maus-

Securing traffic to upstream servers with client certificates

Info: https://www.nginx.com/resources/admin-guide/nginx-https-upstreams/

Creating and Signing Your Certs

Source: http://nategood.com/client-side-certificate-authentication-in-ngi

This is SSL, so you'll need an cert-key pair for you/the server, the api users/the client and a CA pair. You will be the CA in this case (usually a role played by VeriSign, thawte, GoDaddy, etc.), signing your client's certs. There are plenty of tutorials out there on creating and signing certificates, so I'll leave the details on this to someone else and just quickly show a sample here to give a complete tutorial. NOTE: This is just a quick sample of creating certs and not intended for production.

maus-

input {
  syslog = {
    type => syslog
    port => 514
  }
}
filter {
  grok {
   type => "auditd"
   pattern => [" AUDIT type=%{WORD:audit_type} msg=audit\(%{NUMBER:audit_epoch}:%{NUMBER:audit_coun

maus-

## Remove any existing rules
-D

## Buffer Size
## Feel free to increase this if the machine panic's
-b 8192

## Failure Mode
## Possible values are 0 (silent), 1 (printk, print a failure message),
## and 2 (panic, halt the system).

maus-

### Keybase proof

I hereby claim:

  * I am maus- on github.
  * I am maus (https://keybase.io/maus) on keybase.
  * I have a public key ASCo5fum0gAHBh3riuQ-RH1ViqyF2P0F0Ne7zqMpQFsXrAo

To claim this, I am signing this object:

maus-

#!/bin/bash
# 2012 Maus Stearns, 
# Quick ssh tunneling / reconnect tool
# Used primarily for quick synergy tunnels. 
RHOST=192.168.1.1
RPORT=24800
PID=$(ps -ef |grep ssh |grep $RPORT | awk '{print $2}')

if [ -n "$PID" ]; then
    echo "Existing Connection Exists. $PID"

maus-

/usr/local/rvm/rubies/ruby-1.9.3-p392/lib/ruby/1.9.1/yaml.rb:56:in `<top (required)>':
It seems your ruby installation is missing psych (for YAML output).
To eliminate this warning, please install libyaml and reinstall your ruby.
ERROR:  Loading command: install (LoadError)
    cannot load such file -- zlib
ERROR:  While executing gem ... (NameError)
    uninitialized constant Gem::Commands::InstallCommand
/usr/local/rvm/rubies/ruby-1.9.3-p392/lib/ruby/1.9.1/yaml.rb:56:in `<top (required)>':
It seems your ruby installation is missing psych (for YAML output).
To eliminate this warning, please install libyaml and reinstall your ruby.

maus-

adlfkjasdf

maus-

{
  "options": {
    "osquery_log_dir": "/var/log/osquery",
    "db_path": "/tmp/osquery.db",
    "pidfile": "/var/run/osquery.pid",
    "lockfile": "/var/lock/subsys/osquery",
    "config_retriever": "filesystem",
    "debug": "false",
    "disable_logging": "false",
    "event_pubsub": "true",

maus-

Name        : osquery                      Relocations: /usr 
Version     : 1.2.2_112_gdbb7050                Vendor: facebook
Release     : 1                             Build Date: Wed 07 Jan 2015 06:14:28 PM UTC
Install Date: (not installed)               Build Host: localhost
Group       : unknown                       Source RPM: osquery-1.2.2_112_gdbb7050-1.src.rpm
Size        : 21348299                         License: unknown
Signature   : (none)
Summary     : osquery is an operating system instrumentation toolchain.
Description :
DESCRIPTION

maus-

Name        : osquery                      Relocations: /usr 
Version     : 1.2.2                             Vendor: facebook
Release     : 1                             Build Date: Wed 17 Dec 2014 10:05:51 PM UTC
Install Date: (not installed)               Build Host: localhost
Group       : unknown                       Source RPM: osquery-1.2.2-1.src.rpm
Size        : 42855982                         License: unknown
Signature   : (none)
Summary     : osquery is an operating system instrumentation toolchain.
Description :
DESCRIPTION