A Brute Force attack will take few milliseconds to crack a 4 digit PIN (10,000 possible PINs). Have you ever wondered why the PIN (Personal Identification Number) for most of the commercial ATM cards is only 4 digits ? Some banks do allow you to choose longer PINs but the minimum number of digits is mostly 4.
Despite the smaller length, PIN is still an effective way of securing the ATM card. Here are the reasons why.
Question:
How to clear passwords from Windows Vault (Credentials Manager) ?
Answer:
At times, you want to get rid of passwords stored in Windows vault (primarily if you are in a corporate environment where you have frequently change the password).
If you keep getting locked out of your corporate environment mysteriously, clearing windows vault passwords might fix it.
Go to Control Panel and type ‘vault‘ in the search box at the right. It should bring up ‘Credentials Manager’.
If you are using Windows 8.X, go to the start screen and type ‘credentials’ to bring up credentials manager.
Scroll down the ‘Generic Credentials‘ and delete the ones you don’t need them.
Question:
How do you change the default Admin password on Jboss Community Edition ?
Answer:
Update the following file:
<JBOSS HOME>/server/<profile>/conf/props/jmx-console-users.properties
The format of the file is:
user=password
for example,
admin=Chr!stMa5123
You do NOT have to restart Jboss for this change to take effect.
So, what can an APM tool buy you? Setting aside the hypothetical ‘Peace of mind’ marketing pitch, let me show you how exactly an APM tool can help you support your Application effectively
1. Historic Monitoring of Key Metrics
APM tool can record the monitoring metrics which are invaluable in troubleshooting. For example, take a look at the ‘response time’ graph of a particular application. You can readily see that the application suffers during business hours.
Back in the 90s when I was working as a Solaris/HP-UX Administrator, all I needed was two or three commands to figure out what was wrong with a particular Server or Application. I will just glance at ‘vmstat’, ‘iostat’ and ‘top’ for a minute or two and the problem will reveal itself clearly. While those command still prove valuable at a certain level, in order to answer ‘Why is the application slow’ you need much more than just few OS commands.
Answers
1. The Java command line option to enable Verbose Garbage Collection is:
a. –DenableVerboseGC=true
b. –verboseGC=yes
c. –verbose:gc
d. –enable.verbose.gc
e. –XX:+VerboseGC
Answer: c
Explanation: -verbose:gc is the correct answer. All other options are invalid
2. Short lived and Long lived Java objects are stored in these regions of Heap, respectively
a. Tenured,OldGen
b. OldGen,Tenured
c. Tenured,newGen
d. YoungGen,OldGen
e. Tenured,nursery
Answer: d
Explanation: Short lived objects live in Young Generation (also known as nursery or new generation). When minor garbage collection cannot reclaim memory from objects that are still being used (referenced), they get moved to Old gen (via another hop at survivor space). Old gen is also known as tenured gen.
3. Your application uses lots of File Handles. The memory used to maintain these File Handles are stored in which part of JVM memory
a. PermGen
b. YoungGen
c. Tenured
d. OldGen
e. Native Memory
Answer: e
Explanation: Native memory is used for all Operating system level components (such as File handles, sockets etc). Native memory is also used for any native code (such as C libraries) that runs as part of your application. PermGen is used for Class objects (and in some versions, interned strings). Young,Tenured (oldgen) are used to store your application java objects.
4. You have just deployed a new Java application with ONLY out of the box tuning parameters. Upon using the application, users complain your application is extremely slow. By reviewing the verbose GC log file, you have identified that the frequency of GC is extremely high (once every few seconds). What is your best next step ?
a. Tune –Xms and –Xmx to provide reasonable amount of memory
b. Schedule regular automatic restarts of your application
c. Restart your application
d. Increase PermGen Space
e. Add CPU to your Host Server
Answer: a
Explanation: The default Max heap is not enough in most cases (this various by implementation, but typically 128 or 256 MB). So, the best action is to first increase the max heap (-Xmx). You may want to set –Xms (initial heap) to the same value as –Xmx if possible. Otherwise, you can go with half or ¾ th of the Max heap.
