Skip to content

Instantly share code, notes, and snippets.

View nielsvanderbeke's full-sized avatar

Niels Vanderbeke nielsvanderbeke

8 followers · 7 following
View GitHub Profile
@nielsvanderbeke
nielsvanderbeke / links_vsphere
Last active June 7, 2022 22:24
VMware install ISO on USB
@nielsvanderbeke
nielsvanderbeke / slow_http_attacks.md
Created February 14, 2014 08:04
Slow HTTP Attacks

Slow HTTP attacks are denial-of-service (DoS) attacks in which the attacker sends HTTP requests in pieces slowly, one at a time to a Web server. If an HTTP request is not complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data. When the server’s concurrent connection pool reaches its maximum, this creates a DoS. Slow HTTP attacks are easy to execute because they require only minimal resources from the attacker.

Attack exploits the fact that most of modern web servers are not limiting the connection duration if there is a data flow going on, and with possiblity to prolong TCP connection virtually forever with zero or minimal data flow by manipulating TCP receive window size value, it is possible to acquire concurent connections pool of the application. Possibility to prolong TCP connection is described in several vulnerability reports: MS09-048, CVE-2008-4609, CVE-2009-1925, CVE-2009-1926 .

Prerequisites for the successful attack are: - victim serve

@nielsvanderbeke
nielsvanderbeke / java keystores
Created October 7, 2013 09:35
java keystore and certificate commands
What is in a keystore
=======================
keytool -list -v -keystore keystore-file.jks | less
=======================
show certificates website
=======================
openssl s_client -host internet.onprvp.fgov.be -port 443 -showcerts
=======================
@nielsvanderbeke
nielsvanderbeke / keybase.md
Created December 23, 2016 08:39

Keybase proof

I hereby claim:

  • I am nielsvanderbeke on github.
  • I am nielsvanderbeke (https://keybase.io/nielsvanderbeke) on keybase.
  • I have a public key whose fingerprint is EDE2 92B4 0AA7 9958 D823 4EE5 15EC DC89 DBB8 02A7

To claim this, I am signing this object:

@nielsvanderbeke
nielsvanderbeke / javascript_resources.md
Created January 20, 2014 12:36 — forked from jookyboi/javascript_resources.md
Here are a set of libraries, plugins and guides which may be useful to your Javascript coding.

Libraries

  • jQuery - The de-facto library for the modern age. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers.
  • Backbone - Backbone.js gives structure to web applications by providing models with key-value binding and custom events, collections with a rich API of enumerable functions, views with declarative event handling, and connects it all to your existing API over a RESTful JSON interface.
  • AngularJS - Conventions based MVC framework for HTML5 apps.
  • Underscore - Underscore is a utility-belt library for JavaScript that provides a lot of the functional programming support that you would expect in Prototype.js (or Ruby), but without extending any of the built-in JavaScript objects.
  • lawnchair - Key/value store adapter for indexdb, localStorage
@nielsvanderbeke
nielsvanderbeke / mount synology raspbmc
Created January 20, 2014 06:46
sudo mkdir /mnt/media
sudo sh -c 'echo "//<ip synology>/media /mnt/media cifs user,uid=pi,gid=users,rw,suid,credentials=/etc/cifspwd 0 0" >> /etc/fstab'
sudo sh -c 'echo username=raspbmc > /etc/cifspwd'
sudo sh -c 'echo password=<password> >> /etc/cifspwd'
@nielsvanderbeke
nielsvanderbeke / jvm tuning - rolling gc logs.md
Last active January 3, 2016 13:59
jvm tuning - rolling gc logs

documentation

jvm parameters

-Xloggc: -XX:-UseGCLogFileRotation -XX:GCLogFileSize=10M

" -XX:+PrintVMOptions -XX:+PrintAdaptiveSizePolicy -XX:AdaptiveSizePolicyOutputInterval=1" " -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -Xloggc://serve-gc.log -XX:-UseGCLogFileRotation -XX:NumberOfGClogFiles=50 -XX:GCLogFileSize=10M"

@nielsvanderbeke
nielsvanderbeke / v-test
Created January 9, 2014 07:39
v-test vreg curl
curl -sLe ';auto' -k -d 'email=niels.vanderbeke@gmail.com' -d "keuze=EA" -d "netbeheerdere=Imea" -d "netbeheerderg=Imea" -d "tarief=TV" -d "tarief2=VER" -d "postcode=2570" -d "zipcodeid=2823" -d "gezinsleden=2" -d "tariefdag=1600" -d "tariefnacht=1900" -d "verbruik=23000" -d "javascript:submitForm();" 'http://vtest.vreg.be/hh/resultaat.asp' > vreg.html
@nielsvanderbeke
nielsvanderbeke / getMealVoucherSaldo.sh
Created January 8, 2014 14:02
Get meal voucher saldo from monizze card
#!/bin/sh
######################################################################
# script getMealVoucherSaldo.sh
# purpose Get meal voucher saldo from monizze card
# author Niels Vanderbeke
# date 20140108
# parameters none
# changed at 20140108
# changed by Niels Vanderbeke
######################################################################
@nielsvanderbeke
nielsvanderbeke / telemeter.sh
Created January 8, 2014 14:01
script to get your telenet isp usage
#!/bin/sh
######################################################################
# script telemeter.sh
# purpose Get internet usage indicator telenet using telemeter webservice
# author Niels Vanderbeke
# date 20140103
# parameters none
# changed at 20140103
# changed by Niels Vanderbeke
######################################################################