WebVeta - Advanced, unified, consistent search for your website(s), from content of your website(s), blogs(s). First 50 customers, who sign-up prior to 15/05/2024 get unlimited access to existing features, newer features for at least 1 year. Sign up now! https://webveta.alightservices.com/
Categories
.Net C#

Live C# development session – 1

In this video, I explained the purpose and kind of setup the basic application architecture. More videos would be done soon.

I don’t have any fake aliases, nor any virtual aliases like some of the the psycho spy R&AW traitors of India. NOT associated – “ass”, eass, female “es”, “eka”, “ok”, “okay”, “is”, “erra”, yerra, karan, kamalakar, diwakar, kareem, karan, sowmya, zinnabathuni, bojja srinivas (was a friend and batchmate 1998 – 2002), mukesh golla (was a friend and classmate 1998 – 2002), thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s or Arumilli srinivas or Arumilli uttam (may be they are part of a different Arumilli family – not my family).

Mr. Kanti Kalyan Arumilli

Arumilli Kanti Kalyan, Founder & CEO
Arumilli Kanti Kalyan, Founder & CEO

B.Tech, M.B.A

Facebook

LinkedIn

Threads

Instagram

Youtube

Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

ALight Technologies USA Inc

Youtube

Facebook

LinkedIn

Phone / SMS / WhatsApp on the following 3 numbers:

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

+44-33-3303-1284 (Preferred number if calling from U.K, No WhatsApp)

kantikalyan@gmail.com, kantikalyan@outlook.com, admin@alightservices.com, kantikalyan.arumilli@alightservices.com, KArumilli2020@student.hult.edu, KantiKArumilli@outlook.com and 3 more rarely used email addresses – hardly once or twice a year.

Categories
Security

ELK stack for centralized logging and monitoring

I have mentioned in previous blog articles about centralized logging and monitoring. I have experimented with various metrics collection tools and log tools. Currently all the logs are being ingested i.e collected but no proper analysis.

I have read about ELK stack and based on the articles and the availability of plugins, seems like ELK stack is the perfect choice.

Over the next few weeks I would be implementing ELK stack and would definitely share some knowledge.

In the past I have mentioned about the NIST Cyber Security Framework and as part of implementing NIST Cyber Security Framework and improving the security at ALight Technology And Services Limited, additional logging, monitoring and alerting systems are being implemented i.e ALight Technology And Services Limited’s stance when it comes to Cyber Security is hardened security is the top most priority before any kind of consumer / customer data is stored. This helps ALight Technology And Services Limited’s long term vision of providing several B2B, B2C free, paid and freemium products.

I don’t have any fake aliases, nor any virtual aliases like some of the the psycho spy R&AW traitors of India. NOT associated – “ass”, eass, female “es”, “eka”, “ok”, “okay”, “is”, “erra”, yerra, karan, kamalakar, diwakar, kareem, karan, sowmya, zinnabathuni, bojja srinivas (was a friend and batchmate 1998 – 2002), mukesh golla (was a friend and classmate 1998 – 2002), thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s or Arumilli srinivas or Arumilli uttam (may be they are part of a different Arumilli family – not my family).

Mr. Kanti Kalyan Arumilli

Arumilli Kanti Kalyan, Founder & CEO
Arumilli Kanti Kalyan, Founder & CEO

B.Tech, M.B.A

Facebook

LinkedIn

Threads

Instagram

Youtube

Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

ALight Technologies USA Inc

Youtube

Facebook

LinkedIn

Phone / SMS / WhatsApp on the following 3 numbers:

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

+44-33-3303-1284 (Preferred number if calling from U.K, No WhatsApp)

kantikalyan@gmail.com, kantikalyan@outlook.com, admin@alightservices.com, kantikalyan.arumilli@alightservices.com, KArumilli2020@student.hult.edu, KantiKArumilli@outlook.com and 3 more rarely used email addresses – hardly once or twice a year.

