Skip to content

Instantly share code, notes, and snippets.

View Timi7007's full-sized avatar

Timlukas Bloch Timi7007

27 followers · 43 following
View GitHub Profile
@Timi7007
Timi7007 / firefox-settings.md
Last active April 20, 2020 17:52

Mandatory Addons:

  • uBlock Origin
  • HTTPS Everywhere

Highly recommended settings in about:config:

  • security.certerrors.permanentOverride;false
    • Don't save every TLS-cert-override forever, like in the old days.
  • security.enterprise_roots.enabled;false
    • Don't import TLS-cert roots from the OS's store, only use Mozilla approved ones.
  • security.certerrors.mitm.auto_enable_enterprise_roots;false
@Timi7007
Timi7007 / ubuntu.json
Last active August 22, 2018 08:41
Add a Ubuntu Server 18.04.1 image to kimchi as a workaround for https://github.com/kimchi-project/kimchi/issues/1157
[
{
"name": "Ubuntu Server 14.04 LE (Trusty Tahr)",
"os_distro": "ubuntu",
"os_arch": "ppc64",
"os_version": "14.04",
"path": "http://cdimages.ubuntu.com/releases/14.04/release/ubuntu-14.04.4-server-ppc64el.iso"
},
{
"name": "Ubuntu Server 14.04 LE (Trusty Tahr)",
@Timi7007
Timi7007 / HTTPS-reasons-de.md
Created June 27, 2018 11:47
Gründe für HTTPS

Gründe für HTTPS

Why HTTPS?

Die Schutzziele der Informationssicherheit

  • nicht mitlesbare Datenübertragung -> Vertraulichkeit
  • nicht manipulierbare Daten -> Integrität
  • Sicherstellung des richtigen Verbindungszieles -> Authentizität

User Experience & technische Möglichkeiten

@Timi7007
Timi7007 / README.md
Last active March 27, 2018 14:25
Simple test for DNS CAA-records in PHP. CLI/Browser cross-compatible.
@Timi7007
Timi7007 / openssl-cheatsheet.md
Last active July 10, 2018 10:05
Cheat sheet for commonly used OpenSSL commands.

View CSR [1]

openssl req -in [file.csr] -noout -text

View CRT [1]

openssl x509 -in [certificate.crt] -text -noout

View PFX/P12 [1]

openssl pkcs12 -info -in [cert.pfx]

UTF-8 characters in PFX/P12 passwords

@Timi7007
Timi7007 / .vimrc
Last active November 20, 2018 13:53
My basic .vimrc
" Turn syntax highlighting on
syntax on
" Default colors
" (it sucks to read comments)
"colo default
" Default colors on SUSE
" (pretty awesome, i love the light-blue comments)
"colo ron
@Timi7007
Timi7007 / idn_converter.php
Last active February 13, 2018 16:18
Simple web-based IDN to ACE & ACE to IDN converter written in PHP. Requires php-intl. Demo: http://usf01.timlukas.de/idn.php
<?php
// You need php-intl to run this!
$input = $_POST['domain'];
echo '<html>
<head>
<title>IDN Converter</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
@Timi7007
Timi7007 / MeltdownSpectre.md
Last active January 17, 2018 09:07
Useful links related to the Meltdown & Spectre CPU bugs.
@Timi7007
Timi7007 / sks-resources.md
Last active April 26, 2018 13:43
Some useful resources for owners of SKS Keyservers.
@Timi7007
Timi7007 / README.md
Last active December 20, 2022 15:09
Collection on all things HTTPS. Includes settings for TLS on nginx (which desperately need an update!).

Why HTTPS?

Collection on all things HTTPS. Includes settings for TLS on nginx (which desperately need an update!).

Until I update this, I'd recommend you take a look at https://github.com/jukbot/setup-nginx-webserver

My current settings for TLS on nginx/1.10.3 on Ubuntu Server 16.04 LTS

See https://www.nginx.com/resources/wiki/start/topics/tutorials/install/#official-debian-ubuntu-packages on how to install the lastest version of nginx.

Most settings are sourced from https://bettercrypto.org/static/applied-crypto-hardening.pdf#subsection.2.1.3, https://danpalmer.me/blog/ssl-labs-grade-a, https://gist.github.com/plentz/6737338 and https://scotthelme.co.uk/