
Research
/Security News
Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
redis-diagnose-tool is a tool for diagnosing Redis/Tair client connection errors.
redis-diagnose-tool
is a tool for diagnosing Redis/Tair
client connection errors and supports detecting the response rtt of the DB Server in the Redis/Tair
instance.
This diagnostic tool is only applicable to clients connecting to Alibaba Cloud's Redis and Tair instances
Process:
Redis/Tair
instanceAUTH
command to verify the username and password. If no password is specified, execute the PING
command to verify whether the password-free function is enabledINFO
command and Alibaba Cloud proxy self-developed IINFO
command and RIINFO
command to detect the response rtt of the DB ServerInstall from pip, requires Python 3.6 or higher
# 1. Install from pypi
pip install redis-diagnose-tool
# 2. Intall from source
git clone https://github.com/tair-opensource/tair-tools.git
cd redis-diagnose-tool
pip install .
the executable program diag
will be installed in the bin directory of the Python interpreter.
Use pip show redis-diagnose-tool
to find the installation path of the redis-diagnose-tool package. The argument template arguments.yaml
is stored in the diagnose directory under the installation path.
The tool supports basic mode and advanced mode.
The basic mode can only detect whether the client can establish a TCP connection with the Redis/Tair
instance and give an error message if the connection fails.
In advanced mode, you can use the OpenAPI of Redis/Tair
to obtain basic information, network information, whitelist, and other information about the instance. If the client is on ECS, it can also use the ECS OpenAPI to obtain information about the ECS instance. Therefore, advanced mode can diagnose specific problems that cause connection failures, including incorrect connection information, connecting to the instance through the instance's intranet address in a public network environment, incorrect configuration of the whitelist or instance security group, and ECS security group interception.
Both basic mode and advanced mode support verifying user passwords and detecting the response of the DB Server inside the instance.
Arguments Description:
Redis diagnose tool configuration
optional arguments:
--help Help information
-c CONFIG, --config CONFIG Configuration file path (YAML format). If the configuration file is specified, the command arguments won't work.
Tool options:
-A, --advanced Enable advanced mode, default off
-d, --detect_server Detect server, default off
-l {zh,en}, --language {zh,en} Language, zh for Chinese and en for English, default zh
Redis instance connection information:
-h HOST, --host HOST Connection hostname
-p PORT, --port PORT Connection port, default 6379
-t TIMEOUT, --timeout TIMEOUT Connection timeout, second, default 2s
-u USER, --user USER Username
-a PASSWORD, --password PASSWORD Password
Redis instance information:
Following arguments should be specified in advanced mode. You only need to specify one of redis_region_id and redis_endpoint.
-r REDIS, --redis REDIS Redis instance id
-g REDIS_REGION_ID, --redis_region_id REDIS_REGION_ID Redis instance region id
-o REDIS_ENDPOINT, --redis_endpoint REDIS_ENDPOINT Redis instance endpoint
ECS instance information:
Following arguments should be specified in advanced mode if the client is on ECS. You only need to specify one of ecs_region_id and ecs_endpoint.
-e ECS, --ecs ECS ECS instance id
-G ECS_REGION_ID, --ecs_region_id ECS_REGION_ID ECS instance region id
-O ECS_ENDPOINT, --ecs_endpoint ECS_ENDPOINT ECS instance endpoint
SDK information:
Following arguments should be specified in advanced mode.
-k AK, --ak AK Access key id
-s SK, --sk SK Access key secret
Usage Examples:
# Installed from pip, you can run diag directly when the bin directory is added to the environment path
diag --help
run in basic mode
diag -h "connection_address" -p 6379 -u "user" -a "password"
run in advanced mode
diag -h "connection_address" -p 6379 -u "user" -a "password" -k "ak" -s "sk" -r "redis_instance_id" -g "redis_region_id" -A
Use argument template arguments.yaml
In advanced mode, you need to set multiple optional arguments in the command line, which is cumbersome and error-prone, so an argument template is provided
diag --config "arguments.yaml"
If the argument template is used, the command line arguments will be invalid.
diagnose.log: diagnostic logs, which record the diagnostic process, detailed connection diagnostic reports, and DB Server diagnostic reports
sdk.log: record the call log of Open API, including interface, return value, and error
error.log: record exception information and exception throwing links
FAQs
redis-diagnose-tool is a tool for diagnosing Redis/Tair client connection errors.
We found that redis-diagnose-tool demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.