4abhinavjain

# should works on any cloud-init enabled hypervisor (openstack.. )

# start from a normal ubuntu 20.04 install as minimal was not available for ARM64
# Since ARM64 machines has higher RAM, Shrinking is desired but not necessary. Instead we will increase tmpfs to 1700MB

# Getting root (if sudo -i doesn't work then set a root password beforehand using 'sudo passwd root'

sudo -i

# make sure we are on the highest kernel, so we can delete all the others ...

andysteel

Using NGINX to prevent DDoS Attacks Nginx, a highly popular server system for Unix machines, comes with enough built-in functionality to greatly limit the effectiveness of DDoS attacks. These features could handle a DDoS attack by regulating the incoming traffic and by controlling the traffic as it is proxied to backend services.

Before you change any settings, make sure you make a quick backup of your server’s configuration. The following command works for this:

sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.backup-original Nginx worker connections One of the important parameters that we tweak is the number of worker process and number of worker connections in the Nginx configuration file /etc/nginx/nginx.conf.

We’ll gradually adjust the worker process and worker connections to a higher or lower value for handling DDoS attacks.

reveng007

Static vs Dynamic library in Linux, PIC, PIE, plt, got, Virtual vs Physical Addresses:

---

plt ---> procedure linkage table

got ---> global offset table

logical addresses ---> virtual addresses

virtual address space (VAS) or address space ---> is the set of ranges of virtual addresses that an operating system makes available to a process.

memory management unit (MMU) or paged memory management unit (PMMU) ---> is a computer hardware unit having all memory references passed through itself, primarily performing the translation of virtual memory addresses to physical addresses.

Virtual address space randomization ----> Address space layout randomization ----> (ASLR)

NOTE:

Obydux

Fabric/Quilt Server Optimization

This has updated for 1.20.4, all of the optimization mods mentioned here are compatible with each other and don't affect vanilla behaviour by default.

Mods

Commoble

/**
AbstractBlock::getShape(BlockState, IBlockReader, BlockPos, ISelectionContext)
	The primary shape for "selection" raytraces, like clicking a block.
	Defaults to a full cube. Delegated to by AbstractBlockState::getShape(IBlockReader, BlockPos, ISelectionContext)
	Most of the other shape getters either default to this or default to empty,
	so just overriding this shape getter is sufficient if finer variations aren't needed.

AbstractBlock::getCollisionShape(BlockState, IBlockReader, BlockPos, ISelectionContext)
	The primary shape for collision raytraces.
	Delegated to by AbstractBlockState::getCollisionShape(IBlockReader, BlockPos, ISelectionContext)

joepie91

Recently, Let's Encrypt launched free wildcard certificates. While this is good news in and of itself, as it removes one of the last remaining reasons for expensive commercial certificates, I've unfortunately seen a lot of people dangerously misunderstand what wildcard certificates are for.

Therefore, in this brief post I'll explain why you probably shouldn't use a wildcard certificate, as it will put your security at risk.

A brief explainer

It's generally pretty poorly understood (and documented!) how TLS ("SSL") works, so let's go through a brief explanation of the parts that are important here.

The general (simplified) idea behind how real-world TLS deployments work, is that you:

JoeUX

# Install dependencies
# 
# * checkinstall: package the .deb
# * libpcre3, libpcre3-dev: required for HTTP rewrite module
# * zlib1g zlib1g-dbg zlib1g-dev: required for HTTP gzip module
apt-get install checkinstall libpcre3 libpcre3-dev zlib1g zlib1g-dbg zlib1g-dev && \

mkdir -p ~/sources/ && \

# Compile against OpenSSL to enable NPN. I updated this block to get the latest 1.0.2h release. It's critical that OpenSSL be up to date.

1lann

--
-- RSA Encryption/Decryption Library
-- By 1lann
--
-- Refer to license: http://pastebin.com/9gWSyqQt
--
-- See gists comment at the bottom of the page for FAQ and updates!
--

--

tylerneylon

-- copy.lua
--
-- Lua functions of varying complexity to deep copy tables.
--


-- 1. The Problem.
--
-- Here's an example to see why deep copies are useful. Let's
-- say function f receives a table parameter t, and it wants to

tollmanz

# Install dependencies
# 
# * checkinstall: package the .deb
# * libpcre3, libpcre3-dev: required for HTTP rewrite module
# * zlib1g zlib1g-dbg zlib1g-dev: required for HTTP gzip module
apt-get install checkinstall libpcre3 libpcre3-dev zlib1g zlib1g-dbg zlib1g-dev && \

mkdir -p ~/sources/ && \

# Compile against OpenSSL to enable NPN