Showing posts with label Series. Show all posts
Showing posts with label Series. Show all posts

Monday, June 4, 2018

Installing and Running RavenDB on Windows and Linux

Let's install and run RavenDB on Windows and Linux and learn how it works.

On a previous post  I introduced RavenDB on this blog. On this one let's review how to install or run a standalone RavenDB instance on our machine.

On this post we will cover:
  1. Installing and running on Windows;
  2. Installing and running on Linux;
  3. Using the RavenDB console tool;
  4. Creating a new database;

Downloading RavenDB

First off, navigate to the RavenDB downloads page and download the server version for the environment you're working on. The currently supported platforms are: Windows, Linux, OSX, Raspberry PI and Docker.

To download your image, select Server, Stable and the appropriate version for your environment. Aaccept the terms, click on the .ZIP Package download button to download the image to your disk.

Running standalone RavenDB on Windows

On Windows, once the download is completed, extract all those files in a folder and you'll see two PowerShell files: run.ps1 and setup-as-service.ps1.

Open the Powershell terminal, cd into the folder you extract your files and run .\run.ps1 You'll then see some outputs the RavenDB service is emitting for us when running as a standalone instance:
A new window will open for you where you'll need to configure a cluster and/or security. For now, let's skip the cluster configuration and go with the Unsecure option. 

This configuration is enough for this demo and simple development efforts. Clicking on it, RavenDB Studio will open on the default Url: http://127.0.0.1:8080/studio/index.html.
That's it! The standalone instance is running and you can start testing RavenDB on your Windows box.

Installing on RavenDB Windows

To install you your machine,  open the PowerShell terminal as an administrator and run the setup-as-service.ps1 script.

If all goes well, you'll  have to accept the user license agreement and proceed with the instance configuration.

Note that:
  • the installation requires administrator privileges
  • will use port 8080 for "unsecure" installs or 443 for secure (options selected during the installation)

Configuring the new Instance

After installed, you'll have to configure your instance as shows the image below. For a development setup, you should be good with the Unsecure option.
Clicking on it, will prompt you for Http/Tcp ports and IP address. Leaving empty will use the defaults. Click "Restart Server" and RavenDB should be installed.

The RavenDB Service

Once installed, on Windows, we can view the service status using the Get-Service Powershell cmdlet:
Get-Service -Name RavenDB

For more information, please visit: https://ravendb.net/docs/article-page/4.0/csharp/start/installation/setup-wizard

Running standalone RavenDB on Linux

The Linux installation is similar: download your Linux image from the RavenDB downloads page, unzip it and run the script. Let's see how it works.

Download the image by selecting Linux x64 from the downloads page and download it using Firefox:
Once downloaded, extract the bz2 pkg on a local folder:

Cd into that folder and run "run.sh". I should then see:

Installing RavenDB on Linux

Installing RavenDB on Linux is very similar to Windows. You run the run.sh shell script and select the installation option on the command line.

The RavenDB Console

After installed, basic manipulation of the server can be done either by using the Raven UI (Raven Studio) or by using the console previously opened.

For example, when I type help on my shell in Fedora, I get:
From the console, You can do things like restarting/shutting down the server, like exporting/importing data, reading logs and viewing server stats. Just type the commands shown. For example, to shut the instance down, I should type: shutdown.

Creating a Database

The final needed step before touching code is to create a database. For that do: Databases -> New Database:
Enter a DB name (for example, "Blog") and click "Create"):
Clicking on that Database creates our database and takes us to the its page. From there we basically can view our documents (records), create, query, patch, view logs, stats, etc:

Next Steps

Now that RavenDB is running and the database is created, the next step is to start interacting with it. You can use either RavenDB Studio or the client Api (with C#, Java, Python, etc). For more details, check my simple introduction to RavenDB.

Don't forget that RavenDB is also available on the cloud. Check the article An in depth review of the RavenDB Cloud for more information.

Conclusion

Hope this post shows how is a simple introduction on how to install RavenDB on Windows and Linux boxes. For more information, check the official documentation.

Monday, November 20, 2017

How and why use stronger passwords

The number of online attacks increases and weak passwords is one of the main reasons. Learn how to create stronger passwords and be safer online.
Passwords are probably the most sensible aspect of our lives today. With more and more leaks happening every day, it's strongly recommended to start thinking about stronger passwords for our personal online accounts and our applications. So how can we leverage existing tools in a non-complex way to enhance our online protection?

Let's take a look.

