This gist shows how to create a GIF screencast using only free OS X tools: QuickTime, ffmpeg, and gifsicle.
To capture the video (filesize: 19MB), using the free "QuickTime Player" application:
// | |
// createCertificateAuthority generates a certificate authority request ready to be signed | |
// | |
func (r *secretStore) createCertificateAuthority(names pkix.Name, expiration time.Duration, size int) (*caCertificate, error) { | |
// step: generate a keypair | |
keys, err := rsa.GenerateKey(rand.Reader, size) | |
if err != nil { | |
return nil, fmt.Errorf("unable to genarate private keys, error: %s", err) | |
} |
#!/usr/bin/env ruby | |
require 'socket' | |
include Socket::Constants | |
UNIXServer.open("\0(abstract socket)") {|server| | |
clinet = UNIXSocket.new("\0(abstract socket)") | |
clinet.setsockopt(SOL_SOCKET, SO_PASSCRED, 1) | |
sock = server.accept |
class MultiLogger | |
attr_reader :level | |
def initialize(args={}) | |
@level = args[:level] || Logger::Severity::DEBUG | |
@loggers = [] | |
Array(args[:loggers]).each { |logger| add_logger(logger) } | |
end |
require 'logger' | |
module Logging | |
class MultiDelegator | |
def initialize(*targets) | |
@targets = targets | |
end | |
def self.delegate(*methods) | |
methods.each do |m| |
NOTE: Work in progress
TODO: Identity management, two-factor auth, OpenVPN, Logstash, log shippers, IIS logs, OSSEC, Snort, Suricata, snorby, restart iis w/o admin role,
# Disallow insecure protocols by testing | |
describe package('telnetd') do | |
it { should_not be_installed } | |
end | |
describe inetd_conf do | |
its("telnet") { should eq nil } | |
end |
###Description
To secure Docker usage and auditability, we monitor Docker as recommanded in CIS Docker. Now we would like (security constraints) to monitor commands like exec
. The problem is that Docker breaks auditd
information (auid, link), and we lose the context, "What did user X do inside container Y ?"
By losing this information, auditing containers become not possible and we lose all information about what is happening inside each containers even if we are using auditd
.
###Configuration