This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that
| # | |
| # This is the ultimate HAProxy 2.0 "Getting Started" config | |
| # It demonstrates many of the features available which are now available | |
| # While you may not need all of these things, this can serve | |
| # as a reference for your own configurations. | |
| # | |
| # Have questions? Check out our community Slack: | |
| # https://slack.haproxy.org/ | |
| # |
| // LICENSE | |
| // ======= | |
| // Copyright (c) 2017-2019 Advanced Micro Devices, Inc. All rights reserved. | |
| // ------- | |
| // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation | |
| // files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, | |
| // modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the | |
| // Software is furnished to do so, subject to the following conditions: | |
| // ------- | |
| // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the |
The purpose of this document is to get you familiar with the concepts and command line tools involved with connecting to the internet using modern 4G LTE modems on both Debian/Ubuntu and OpenWRT.
This writeup is based on my experiences with the Sierra Wireless AirPrime MC7455 modem and a Calyx (Sprint) SIM card, but it should apply to most modern 4G LTE modems.
These are the steps required:
| #!/usr/bin/env python2.7 | |
| # Copyright (C) 2017 Amazon.com, Inc. or its affiliates. | |
| # All Rights Reserved. | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"). | |
| # You may not use this file except in compliance with the License. | |
| # A copy of the License is located at | |
| # | |
| # http://aws.amazon.com/apache2.0/ |
This concept is very much like .jar or .war archives in Java.
NOTE: The built
.pyzzipapp can run on both Python 2 & 3 but you can only build.pyzzipapps with Python 3.5 or later.
We're looking at CPU bandwidth control via CFS:
Program does number of iterations, in each iteration we burn CPU in small chunks until we get 5ms of real time spent. On each iteration we also print how much
| :: Windows 10 Hardening Script | |
| :: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering. | |
| :: Obligatory 'views are my own'. :) | |
| :: Thank you @jaredhaight for the Win Firewall config recommendations! | |
| :: Thank you @ricardojba for the DLL Safe Order Search reg key! | |
| :: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings! | |
| :: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater | |
| : |
The following are examples of the four types rate limiters discussed in the accompanying blog post. In the examples below I've used pseudocode-like Ruby, so if you're unfamiliar with Ruby you should be able to easily translate this approach to other languages. Complete examples in Ruby are also provided later in this gist.
In most cases you'll want all these examples to be classes, but I've used simple functions here to keep the code samples brief.
This uses a basic token bucket algorithm and relies on the fact that Redis scripts execute atomically. No other operations can run between fetching the count and writing the new count.
| #!/boot/bzImage | |
| # Linux kernel userspace initialization code, translated to bash | |
| # (Minus floppy disk handling, because seriously, it's 2017.) | |
| # Not 100% accurate, but gives you a good idea of how kernel init works | |
| # GPLv2, Copyright 2017 Hector Martin <marcan@marcan.st> | |
| # Based on Linux 4.10-rc2. | |
| # Note: pretend chroot is a builtin and affects the current process | |
| # Note: kernel actually uses major/minor device numbers instead of device name |
