ssl – jtheo

Bookmarks for 9 Dic 2015 from 12:09 to 16:26

These are my links for 9 Dic 2015 from 12:09 to 16:26:

One Thing Well | Let’s Encrypt – Let’s Encrypt is now in public beta and offers a command line tool that makes the process of getting and renewing certificates easy, but you have to run it as root, and it’s designed to rewrite your web server’s configuration files. Here’s a selection of alternative tools and clients:
Tsung – It can be used to stress HTTP, WebDAV, SOAP, PostgreSQL, MySQL, LDAP and Jabber/XMPP servers. Tsung is a free software released under the GPLv2 license. The purpose of Tsung is to simulate users in order to test the scalability and performance of IP based client/server applications. You can use it to do load and stress testing of your servers. Many protocols have been implemented and tested, and it can be easily extended. It can be distributed on several client machines and is able to simulate hundreds of thousands of virtual users concurrently (or even millions if you have enough hardware …). Tsung is developed in Erlang, an open-source language made by Ericsson for building robust fault-tolerant distributed applications. [ via http://onethingwell.org/post/134852940551/tsung ]
Internet Redundancy with ASA SLA and IPSec – PacketU – I’ve seen a lot of examples of redundant Internet connections that use SLA to track a primary connection. The logic is that the primary Internet connection is constantly being validated by pinging something on that ISP’s network and routing floats over to a secondary service provider in the event of a failure. I was recently challenged with how this interacted with IPSec. As a result I built out this configuration and performed some fairly extensive testing.

Bookmarks for 25 nov 2015 through 2 dic 2015

These are my links for 25 nov 2015 through 2 dic 2015:

ipfs/ipfs · GitHub – IPFS (the InterPlanetary File System) is a new hypermedia distribution protocol, addressed by content and identities. IPFS enables the creation of completely distributed applications. It aims to make the web faster, safer, and more open. IPFS is a distributed file system that seeks to connect all computing devices with the same system of files. In some ways, this is similar to the original aims of the Web, but IPFS is actually more similar to a single bittorrent swarm exchanging git objects. You can read more about its origins in the paper IPFS – Content Addressed, Versioned, P2P File System. IPFS is becoming a new major subsystem of the internet. If built right, it could complement or replace HTTP. It could complement or replace even more. It sounds crazy. It is crazy. [ via http://blog.quintarelli.it/2015/12/ipfs-davvero-figo.html ]
SSL Library mbed TLS / PolarSSL: Download for free or buy a commercial license – mbed TLS (formerly known as PolarSSL) makes it trivially easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products, facilitating this functionality with a minimal coding footprint.
Wox – An effective launcher for windows A full-featured launcher, access programs and web contents as you type. Be more productive ever since. Wox is free for use and open-sourced at Github, Try it now!

Bookmarks for 6 ago 2015 through 21 set 2015

These are my links for 6 ago 2015 through 21 set 2015:

/bin/bash based SSL/TLS tester: testssl.sh – testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more. [ via quasi.dot: https://delicious.com/farmando ]
Policy NAT for L2L VPN • LearnIOS.com – I kind of missed the wood for the trees here. The static policy NAT is failing because you are trying to map a network 192.168.0.0 to a single IP address 172.20.n.1. However it's just occured, why are you doing policy NAT for the Internet. I tested in lab and if you do this
Encrypted Data Bags on Cloud on AWS – Many customers have asked us how they should handle shared secrets, passwords and other sensitive data in Chef and now we have a good solution. With the release of our stable-v4 stack, we introduced Chef 10 to the platform, and with it came data bags. Now with the 3.0 release of the engineyard gem, we can officially support data bags and encrypted data bags. You may be wondering what data bags are, how data bags work or how to implement data bags. This blog post will walk you through the entire process.
How to set disk alignment in Linux | Dirty Cache – As you might know, if disk partitions containing Oracle datafiles are not aligned with the underlying storage system, then some I/O’s can suffer from some overhead as they are effectively translated in two I/O’s. If you want more info, google for “EMC disk alignment” and you’ll find plenty of information, explaining the issue.
Add Private Route 53 DNS to your AWS VPC | CloudTrek – A really cool feature of Amazon’s Route 53 DNS Management Service is the private hosted DNS zone. Basically, you get the ability to manage the DNS in your private VPC without setting up your own DNS infrastructure (yuck!) [ Just a friendly reminder Note 1: the resolution is working only inside the VPC. Note 2: if you don't have the AmazonProvidedDNS in your DHCP-OPTION you won't resolve the zone. Note 3: if you are using linux, you can use as DNS 169.254.169.253 it won't work on windows 2008 Ref: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-private.html http://aws.amazon.com/route53/faqs/ ]

