起因

上周用net-speeder给vps加速以后，这几天每天都看看使用流量，今天上午一看吓一跳，昨晚用了四个多G，
而且是我睡觉的时候。莫非是被人盯上了？
登录上去查看一下secure日志，发现好多尝试访问ssh的记录。不由一头冷汗。
当然就网络攻击这一块，我从初二以后就没服过谁（开玩笑的，我都快吓尿了）。

解决步骤

机智的我当然没有慌乱，上网整理了一下资料，然后开始加固安全防范.
以下步骤全部基于CentOS 6.5

涉及到的数学知识:http://www.ruanyifeng.com/blog/2013/06/rsa_algorithm_part_one.html
算法具体实现:http://www.ruanyifeng.com/blog/2013/07/rsa_algorithm_part_two.html

前几天升级了Mysql 5.7,昨天在测试一个很久没改动的系统时一条Sql报了这个bug『You can’t specify target table ‘t1’ for update in FROM clause』。
用排除法分析了一下,发现只有在Mysql 5.7上才能重现,遂上网查找了一下Mysql 5.7的Release note,发现确实是Mysql在这方面进行了更改。原文如下:
As of MySQL 5.7.6, the optimizer handles propagation of an ORDER BY clause in a derived table or view reference to the outer query block by propagating the ORDER BY clause if the following conditions apply: The outer query is not grouped or aggregated; does not specify DISTINCT, HAVING, or ORDER BY; and has this derived table or view reference as the only source in the FROM clause. Otherwise, the optimizer ignores the ORDER BY clause. Before MySQL 5.7.6, the optimizer always propagated ORDER BY, even if it was irrelevant or resulted in an invalid query.

For statements such as DELETE or UPDATE that modify tables, using the merge strategy for a derived table that prior to MySQL 5.7.6 was materialized can result in an ER_UPDATE_TABLE_USED error:

1 2 3 4 5 6 7

mysql> DELETE FROM t1 -> WHERE id IN (SELECT id -> FROM (SELECT t1.id -> FROM t1 INNER JOIN t2 USING (id) -> WHERE t2.status = 0) AS t); ERROR 1093 (HY000): You can't specify target table 't1' for update in FROM clause

The error occurs when merging a derived table into the outer query block results in a statement that both selects from and modifies a table. (Materialization does not cause the problem because, in effect, it converts the derived table to a separate table.) To avoid this error, disable the derived_merge flag of the optimizer_switch system variable before executing the statement:

1	mysql> SET optimizer_switch = 'derived_merge=off';

之前总是用root用户,觉得不正规也不安全,看了几篇linux用户和用户组介绍的帖子,总结了个MindMap。

MindMap的源文件,欢迎修改.

2018

• Docker In Action
• Spring Cloud与Docker 微服务架构实战

2016

• 1984
  第一次知道这本书是因为被封很多年的那个1984bbs,读完了之后感觉毛骨悚然,第一次感受到文字的力量如此强大。
  本书描述了一个极度集权的病态社会,和天朝差不多,度过了以后有种设身处地的感觉。

2015

• 年薪20万到80万的进击——高端程序员如何跳槽
  与其说是一本书,其实就是一片文章,是100offer写的,通过数据分析展现人才流向,看完之后对100offer的好感倍生,比拉勾什么的靠谱多了。

• 快速阅读训练法(大脑潜能开发书系)
  里面主要讲了快速阅读的训练方法,归结起来就是只看不读(默读也不行)和锻炼眼部肌肉力量,看书的时候以线代点,以面带线,准备试试里面的训练方法,
  看看是否真的有效。不过看技术性书籍应该是不适合的。

• Docker–从入门到实践
  通读了此书,对Docker有了初步的了解,掌握了docker的基本操作,但是集群方式还没有试,以后有时间试试。此书十分推荐,无论是开发还是运维,都应该了解并使用docker。
  因为docker太cool,和git一样cool。