mtigas

Client-side SSL

For excessively paranoid client authentication.

---

Updated Apr 5 2019:

because this is a gist from 2011 that people stumble into and maybe you should AES instead of 3DES in the year of our lord 2019.

some other notes:

JosefJezek

How to use Pelican on GitHub Pages

Author: Josef Jezek

Install on Ubuntu

Installing Python tools

sudo apt-get install python-setuptools

rgbkrk

#!/usr/bin/env python
# -*- coding: utf-8 -*-

'''

Bootstrapping the salt minions on Rackspace (using fabric rather than
salt-cloud).

This is not the most effective way to do this, but it gets it done.

jorendorff

// To compile this on mac: gcc -m32 -o rawcode rawcode.c
// Probably the same on linux, or drop the -m32.
// Then: ./rawcode

#include <stdio.h> // printf
#include <string.h> // memcpy
#include <sys/mman.h> // mmap, munmap

int main () {
    // x86 machine code for: int mul (int a, int b) { return a * b; }

kaithar

            from salt.client import LocalClient
            client = LocalClient()
            o = client.cmd(t, 'cmd.run_all', kwarg={
                'cmd': 'curl *options and url redacted*',
                'cwd': dirname
            })
            print "Ret: %(retcode)d\n\nstdout:\n%(stdout)s\n\nstderr:\n%(stderr)s\n" % o[t]
            print o[t], "\n"
            if o[t]['retcode'] != 0:
                client.cmd(t, 'file.remove', arg=(dirname,), timeout=5)

rinx

/* 
 * predefined classes
 *
 * Copyright (C) 2013 Rintaro Okamura
 */

//mixin

$vendpf: -webkit-, -moz-, -ms-, -o-, '';

jcockhren

http://pcottle.github.io/learnGitBranching/
http://rogerdudler.github.io/git-guide/
http://think-like-a-git.net/
http://gitimmersion.com/
http://gitref.org/
http://git-scm.com/documentation

abemusic

group_0:
  match: G@stack_id:20 and G@roles:qatp.base and G@roles:qatp.ipa and G@roles:java.oracle.jdk7
  sls:
  - qatp.base
  - qatp.ipa
  - java.oracle.jdk7
group_1:
  match: G@stack_id:20 and G@roles:cdh4.hadoop.namenode
  sls:
  - cdh4.hadoop.namenode

jfryman

One thing I wanted to ask, given your exprience in DDoS attacks. We are putting in place a DDoS mitigation strategy and finding a wide variability in pricing from different vendors.

Near as I can tell, the difference between the low end like CloudFlare's $200/mth plan and the $5K-$10K/mth vendors like Prolexic is the support offered for a layer 7 attack. Is that a reasonable summary?

It seems like all vendors offer a reasonable level of layer 3-4 filtering but that if there's a layer 7 attack the high end vendors have the sophisticated tools and methodology to help the customer figure out how to mitigate the attack.

If this perspective is reasonable, how susceptible you think a product like XXX is to a layer 7 attack? I'd hate to buy insurance we don't really need.

The difference is a lot in integration. CloudFlare is only really a CDN at the heart of it, so what you're paying for is that with some DDoS stuff built in. If an attacker gets wind of this, and finds out your origin and decides to

spaze

2023 update

ℹ️ Please note this research is from 2016 when Opera has first added their browser "VPN", even before the "Chinese deal" was closed. They have since introduced some real VPN apps but this below is not about them.

🕵️ Some folks also like to use this article to show a proof that the Opera browser is a spyware or that Opera sells all your data to 3rd parties or something like that. This article here doesn't say anything like that.

---

When setting up (that's immediately when user enables it in settings) Opera VPN sends few API requests to https://api.surfeasy.com to obtain credentials and proxy IPs, see below, also see The Oprah Proxy.

The browser then talks to a proxy de0.opera-proxy.net (when VPN location is set to Germany), it's IP address can only be resolved from within Opera when VPN is on, it's 185.108.219.42 (or similar, see below). It's an HTTP/S proxy which requires auth.