What you should do

Let's start with simple basic tips for everyone. For starters, this is what we should be doing:
  • Using passwords with at least 8 characters;
  • Using complex passwords that include numbers, symbols, and punctuation;
  • Using a variety of passwords for different accounts or roles;
  • Using a secure password tool;

What you should not do

It's also important to remember what we should not do. For example, below I list somethings we should not be doing:
  • using dictionary words as passwords, e.g. apple, cat, Raptors, etc;
  • use sequences of characters, e.g. 3333, abcdabcd;
  • use personal information in passwords, e.g. your birthdate;
  • reutilize passwords;
  • avoid setting the password as the associated service, e.g. Gm@il or Dropbox123;
  • combinations of those above;
Other interesting tips to increase our protection are:
  • Avoid storing passwords on devices that you take out of home;
  • Use a password manager to securely keep track of your passwords (see the section below);
  • Setup MFA/2FA when available (see the section below);
  • Use a secure password generator to generate stronger passwords (see the section below);
  • Never remember a password!

Use Password Managers

While the  above tips are good to start and have in mind, let's now see concrete examples in how we can increase the complexity of our passwords and how we can protect them from external access. Utilizing stronger password demands a better memory. In case you don't have one as me, I  strongly recommend the utilization of a password manager like 1password, KeePass and it's forks KeePassX and KeePassXC. That's why I never remember my passwords! =)

And because I need to access my passwords on Linux and Windows machines, I'm currently using KeePassXC. I also advocate for files on disk instead of services like LastPass because you cannot trust anyone else nowadays =). How safe is LastPass data for example? Well, they were hacked before...

Using KeePass

Since KeePass is one of the most familiar out there, let's provide a very quick introduction on it. The rest, I'm pretty sure you can figure out. Also, if you're using one of its forks, should be the same, just varying the visual look and feel.

Step 1 - Create your password database

The first step is to create your password database. Launch KeePass, 

Step 2 - Start adding your passwords


See? KeePass not only manages our passwords but also helps us generating a very complex passwords for us.

Step 3 - Keep using it!

Yes, keep using it! Add all your accounts to this file and keep it safe on your disk, doing periodical backups. And sice KeePass is remembering your passwords for you, you have no excuses for sharing passwords or using simple passwords. Plus, backing up this file online is safer as the file is encrypted and assuming you didn't choose a very simple password for the file, it should take a long time for someone to crack it.

Which takes us to the next tip...

Recycle Passwords

Another relevant tip is recycling passwords. You may have already figured out that it's a technical term for not reusing the same passwords. But why? Yes, you should recycle your passwords every 3 months or so. It helps against data leaks. Or, if your service has something like a password expiration policy, even better:
Source: Outlook.com

How to create stronger Passwords

Most password managers have a very useful tool to generate passwords. After getting familiar with KeePass, I suggest getting acquainted with the Password generation tool.  To access it, do:
Tools -> Password Generator:

As we can there there are lots of intresting options here:
  • You can set the length of the generated passwords;
  • You can set/unset multiple options (I would recommend checking at least 4 of them);
  • You can provide patterns, certain characters;
  • You can strengthen entropy by clicking on the "Advanced" button
And, by clicking on the "Generate" button, KeePass will generate a password for you. It will even tell you how strong your password is (92 bits in this case). Remember to keep an eye on the bar. It will tip you how strong your password is. In theory, we should have the tool generate passwords for us as their algorithm handles better the complexity required.

Enable multiple-factor authentication

Multiple-Factor Authentication (MFA) and it's simpler form Two-Factor Authentication (2FA) is a way of logging in that requires more then a password. Example: a text message or a verification e-mail with a random code on a different email account are sent and the user will only be allowed access if she enters the right code..

MFA adds a very strong security component to our online accounts since it reduces dramatically the chances an unauthorized user can access our accounts. Many recent hacks such as the celebrity hack could have been avoided if MFA was enabled. But Apple have learned from the episode and now advise users to protect themselves using 2FA:
To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification. Both of these are addressed on our website at http://support.apple.com/kb/ht4232.

Example 1 - Enabling MFA for an Apple ID

The majority of the most used websites currently offer MFA. As an example, here's what you need to do to enable MFA on you Apple ID.

Source: https://support.apple.com/en-ca/HT204915

Example 2 - Enabling MFA on GitHub

In GitHub, go to your profile -> security, and click:

Then you choose one of the options below to get your code:

How Secure is your Password?

Speaking of strong passwords, how secure is a  92 bits password compared to my own password? According to howsecureismypassword.net:
  • your simple password like "Apple123" is broken instantly;
  • a complex password as that one generated above would be broken in 52 quadrillion years;

Just access that type and enter your password to get a quick feedback on how long it would take for someone to crack your passwords:
Source: https://howsecureismypassword.net/
Spot the difference? Few hours x 52 quarillion years. But wait! There are techniques to speed up this process but we will not cover them now. The objective of that was to illustrate the importance of creating and using stronger passwords.

Conclusion

On this post I presented many suggestions on how to create strong passwords, store, transport and additional protection layers such as MFA. Please, start use them all and make your information safer. As a final note, consider using stronger passwords and enabling MFA on all your accounts.

See Also

About the Author

Bruno Hildenbrand      
Principal Architect, HildenCo Solutions.