Bookmarks for 29 lug 2015 through 5 ago 2015

These are my links for 29 lug 2015 through 5 ago 2015:

Managing Secrets With Chef Vault – jtimberman’s Code Blog – […] However, that doesn’t mean I don’t have secrets to manage! I actually don’t for my personal systems due to what I’m managing with Chef now, but we certainly do for Opscode’s hosted Enterprise Chef environment. The usual suspects for any web application are required: database passwords, SSL certificates, service API tokens, etc. We’re evaluating chef-vault as a possible solution.[…]
Create Printable Calendar (PDF) – Create your own monthly or yearly calendar and print on your own printer. It is also possible to add your own events to the calendar.
Strange behavior AD FS Windows Server 2012 R2 after changing the service communications certificate | Living the IT Life – Yesterday I ran into a problem in my demo environment after I changed the AD FS service communications certificate.

Bookmarks for 30 mar 2015 through 31 mar 2015

These are my links for 30 mar 2015 through 31 mar 2015:

5 easy tips to accelerate SSL – Unhandled expression – SSL is slow. These cryptographic algorithms eat the CPU, there is too much traffic, it is too hard to deploy correctly. SSL is slow. Isn’t it? HELL NO! SSL looks slow, because you did not even try to optimize it! For that matter, I could say that HTTP is too verbose, XML web services are verbose too, and all this traffic makes the website slow. But, SSL can be optimized, as well as everything!
Cybrary – Free Online IT and Cyber Security Training, Forever! – Cybrary is a free and open source, online information technology (IT) and cyber security training environment for the world. We are dedicated to keeping the world’s IT professionals prepared for this ever changing industry and its technologies. You can learn almost anything IT and security related for free, and you can help others to do the same. Take a look at what you can learn: Systems Administration Network Administration Cyber Security Our free IT training classes include everything from industry certifications such as Certified Ethical Hacker, CISSP and CCNA to advanced niche skill sets like advanced penetration testing and cloud administration. Our training includes instructional lectures, interactive lab demonstrations, exam study guides, white papers, case studies and more. [ via https://delicious.com/farmando]
Exploit Exercises – exploit-exercises.com provides a variety of virtual machines, documentation and challenges that can be used to learn about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and general cyber security issues. [ via https://delicious.com/farmando ]

Bookmarks for 24 mar 2015 through 29 mar 2015

These are my links for 24 mar 2015 through 29 mar 2015:

Candlepin – Home – Candlepin is a collection of tools which allow companies to manage software subscriptions. The subscriptions allow users to access provided content over secure connections.
Rockhopper VPN: IPsec/IKEv2-based VPN software for Linux, implemented in user space. – Rockhopper VPN is IPsec/IKEv2-based VPN software based on modern design and considerations for Linux. All components of this VPN software are implemented in user space only, including the ESP protocol stack.
Taiga.Io | Agile, Open Source, Free Project Management System – Free. Open Source. Powerful. Taiga is a project management platform for startups and agile developers & designers who want a simple, beautiful tool that makes work truly enjoyable.
Git-ftp by git-ftp – I use git-ftp for my script based projects, mostly PHP. Most of the low-cost web hosting companies do not provide SSH or git support, but only FTP. That is why I needed an easy way to deploy my git tracked projects. Instead of transfering the whole project, I thought, why not only transfer the files that changed since the last time, git can tell me those files. Even if you are playing with different branches, git-ftp knows which files are different. No ordinary FTP client can do that. [ via http://onethingwell.org/post/114496962991/git-ftp ]
IE Supported Cipher Suites · client9/sslassert Wiki · GitHub – Summary: SSL cipher suite support on Internet Explorer depends both on the version of IE and on the version of the operating system. Internet Explorer 8 is crippled if it runs on Windows XP.

