifications
•Sign up to receive emails from IBM on new product releases, fix packs,
etc
•See http://blog.darrenduke.net/Darren/DDBZ.nsf/dx/do-you-subscribe-
to-the-ibm-daily-product-update-newletter-you-should.htm for details on
setting up
34. Knowledge is Power
•Forewarned is forearmed and there are resources that allow you
to be pro-active
–US CERT weekly email
•Be afraid, be very afraid (especially of Flash, Acrobat, AIR and Java)
•See https://www.us-cert.gov/ to sign up
35. Disable Things
•Anything you don’t use, disable. Anything you don’t need, disable
•Need POP3 or IMAP? No?
•Not having it in the Notes.ini will not start those tasks….BUT…
•They can still be started
•load pop3
–This is not sufficient, disable it in the Domino Directory
•Now load pop3 won’t actually load anything
36. Notes/Domino Port Encryption
•For Domino server to server or Notes client to server
communication
•Turn on at one end, works at both
•128 bit RC4 encryption
•128 bit AES will may surface in 9.0.2 9.0.1 FP7
–WAN accelerators don’t link this
–Still, provides more then adequate channel encryption for almost
organization
–Test via a trace in the Notes Client
or the Server console
37. The END
• It’s security so there are no stupid questions, just compromised
servers
• Q&A time
• @DarrenDuke on Twitter
• https://blog.darrenduke.net
• info@simplified-tech.com to hire me. Which you should. I’m
hillerious