Skip to content

Instantly share code, notes, and snippets.

sanderkwantes /
Created Sep 25, 2016 — forked from scy/
My OSX PF config for #30C3.

My OS X “VPN only” Setup For #30C3

You should never let passwords or private data be transmitted over an untrusted network (your neighbor’s, the one at Starbucks or the company) anyway, but on a hacker congress like the #30C3, this rule is almost vital.

Hackers get bored easily, and when they’re bored, they’re starting to look for things to play with. And a network with several thousand connected users is certainly an interesting thing to play with. Some of them might start intercepting the data on the network or do other nasty things with the packets that they can get.

If these packets are encrypted, messing with them is much harder (but not impossible! – see the end of this article). So you want your packets to be always encrypted. And the best way to do that is by using a VPN.

Target audience

sanderkwantes / freeswitch_digitalocean_floatingip.txt
Created Jul 31, 2016
Freeswitch/FusionPBX set IP adres to Floating IP on Digital Ocean VPS (add to vars.xml)
View freeswitch_digitalocean_floatingip.txt
<!-- Set local_ip_v4 to Digital Ocean Floating IP -->
<X-PRE-PROCESS cmd="exec-set" data="local_ip_v4=ip addr show eth0 | awk 'FNR == 5 {print $2}' | cut -d '/' -f 1"/>
sanderkwantes / user-data-digitalocean.txt
Last active Aug 29, 2016
Digital Ocean User Data field content to disable SSH Password Authentication (use only when public key authentication is added)
View user-data-digitalocean.txt
- sed -i -e '/^#PasswordAuthentication/s/^.*$/PasswordAuthentication no/' /etc/ssh/sshd_config
- sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin without-password/' /etc/ssh/sshd_config
- apt-get -y install python
- service ssh restart