This study focuses on the strategies used by the "xz backdoor", an extremely
complex piece of malware that contains its own x64 disassembler inside of it
to find critical locations in your code and hijacks it by swapping out your
code with its own as it runs. Because this a machine-code based attack,
all code written in any program language can be attacked and is vulnerable.
Instead of targeting sshd directly, the xz
backdoor injects itself in the parent systemd process then hijacks the
GNU Dynamic Linker (ld), before sshd is even started or libcrypto.so is
*** TODO Decide on home env strategy | |
Time to think out some pros and cons for `guix home` versus stow: | |
+--------------+-------------------------------+-----------------------------------+ | |
| Guix Home vs |Pros |Cons | | |
| GNU Stow + |Home: 7 |Home: 5 | | |
| Guix Package |Stow: 9 |Stow: 2 | | |
| | | | | |
+--------------+-------------------------------+-----------------------------------+ | |
| Home & Stow |Distrobution agnostic, portable| | | |
| |& easy to version control with | | |
[Unit] | |
Description = Foo HTTP server | |
Requires = foo.socket | |
After = multi-user.target | |
[Service] | |
User = www-data | |
Group = www-data | |
WorkingDirectory = /var/foo | |
ExecStart = /var/foo/bin/foo-server |
" Vim syntax file | |
" Language: Todo | |
" Maintainer: Huy Tran | |
" Latest Revision: 14 June 2020 | |
if exists("b:current_syntax") | |
finish | |
endif | |
" Custom conceal |
todo:
- - update Kibana object to set an antiaffinity (lack aarch64 support)
- - show example of using fluent-bit annotation to highlight what parser to use.
ECK provides a higher baseline for security out of the box, which makes most "quick-start" guides for utilizing as a sink for logging fail. This gist provides details on how to update fluent-bit quick-start guides to work with ECK, utilizing emptyDir for the ES PVC.
#!/bin/sh | |
prog_name=${0##*/} | |
version=1.0 | |
version_text="Boilerplate for new scripts v$version" | |
options="h o: q v V" | |
help_text="Usage: $prog_name [-o <text>] [-hqvV] [<file>]... | |
Boilerplate for new scripts |
// create a bookmark and use this code as the URL, you can now toggle the css on/off | |
// thanks+credit: https://dev.to/gajus/my-favorite-css-hack-32g3 | |
javascript: (function() { | |
var elements = document.body.getElementsByTagName('*'); | |
var items = []; | |
for (var i = 0; i < elements.length; i++) { | |
if (elements[i].innerHTML.indexOf('* { background:#000!important;color:#0f0!important;outline:solid #f00 1px!important; background-color: rgba(255,0,0,.2) !important; }') != -1) { | |
items.push(elements[i]); | |
} | |
} |
Performance mode changes the system parameters of your Mac. These changes take better advantage of your hardware for demanding server applications.
A Mac with macOS Server that needs to run high-performance services can turn on performance mode to dedicate additional system resources for server applications. Note, however, that performance mode can be enabled even without macOS Server being installed to achieve similar benifits for other high-performance services.
sudo nvram boot-args="serverperfmode=1 $(nvram boot-args 2>/dev/null | cut -f 2-)"
sudo reboot
Reference: https://support.apple.com/en-us/HT202528.
// Overwrite key bindings by placing them into your key bindings file. | |
[ | |
{ | |
"key": "escape escape", | |
"command": "workbench.action.exitZenMode", | |
"when": "inZenMode" | |
}, | |
{ | |
"key": "shift+escape", | |
"command": "closeReferenceSearchEditor", |