Bookmarks for 12 mar 2015 through 18 mar 2015

These are my links for 12 mar 2015 through 18 mar 2015:

OpenSSL Essentials: Working with SSL Certificates, Private Keys and CSRs | DigitalOcean – OpenSSL is a versatile command line tool that can be used for a large variety of tasks related to Public Key Infrastructure (PKI) and HTTPS (HTTP over TLS). This cheat sheet style guide provides a quick reference to OpenSSL commands that are useful in common, everyday scenarios. This includes OpenSSL examples of generating private keys, certificate signing requests, and certificate format conversion. It does not cover all of the uses of OpenSSL.
Change password The Foreman – Erwan Gallen –
OpenDJ Directory Services Project – The open source LDAP directory services in Java – The OpenDJ community actively develops open source directory services, including a high performance, highly available, secure directory server, built-in data replication, client tools, and an LDAP SDK. OpenDJ offers extensive LDAPv3 support, as well as RESTful access to directory data over HTTP. OpenDJ DSML gateway enables applications accessing directory data through DSMLv2. All modules are 100% Java based and require at least Java 6.

Bookmarks for 5 nov 2014 through 14 nov 2014

These are my links for 5 nov 2014 through 14 nov 2014:

Build Cheat Sheets and Share Your Favourites! – Cheatography.com: Cheat Sheets For Every Occasion – Cheatography is a cheat sheet generator and repository where you can build and share cheat sheets and quick references.
tmux the terminal multiplexer Cheat Sheet by bechtold – Cheatography.com: Cheat Sheets For Every Occasion –
google/nogotofail – Nogotofail is a network security testing tool designed to help developers and security researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way. It includes testing for common SSL certificate verification issues, HTTPS and TLS/SSL library bugs, SSL and STARTTLS stripping issues, cleartext issues, and more. [ via http://www.bufferoverflow.it/ ]

Bookmarks for 3 nov 2014 through 5 nov 2014

These are my links for 3 nov 2014 through 5 nov 2014:

Policy Daemon – Policyd is an anti-spam plugin for Postfix (written in C) that does Greylisting, Sender-(envelope, SASL or host / ip)-based throttling (on messages and/or volume per defined time unit), Recipient rate limiting, Spamtrap monitoring / blacklisting, HELO auto blacklisting and HELO randomization preventation.
DevStack – an OpenStack Community Production — documentation – A documented shell script to build complete OpenStack development environments. An OpenStack program maintained by the developer community. Setup a fresh supported Linux installation. Clone devstack from git.openstack.org. git clone https://git.openstack.org/openstack-dev/devstack Deploy your OpenStack Cloud cd devstack && ./stack.sh
vim modeline – Tips and Tricks – ph3nix.Net – Generally you either love or hate Vim. It boils down to a matter of personal preference. However love or hate you have to admit it is extremely powerful for a command line, text only file editor. For those who love it – or just have to make use of it on a regular basis, the Vim modeline feature is a very useful and powerful way of customizing the visual and editing preferences as well as several other options on a file by file basis.
Development Foo – using vim and sshfs to propel development | New Goliath –
Front-end engineering and so on: OpenSSL: Convert private key to PEM format for AWS ELB – You might get message "Error: Invalid Private Key" while configuring SSL on Elastic Load Balancer on Amazon Web Services (AWS). It means your private key isn't in PEM format. No worries, it easy to fix.

Bookmarks for 22 set 2014 through 25 set 2014

These are my links for 22 set 2014 through 25 set 2014:

muquit/mailsend – mailsend is a simple command line program to send mail via SMTP protocol. I needed to send a piece of alert mail from a program in a networked Windows machine, but could not find a simple program like this installed. So I wrote one. You might find it useful in some situations. The program does not use any config file and I plan to keep it that way.
visit1985/mdp – A command-line based markdown presentation tool.
Teampass · A Collaborative Passwords Manager – TeamPass is a Passwords Manager dedicated for managing passwords in a collaborative way on any server Apache, MySQL and PHP. It is especially designed to provide passwords access security for allowed people. This makes TeamPass really useful in a Business/Enterprise environment and will provide to IT or Team Manager a powerful and easy tool for customizing passwords access depending on the user’s role.