Categories
Security

The need for serious security I.T, current state of a sophisticated spies / hackers equipment

I wanted to do a live coding session for a little security utility / tool but ended up showing several things, the need for such a tool and talked about the sophisticated spies / hackers equipment. I will definitely do some live coding and open source the tool.

Categories
Security

An approach for securing some sensitive content

In the past I have mentioned about having proper MFA enabled VPN in some of my Youtube videos on ALight Technology And Service’s official Youtube channel (https://www.youtube.com/@alighttechnologyandservicesltd), I have come across a free VPN known as Pritunl, and Pritunl has SSO support and YubiKey support as per the documentation located here. However there is a glaring security issue in the setup process. The passwords and keys are generated and shown in plain text. This is a very big problem. So, I thought I would create a set of two tools that would do the following:

Tool-1 (on the server):

  1. Accepts a Key, IV i.e prompts for Key and IV, but when these are entered, the tool would not display the values i.e does not output the key and IV entered on the screen (more like prompting for a password).
  2. Prompts for a command to run
  3. Executes the command, captures the standard output and standard input.
  4. If there is a error – displays on the screen
  5. If no error, encrypts the standard output and displays on screen.

Tool-2 (on the clientside – on the laptop)

  1. Generate a IV, Key for symmetric encryption.
  2. Copy the Key to clipboard when required (button click for Windows application or some kind of console press key)
  3. Copy the IV to clipboard when required
  4. Accept a block of string, decrypt and copy the plaintext into clipboard.
  5. Whenever anything is copied into clipboard, automatically clear clipboard after a configurable time such as 10 or 20 seconds.

With these 2 tools, I can generate a new Key, IV pair, launch the server tool, input the key, IV. Then I can run some command, get the keys or passwords generated by commands encrypted and displayed. I can copy the outputted value on server into the desktop app, then decrypt and use wherever I want.

These are tools not necessary everyday but definitely necessary, especially if being targeted by hackers, spies and ransom asking goons (aka takers / all). I am considering open sourcing the code for these 2 tools. This code can also serve as an introduction to symmetric encryption in C#. The code would also have some usage of System.Diagnostics.Process class. I might even do a live coding session, shouldn’t take longer than 15 – 20 minutes. If I do a live coding session, I would explain the concepts.

I don’t have any fake aliases, nor any virtual aliases like some of the the psycho spy R&AW traitors of India. NOT associated – “ass”, eass, female “es”, “eka”, “ok”, “okay”, “is”, “erra”, yerra, karan, kamalakar, diwakar, kareem, karan, sowmya, zinnabathuni, bojja srinivas (was a friend and batchmate 1998 – 2002), mukesh golla (was a friend and classmate 1998 – 2002), thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s or Arumilli srinivas or Arumilli uttam (may be they are part of a different Arumilli family – not my family).

Mr. Kanti Kalyan Arumilli

Arumilli Kanti Kalyan, Founder & CEO
Arumilli Kanti Kalyan, Founder & CEO

B.Tech, M.B.A

Facebook

LinkedIn

Threads

Instagram

Youtube

Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

ALight Technologies USA Inc

Youtube

Facebook

LinkedIn

Phone / SMS / WhatsApp on the following 3 numbers:

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

+44-33-3303-1284 (Preferred number if calling from U.K, No WhatsApp)

kantikalyan@gmail.com, kantikalyan@outlook.com, admin@alightservices.com, kantikalyan.arumilli@alightservices.com, KArumilli2020@student.hult.edu, KantiKArumilli@outlook.com and 3 more rarely used email addresses – hardly once or twice a year.

Categories
.Net C#

Some useful C# code snippets:

I have shown some code and discussed some general best practices earlier this morning in a live Youtube video – Some C# reusable code snippets (https://www.youtube.com/watch?v=9SyZjDukvhE) in ALight Technology And Service’s official Youtube channel (https://www.youtube.com/@alighttechnologyandservicesltd). As promised in the video, this blog post has the code snippets.

