| //author @TraderX0 | |
| //script to plot daily Open high and low | |
| //version 1.1 | |
| //last edited 22/11/2018 | |
| //title | |
| study(title="TraderX0__O_H_L", shorttitle="TraderX0_O_H_L", overlay=true) | |
| // holds the daily price levels | |
| openPrice = security(tickerid, 'D', open) |
| # Fileless WMI Persistence (PSEDWMIEvent_SU - SystemUptime) | |
| # https://wikileaks.org/ciav7p1/cms/page_14587908.html | |
| <# | |
| .SYNOPSIS | |
| This script creates a persisted WMI event that executes a command upon trigger of the system's uptime being between a given range in seconds. The event will trigger only once. | |
| #> | |
| $EventFilterName = "Fileless WMI Persistence SystemUptime" |
FWIW: I (@rondy) am not the creator of the content shared here, which is an excerpt from Edmond Lau's book. I simply copied and pasted it from another location and saved it as a personal note, before it gained popularity on news.ycombinator.com. Unfortunately, I cannot recall the exact origin of the original source, nor was I able to find the author's name, so I am can't provide the appropriate credits.
Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools.
This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong--I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter, or just leave me a comment here.
There is a companion feature matrix of various tools. Comments are welcome in the same manner.
| - name: set swap_file variable | |
| set_fact: | |
| swap_file: /{{ swap_space }}.swap | |
| - name: check if swap file exists | |
| stat: | |
| path: "{{ swap_file }}" | |
| register: swap_file_check | |
| - name: create swap file |
If you're not familiar: What is fail2ban? fail2ban is an awesome linux service/monitor that scans log files (e.g. auth.log for SSH) for potentially malicious behavior. Once fail2ban is tripped it will ban users for a specified duration by adding rules to Iptables. If you're unfamiliar with fail2ban Chris Fidao has a wonderful (& free!) series about security including setting up fail2ban here.
Recently Laravel released a new feature in 5.1 to throttle authentication attempts by simply adding a trait to your authentication controller. The Laravel throttle trait uses the inputted username, and IP address to throttle attempts. I love seeing this added to a framework out of the box, but what about some of our other apps not built on Laravel? Like a WordPress login? Or even an open API etc.? Ultimately,
| # Encryption functions. Requires the GNUpg "gpg" commandline tool. On OS X, "brew install gnupg" | |
| # Explanation of options here: | |
| # --symmetric - Don't public-key encrypt, just symmetrically encrypt in-place with a passphrase. | |
| # -z 9 - Compression level | |
| # --require-secmem - Require use of secured memory for operations. Bails otherwise. | |
| # cipher-algo, s2k-cipher-algo - The algorithm used for the secret key | |
| # digest-algo - The algorithm used to mangle the secret key | |
| # s2k-mode 3 - Enables multiple rounds of mangling to thwart brute-force attacks | |
| # s2k-count 65000000 - Mangles the passphrase this number of times. Takes over a second on modern hardware. | |
| # compress-algo BZIP2- Uses a high quality compression algorithm before encryption. BZIP2 is good but not compatible with PGP proper, FYI. |
