rogerscuall

{
  "args": {}, 
  "data": "", 
  "files": {}, 
  "form": {}, 
  "headers": {
    "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8", 
    "Accept-Encoding": "gzip, deflate, br", 
    "Accept-Language": "en-US,en;q=0.5", 
    "Cookie": "VouchCookie=H4sIAAAAAAAA_3SWwXaruNKFn-i_C4Hxag-bgDA6QQQhlUAzgdwHI0GU2Dlgnv5fTu7w9theu6p2qb7N5UHGPh-u1ZUUYi8QvRa3YmHx8FIcC-tbeCGn_1weBA0hPPoZ31VTHIuZObMwN0Rs63h2fX0hu26ZGx7FUT6IVW33ZfLRqXn7M8zOdpLG3QwPfYbr63x6qAcxry8kNS0N-hClfY5935bXarmfXl9IXUs6qZbukJ8-lTw8m3MX4R8dGKbFyTetU5BvLwobDc4JYenErNi6wFQ9GtNKYihnFgk0Jpccg5ho1dt47ZCyQ46_6hlR7TxXWFUGM1HmrqwD_95ZM33rOwoXazc-u19VEz9rHxU25Ps3ThVkKOKLz_ssjssUvwFSnxwzZgJ0bFqmtA1W7sqtz9CxmUfNkPdy9kspTq2U37U-uolYI3EnFvXWSxZ3E5UmpHHDVXsR_qsLg7iU9NyfQV-Etzyjv8q8eJh8u_ap3bqdwHc_86hKG9-6nVIttrRZvConF0lHCbXuXrVGww6rtPTFhPReSTRCNN4aYaTBru3PlOjWeAmjLHOcVzwZYce3Rvo_lywWKvLVxdmNOwY0e-onUxkgz0P3qw9ZIRYzXZZk4imOjLOPSsbXXq5rt9htwL6oW7AyQ4F0Jr_MLC3PY9kLFUgYVzOTO5vodOHw0U3F1gXrDosvAan3bqfMZEhWQGyfs6ZDw4FKKv7r302JMdHi9ME4fmN

rogerscuall

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    cert-manager.io/issuer: letsencrypt-dev
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/proxy-buffer-size: "8k"
    #nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"
    nginx.ingress.kubernetes.io/auth-signin: "https://vouch.mydomain.com.org/login?url=$scheme://$http_host$request_uri&vouch-failcount=$auth_resp_failcount&X-Vouch-Token=$auth_resp_jwt&error=$auth_resp_err"

rogerscuall

config:
  vouch:
    domains:
     - mydomain.com.org
    allowAllUsers: true
    # whiteList: []
    # jwt:
    #   secret: super-secret-stuff
    # webapp: false
    testing: true

rogerscuall

<html lang="en">
<head>
    <link href="https://d3oia8etllorh5.cloudfront.net/20191106223759/css/bootstrap.min.css" rel="stylesheet"
        media="screen" />
    <link href="https://d3oia8etllorh5.cloudfront.net/20191106223759/css/cognito-login.css" rel="stylesheet"
        media="screen" />

    <title>Signin</title>

    <script src="https://d3oia8etllorh5.cloudfront.net/20191106223759/js/amazon-cognito-advanced-security-data.min.js" ></script>

rogerscuall

config:
  vouch:
    domains:
     - mydomain.com
    # allowAllUsers: true
    # whiteList: []
    # jwt:
    #   secret: super-secret-stuff
    # webapp: false
    testing: true

rogerscuall

Setting up xrdp on Kali Linux 2016.2 on AWS

AWS has an AMI for Kali 2016.2, but being remote, you need VNC or RDP to access the graphical tools.

VNC is easy to set up but very restrictive. RDP is harder to set up, but easier to use. These are the instructions I use to set up xrdp.

I use this config so that I connect to the Kali VM through an Apache Guacamole RDP proxy. This keeps Kali behind the firewall and in my pentesting lab. Guacamole also allows me to access the Kali box on SSH or RDP via a web interface from anywhere and any device. 

OS: Kali Linux 2016.2
AMI: Updated 19 Oct 2016

rogerscuall

Docker Swarm Mode Ports

Starting with 1.12, Docker Swarm Mode is a built-in solution with built-in key/value store. Easier to get started, and fewer ports to configure.

Inbound Traffic for Swarm Management

• TCP port 2377 for cluster management & raft sync communications
• TCP and UDP port 7946 for "control plane" gossip discovery communication
• UDP port 4789 for "data plane" VXLAN overlay network traffic

AWS Security Group Example

AWS Tip: You should use Security Groups in AWS's "source" field rather then subnets, so SG's will all dynamically update when new nodes are added.

rogerscuall

for i in 1 2 3; do
  docker-machine create -d virtualbox node-$i
done

eval $(docker-machine env node-1)

docker swarm init \
  --advertise-addr $(docker-machine ip node-1)

TOKEN=$(docker swarm join-token -q worker)