Some C# reusable code snippets

Concept – 1:

Centralizing config generation into a re-usable library, having a wrapper class around reading the config. Now the consuming classes do not need to know the details of where or how to get config values. For example, the config can be stored in plain-text / encrypted, can be stored in text files or something like AWS Secrets Manager.

public static void GenerateConfig()
{
    var retVal = new ConfigurationBuilder()
                .SetBasePath(Directory.GetCurrentDirectory())
                .AddJsonFile(<ConfigFile>, optional: false, reloadOnChange: true)
                .AddJsonFile(<ConfigFile2>, optional: false, reloadOnChange: true)
                .AddEnvironmentVariables()
                .Build();

    ConfigHelper.Configuration = retVal;
}

Code for converting DateTime into Unix epoch and back to DateTime

private static DateTime epoch = new DateTime(1970, 1, 1, 0, 0, 0);

public static long GetUNIXDate(DateTime value)
{
    return (Int64)value.Subtract(epoch).TotalSeconds;
}

public static DateTime GetNormalDateFromUnix(long value)
{
    return epoch.AddSeconds(value);
}

Code for determining if a string consists entirely of ASCII text or not

public static bool IsASCII(this string value)
{
    return Encoding.UTF8.GetByteCount(value) == value.Length;
}

Code for removing non-ASCII characters and retrieving just the ASCII characters from a string

private static readonly Regex asciiRegex = new Regex(@"[^\u0000-\u007F]+", RegexOptions.Compiled);

public static string GetASCIIOnly(string value)
{
    if (value == null) return String.Empty;
    return asciiRegex.Replace(value, String.Empty);
}

Code for getting a smaller chunk of a long string and if necessary append … at the end – useful on web pages showing first few characters of a longer text.

public static string GetSnippet(string value, int length, bool appendDots)
{
    if (String.IsNullOrWhiteSpace(value)) return String.Empty;

    if (value.Length < length - 3) return value;

    if (appendDots)
    {
        return $"{value.Substring(0, length - 3)}...";
    }
    else
    {
        return value.Substring(0, length);
    }
}

I don’t have any fake aliases, nor any virtual aliases like some of the the psycho spy R&AW traitors of India. NOT associated – “ass”, eass, female “es”, “eka”, “ok”, “okay”, “is”, “erra”, yerra, karan, kamalakar, diwakar, kareem, karan, sowmya, zinnabathuni, bojja srinivas (was a friend and batchmate 1998 – 2002), mukesh golla (was a friend and classmate 1998 – 2002), thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s or Arumilli srinivas or Arumilli uttam (may be they are part of a different Arumilli family – not my family).

Mr. Kanti Kalyan Arumilli

Arumilli Kanti Kalyan, Founder & CEO
Arumilli Kanti Kalyan, Founder & CEO

B.Tech, M.B.A

Facebook

LinkedIn

Threads

Instagram

Youtube

Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

ALight Technologies USA Inc

Youtube

Facebook

LinkedIn

Phone / SMS / WhatsApp on the following 3 numbers:

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

+44-33-3303-1284 (Preferred number if calling from U.K, No WhatsApp)

kantikalyan@gmail.com, kantikalyan@outlook.com, admin@alightservices.com, kantikalyan.arumilli@alightservices.com, KArumilli2020@student.hult.edu, KantiKArumilli@outlook.com and 3 more rarely used email addresses – hardly once or twice a year.

Categories
.Net Architecture C#

Some C# reusable code snippets – Video

Some C# reusable code snippets – Video

Categories
Welcome

Introduction to collectd for metrics

As I have mentioned in a previous blog post – Business activities would continue normal, the primary focus right now is enhancing monitoring and alerting. The strategy is to have a centralized logging and monitoring. Then anomaly detection and alerts. As part of this effort, I came across an excellent utility known as collectd. This tool is easy to install and configure. An alternate is statsd.