5. Your application just ran out memory (OutOfMemory Error) and it has produced a big heap dump file. What is the best tool to analyze this heap dump to find out what is filling up the memory
a. Verbose GC logs
b. Thread Dump analyzer
c. Eclipse MAT (Memory Analyzer)
d. IBM Pattern Modeling and Analysis Tool for Java garbage collector
e. Jstack
Answer: c
Explanation: Eclipse MAT (Memory Analyzer) is the tool to be used for analyzing Heap dumps. Verbose GC logs just show the GC activity in detail, Thread dump analyzer is for analyzing Thread dumps, IBM PMAT is for visualizing verbose GC logs and finally jstack is a command line tool that comes with JDK that can be used to take thread dumps on a running Java application.
Previous: Troubleshooting GC: Test your knowledge
Test your knowledge on Troubleshooting Java Garbage Collection
1. The Java command line option to enable Verbose Garbage Collection is:
a. –DenableVerboseGC=true
b. –verboseGC=yes
c. –verbose:gc
d. –enable.verbose.gc
e. –XX:+VerboseGC
2. Short lived and Long lived Java objects are stored in these regions of Heap, respectively
a. Tenured,OldGen
b. OldGen,Tenured
c. Tenured,newGen
d. YoungGen,OldGen
e. Tenured,nursery
3. Your application uses lots of File Handles. The memory used to maintain these File Handles are stored in which part of JVM memory
a. PermGen
b. YoungGen
c. Tenured
d. OldGen
e. Native Memory
4. You have just deployed a new Java application with ONLY out of the box tuning parameters. Upon using the application, users complain your application is extremely slow. By reviewing the verbose GC log file, you have identified that the frequency of GC is extremely high (once every few seconds). What is your best next step ?
a. Tune –Xms and –Xmx to provide reasonable amount of memory
b. Schedule regular automatic restarts of your application
c. Restart your application
d. Increase PermGen Space
e. Add CPU to your Host Server
5. Your application just ran out memory (OutOfMemory Error) and it has produced a big heap dump file. What is the best tool to analyze this heap dump to find out what is filling up the memory
a. Verbose GC logs
b. Thread Dump analyzer
c. Eclipse MAT (Memory Analyzer)
d. IBM Pattern Modeling and Analysis for Java garbage collector
e. Jstack
Coming up: Troubleshooting GC: Test your knowledge – Answers
In your Application support/Developer Journey, you will definitely come across a time where you will want to really dive into the Java heap and see what is filling up the memory. We are literally talking about all those java objects that are in the heap. Mind you this can run into hundreds of millions in numbers. How do you get an insight into what is in the Heap? By analyzing a Heap dump. And how do you analyze the heap dump? By using the all-powerful Eclipse Memory Analyzer (MAT)
Before we begin using MAT, how do you capture heap dump?
Now, this varies from application to application. For example, if you are running IBM WebSphere, you could use a wsadmin script to invoke heap dump. Earlier you saw visualvm can create a heap dump for you through the visualvm interface. You can also use the command ‘jmap’ to create heap dump. Further you can configure the Application server to automatically perform a heap dump when an ‘out of memory’ error is encountered (XX:-HeapDumpOnOutOfMemoryError). Note that this option is verified to work on Oracle Hotspot JVM only.
Downloading Eclipse MAT:
IBM has given us a great tool that we can use to analyze verbose GC files literally in seconds. I’m not kidding. All you have to do is generate verbose GC logs for few hours and feed the file to this tool and Bingo; it analyzes the file and tells you what you need to know. Let’s see this tool in action.
Downloading IBM Pattern Modeling and Analysis Tool for Java Garbage Collector:
https://www.ibm.com/developerworks/community/groups/service/html/communityview?communityUuid=22d56091-3a7b-4497-b36e-634b51838e11
Click on the ‘download’ link at the bottom of the page. You will get a jar file named “ga<version>.jar”.
For example, ga456.jar.
Invoking IBM PMAT:
VisualVM is a free monitoring tool for the JVM. It is much more feature rich than Jconsole. It comes built in on the Oracle JDKs. You can also download a standalone version from visualvm.java.net.
Invoking visualvm:
The tool ‘jvisualvm’ is located in bin directory under ‘JDK Home’.
Jvisualvm
Note, similar to jconsole, if you are running visualvm with the same user id as the application, the application will appear under ‘Local’ and you can begin monitoring right away. However, if that is notthe case, you must first enable JMX remote management by adding the following parameters to the Java command line.