Kenn White kennwhite
kennwhite
/ Vagrantfile
Last active
August 29, 2015 14:06
— forked from jbgo/Vagrantfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- mode: ruby -*- | |
| # vi: set ft=ruby : | |
| VAGRANTFILE_API_VERSION = "2" | |
| Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| | |
| config.vm.box = "precise64" | |
| config.vm.box_url = "http://files.vagrantup.com/precise64.box" | |
| config.vm.network :private_network, ip: "192.168.33.10" | |
| config.ssh.forward_agent = true |
kennwhite
/ kssl_tests_DO_2core.txt
Created
September 19, 2014 14:15
Cloudflare KSSL server tests: CentOS 6.5, 2 core / 2GB RAM (Digital Ocean)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # cat /proc/cpuinfo | |
| processor : 0 | |
| vendor_id : GenuineIntel | |
| cpu family : 6 | |
| model : 2 | |
| model name : QEMU Virtual CPU version 1.0 | |
| stepping : 3 | |
| cpu MHz : 1999.999 | |
| cache size : 4096 KB | |
| fpu : yes |
kennwhite
/ nginx_1.6.x.conf
Last active
August 29, 2015 14:06
CentOS, Red Hat, Amazon Linux nginx config: A+ SSL Labs rating w/ strong legacy compatibility
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Strong nginx config for SSL Labs rating A as of 3-2015 | |
| # Broad legacy compatibility including IE8, Android 2.3+, openssl 0.9.8 clients | |
| # Blocks most bot scan IP probes. | |
| # | |
| # *** Assumes: _HOSTNAME_ is replaced *** | |
| # *** Assumes: Diffie-Hellman parameters have been generated (see: dhparam below) | |
| # | |
| # Includes OCSP stapling, HSTS Strict Transport security, | |
| # session resumption, legacy backwards compatibility (XP, Android 2.3-4.3) | |
| # |
kennwhite
/ gist:09626cd41c10f503343b
Last active
August 29, 2015 14:06
— forked from epixoip/8x980_init.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@brutalis:~/cudaHashcat-1.31# nvidia-smi -L | |
| GPU 0: GeForce GTX 980 (UUID: GPU-5869777e-6d0b-1f77-cfed-d1b4a6a5e098) | |
| GPU 1: GeForce GTX 980 (UUID: GPU-08c2e212-876d-a6ec-933b-1188e9824ccd) | |
| GPU 2: GeForce GTX 980 (UUID: GPU-b8c2647c-8f47-ecce-34f8-781ea83c429c) | |
| GPU 3: GeForce GTX 980 (UUID: GPU-10eac0ac-6ab6-cf9f-7ca7-3657d4f23bae) | |
| GPU 4: GeForce GTX 980 (UUID: GPU-d494a6c6-eef3-890a-b11c-b4842e57c0bf) | |
| GPU 5: GeForce GTX 980 (UUID: GPU-35fe33d3-f61d-5fed-4fcf-bd5c94a39fc7) | |
| GPU 6: GeForce GTX 980 (UUID: GPU-233240fe-5699-2edc-01d2-2f961c275b13) | |
| GPU 7: GeForce GTX 980 (UUID: GPU-b64da0f4-27c5-6d92-1ae0-16c0b4f98d0e) |
kennwhite
/ gist:1d60ff622248d725f1de
Last active
August 29, 2015 14:07
— forked from tedder/gist:0d3276040054eb10857b
Tedder's ELB Security Policy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PolicyDescriptions: | |
| - PolicyName: ELBSecurityPolicy-2014-10 | |
| PolicyTypeName: SSLNegotiationPolicyType | |
| PolicyAttributeDescriptions: | |
| - AttributeName: Protocol-SSLv2 | |
| AttributeValue: false # http://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_2.0 | |
| - AttributeName: Protocol-TLSv1 | |
| AttributeValue: true # generally recognized as safe | |
| - AttributeName: Protocol-SSLv3 | |
| AttributeValue: false # POODLE, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 |
kennwhite
/ elb-set-secure-policy.sh
Last active
August 29, 2015 14:07
— forked from thomaswitt/elb-set-secure-policy.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # bin/elb-describe-lbs | awk '{print $2}' | xargs -n1 elb-set-secure-policy.sh | |
| ELB=$1 | |
| echo "Setting Policy on Load Balancer $1" | |
| bin/elb-create-lb-policy $ELB \ | |
| --policy-type SSLNegotiationPolicyType \ | |
| --policy-name elb-secure-ssl \ |
kennwhite
/ rc4.js
Last active
August 29, 2015 14:08
— forked from dchest/rc4.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function rc4(f,F,g,G){for(var U=256,b=[],c=a=0,d;U>a;a++)b[a]=a;for(a=0;U>a;a++)c=(c+b[a]+f[a%F])%U,d=b[a],b[a]=b[c],b[c]=d;for(var e=c=a=0;e<G;e++)a++,a%=U,c+=b[a],c%=U,d=b[a],b[a]=b[c],b[c]=d,g[e]=b[(b[a]+b[c])%U]} | |
| // Usage: | |
| // | |
| var key = [75, 101, 121]; // input bytes: "Key" | |
| var out = new Array(10); // place for keystream bytes | |
| rc4(key, key.length, out, out.length); // out now contains keystream: [235, 159, 119, 129, 183, 52, 202, 114, 167, 25] |
kennwhite
/ ECDHE_key_exchange_debug.sh
Last active
August 29, 2015 14:20
Debugging ephemeral elliptic curve Diffie-Hellman TLS behavior
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Simple debugging for ECDHE TLS key exchange | |
| # | |
| echo | openssl s_client -connect FOO.FQDN:443 -no_ssl3 -tls1_2 \ | |
| > -cipher ECDHE-RSA-AES128-GCM-SHA256 -msg -showcerts -verify -debug 2>&1 \ | |
| > | fold -w 80 -s > conn1.txt | |
| echo | openssl s_client -connect FOO.FQDN:443 -no_ssl3 -tls1_2 \ | |
| > -cipher ECDHE-RSA-AES128-GCM-SHA256 -msg -showcerts -verify -debug 2>&1 \ |
kennwhite
/ nginx-go-reverse-proxy-docker.sh
Last active
August 29, 2015 14:22
Painless OSX install for Nginx, Go, and Gorilla with a reverse proxy on Docker
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Install Nginx reverse proxy for Go to CentOS7 under Docker while avoiding D-Bus bullshit from systemd | |
| # Some helpful commands: | |
| # docker images | |
| # docker rmi [name or id of your image, -f to force] | |
| # On OSX, install The Kitematic App (https://kitematic.com) | |
| # Run it (it will silently create a VirtualBox VM in the background, installing VB if necessary) | |
| # Click: [DOCKER CLI] at the bottom left |
kennwhite
/ centos-vbox-on-mac
Last active
August 29, 2015 14:27
— forked from mjwall/centos-vbox-on-mac
setup centos in virtualbox on mac osx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - install virtual box | |
| - download minimal iso from http://yum.singlehop.com/CentOS/6.4/isos/x86_64/CentOS-6.4-x86_64-minimal.iso | |
| - create vm, use redhat 64 | |
| - in settings, storage, point the controller IDE to the iso | |
| - run it | |
| - once it reboots, you need networking | |
| - run dhclient eth0 | |
| - yum install system-config-network-tui | |
| - run system-config-network-tui | |
| - manually edit /etc/sysconfig/network-scripts/ifcfg-eth0 |