I have been looking for metric tools i.e servers that are lightweight, easy to configure and can be easily used from C# applications i.e I want to ingest metrics from my C# applications and consume from C# applications. collectd has GRPC plugin, this would mean a GRPC application can be developed in any programming language. I would definitely provide some code examples for ingesting metrics and reading metrics in the future. For now this is a getting started with collectd blog post.

The installation instructions are bit messed up for collectd, specifically the service file of collectd needs to be manually edited based upon your installation location. As of now, I am collecting some simpler metrics, but there are some plugins that would allow for enhanced metrics gathering.

All the logs are being ingested into AWS CloudWatch. Now, I would be developing some dashboards for monitoring, setting up alerting rules etc… I don’t like existing monitoring front-ends due to very less security restrictions. I want my dashboard to be very secure.

Based on collectd – wiki – first steps here is a summary of installation procedure:

The list of library dependencies for plugins can be found here: README

> sudo apt-get install build-essential
// Install any necessary dependency libraries of plugins, I have installed the following
> sudo apt-get install libgrpc-dev libiptc-dev libmysqlclient-dev libprotobuf-dev libprotobuf-c-dev
> cd cd /tmp/
> wget https://storage.googleapis.com/collectd-tarballs/collectd-5.12.0.tar.bz2
> tar jxf collectd-5.12.0.tar.bz2
> cd collectd-5.12.0
> ./configure
> make all install
> sudo nano /opt/collectd/etc/collectd.conf

I have enabled logfile, syslog, cpu, csv, df, disk, load, memory, swap, uptime, users plugins. These plugins require very less configuration. For csv specify an directory in configuration, for logfile specify a file.

The following was for Ubuntu, but based upon your system edit the collectd.service file. Look for the proper location of the config file, binary and then enable and start the service. On Ubuntu:

Service file: /lib/systemd/system/collectd.service

Configuration file: /opt/collectd/etc/collectd.conf

Binary: /opt/collectd/sbin/collectd

I don’t have any fake aliases, nor any virtual aliases like some of the the psycho spy R&AW traitors of India. NOT associated – “ass”, eass, female “es”, “eka”, “ok”, “okay”, “is”, “erra”, yerra, karan, kamalakar, diwakar, kareem, karan, sowmya, zinnabathuni, bojja srinivas (was a friend and batchmate 1998 – 2002), mukesh golla (was a friend and classmate 1998 – 2002), thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s or Arumilli srinivas or Arumilli uttam (may be they are part of a different Arumilli family – not my family).

Mr. Kanti Kalyan Arumilli

Arumilli Kanti Kalyan, Founder & CEO
Arumilli Kanti Kalyan, Founder & CEO

B.Tech, M.B.A

Facebook

LinkedIn

Threads

Instagram

Youtube

Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

ALight Technologies USA Inc

Youtube

Facebook

LinkedIn

Phone / SMS / WhatsApp on the following 3 numbers:

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

+44-33-3303-1284 (Preferred number if calling from U.K, No WhatsApp)

kantikalyan@gmail.com, kantikalyan@outlook.com, admin@alightservices.com, kantikalyan.arumilli@alightservices.com, KArumilli2020@student.hult.edu, KantiKArumilli@outlook.com and 3 more rarely used email addresses – hardly once or twice a year.

Categories
.Net C#

File tailer in C#

As mentioned in a previous post – Cancelling all activities at ALight Technology And Services Limited. I am not seriously working on anything within ALight Technology And Services Limited, but I am still .Net developer. I have some internal logging and monitoring implemented. I have used Cloudwatch Agent and Promtail for ingesting logs into AWS Cloudwatch and Grafana. Both are great platforms but I wanted to implement a similar tool in C#. Here is some sample code, explanation capable of doing something similar.

First store the name of file, Creation Date, Size, Last Modified Date. These can be accessed from FileInfo object.

var fi = new FileInfo("path");
fi.CreationTimeUtc	
fi.LastWriteTimeUtc	
fi.Length

Now, in a loop read the file, if new file i.e CreationTime is different read from beginning. If Length or LastWriteTime are different but same CreationTime, do a seek.

long seek = 0;

while(<some condition>)
{
   using(sr = new StreamReader(fi.OpenRead()){
      sr.BaseStream.Seek(seek, SeekOrigin.Begin);
      var data = await sr.ReadToEndAsync();
      seek += data.Length;
      // Do something with data
      // Store filename, seek in some persistent storage like a file
}

The above code block shows some sample code for using seek, we would store the variable seek along with FileCreation, Update, Length. Even if the application is restarted, the application would work properly.

I don’t have any fake aliases, nor any virtual aliases like some of the the psycho spy R&AW traitors of India. NOT associated – “ass”, eass, female “es”, “eka”, “ok”, “okay”, “is”, “erra”, yerra, karan, kamalakar, diwakar, kareem, karan, sowmya, zinnabathuni, bojja srinivas (was a friend and batchmate 1998 – 2002), mukesh golla (was a friend and classmate 1998 – 2002), thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s or Arumilli srinivas or Arumilli uttam (may be they are part of a different Arumilli family – not my family).

Mr. Kanti Kalyan Arumilli

Arumilli Kanti Kalyan, Founder & CEO
Arumilli Kanti Kalyan, Founder & CEO

B.Tech, M.B.A

Facebook

LinkedIn

Threads

Instagram

Youtube

Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

ALight Technologies USA Inc

Youtube

Facebook

LinkedIn

Phone / SMS / WhatsApp on the following 3 numbers:

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

+44-33-3303-1284 (Preferred number if calling from U.K, No WhatsApp)

kantikalyan@gmail.com, kantikalyan@outlook.com, admin@alightservices.com, kantikalyan.arumilli@alightservices.com, KArumilli2020@student.hult.edu, KantiKArumilli@outlook.com and 3 more rarely used email addresses – hardly once or twice a year.

Categories
Security Wordpress

How I secured my wordpress account!

Cross post – https://kantikalyan.medium.com/how-i-secured-my-wordpress-account-d162f1c0934c

On December 22nd at 17:45 India Standard Time (12:15 GMT / 07:15 EST), I am doing a live video on showing the security. That’s why they were not able to hack my WordPress although they had a very powerful spying / hacking equipment.

YubiKey Bio:

I have Yubikey Bio, it’s a biometric authentication USB device. Some websites support multi-factor authentication with hardware devices such as Yubikey. The difference between normal hardware keys and Yubikey Bio is the biometric authentication. With normal hardware keys anyone with access to the USB device can login, but with Yubikey Bio – biometric authentication happens i.e Yubikey Bio verifies fingerprint.

Nextend Social Login Plugin for WordPress:

Nextend Social Login Plugin – This plugin allows me to login via Google. There is a little setup in GCP console. But ultimately allows me to use Google login. I have configured in such a way that only admin@alightservices.com is allowed to login using Google authentication. I have secured my Google login to use Yubikey Bio.

Duo Two-Factor Authentication:

Duo Two-Factor Authentication allows further securing the wordpress installation by using Yubikey Bio. There is a little bit of configuration to be done.

In this setup I first need to login into my Google account – admin@alightservices.com, then I am prompted for Biometric authentication. Then I login into wordpress and once again I am prompted for biometric authentication. This way no one else can login into my WordPress account.

By reviewing the logs, there have been several thousand login attempts but all of those have been thwarted with this setup. i.e even with proper password, they can get to the MFA screen but not any further.

India’s R&AW spies have a very powerful spying / hacking equipment. I think it might be invisible drone with very powerful capabilities such as recording video, audio, speakers used for whispering and even mind reading capabilities. With such a powerful hacking equipment, normal usernames and passwords are obsolete. The list of hackers/impersonators/identity thieves might include: erra surnamed people – diwakar / karan / kamalakar / karunkar / erra sowmya / erra sowjanya / zinnabathuni sowjanya / thota veera / uttam / bojja srinivas / mukesh golla / bandhavi / female identity thieves who claim to have my first name – Kanti and their helper pimp Kalyan’s (I am Kanti Kalyan Arumilli – those escorts and pimps tried to break my identity). Some of them have multiple aliases and multiple surnamed virtual identities.

I don’t have any fake aliases, nor any virtual aliases like some of the the psycho spy R&AW traitors of India. NOT associated – “ass”, eass, female “es”, “eka”, “ok”, “okay”, “is”, “erra”, yerra, karan, kamalakar, diwakar, kareem, karan, sowmya, zinnabathuni, bojja srinivas (was a friend and batchmate 1998 – 2002), mukesh golla (was a friend and classmate 1998 – 2002), thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s or Arumilli srinivas or Arumilli uttam (may be they are part of a different Arumilli family – not my family).

Mr. Kanti Kalyan Arumilli

Arumilli Kanti Kalyan, Founder & CEO
Arumilli Kanti Kalyan, Founder & CEO

B.Tech, M.B.A

Facebook

LinkedIn

Threads

Instagram

Youtube

Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

ALight Technologies USA Inc

Youtube

Facebook

LinkedIn

Phone / SMS / WhatsApp on the following 3 numbers:

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

+44-33-3303-1284 (Preferred number if calling from U.K, No WhatsApp)

kantikalyan@gmail.com, kantikalyan@outlook.com, admin@alightservices.com, kantikalyan.arumilli@alightservices.com, KArumilli2020@student.hult.edu, KantiKArumilli@outlook.com and 3 more rarely used email addresses – hardly once or twice a year.

Categories
.Net C# DailyReads

DailyReads 20/12/2022

How to Secure Passwords with BCrypt.NET

“In this article, we are going to learn how to secure passwords with BCrypt.NET to ensure we are up to the industry standards when it comes to security in our .NET environment.”

Schedule Jobs with Quartz.NET

“Recurring, background tasks are widespread and very common when building applications. These tasks can be long-running or repetitive and we don’t want to run them in the foreground, as they could affect the user’s experience of the application. So instead we must schedule these jobs to run in the background somewhere. To achieve this in .NET, we can use the Quartz.NET library to manage the creation and scheduling of these jobs.”

I don’t have any fake aliases, nor any virtual aliases like some of the the psycho spy R&AW traitors of India. NOT associated – “ass”, eass, female “es”, “eka”, “ok”, “okay”, “is”, “erra”, yerra, karan, kamalakar, diwakar, kareem, karan, sowmya, zinnabathuni, bojja srinivas (was a friend and batchmate 1998 – 2002), mukesh golla (was a friend and classmate 1998 – 2002), thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s or Arumilli srinivas or Arumilli uttam (may be they are part of a different Arumilli family – not my family).

Mr. Kanti Kalyan Arumilli

Arumilli Kanti Kalyan, Founder & CEO
Arumilli Kanti Kalyan, Founder & CEO

B.Tech, M.B.A

Facebook

LinkedIn

Threads

Instagram

Youtube

Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

ALight Technologies USA Inc

Youtube

Facebook

LinkedIn

Phone / SMS / WhatsApp on the following 3 numbers:

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

+44-33-3303-1284 (Preferred number if calling from U.K, No WhatsApp)

kantikalyan@gmail.com, kantikalyan@outlook.com, admin@alightservices.com, kantikalyan.arumilli@alightservices.com, KArumilli2020@student.hult.edu, KantiKArumilli@outlook.com and 3 more rarely used email addresses – hardly once or twice a year.