This script enables checking of dates on a certificate. Usually tied together with some form of alerting when within a month ot week of renewal needs.
echo | openssl s_client -connect HOSTNAME:PORT 2>/dev/null | openssl x509 -noout -dates
This script enables checking of dates on a certificate. Usually tied together with some form of alerting when within a month ot week of renewal needs.
echo | openssl s_client -connect HOSTNAME:PORT 2>/dev/null | openssl x509 -noout -dates
When using things like SSH and SCP at scale across many hosts, it's important to trim available cipher suites. Rolling through all ciphers suites until a match is found can be time costly. At the very least you should trim your client and proxies to use a limited set of valid ciphers. It's also valuable to limit on the server side too in order to avoid keys and certificates using corrupted ciphers.
Below is what I deem to be the best security/performance configurations for an optimal path.
ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
aes192-ctr,aes256-ctr,aes192-cbc,aes256-cbc
#!/bin/bash | |
# Move to a location where you don't mind storing the couchdb install files. | |
cd /tmp/ | |
EPEL_FILE=epel-release-latest-7.noarch.rpm | |
COUCH=apache-couchdb-1.6.1.tar.gz | |
rm -rf epel-release-latest-7.noarch.rpm |
require 'net/http' | |
require 'net/https' | |
require 'uri' | |
API_URI = 'some.site.com' | |
root_ca_path = '/etc/ssl/certs' | |
root_ca_depth = 5 | |
api_user = 'username' | |
api_password = 'password' |
pbcopy < ~/.ssh/id_rsa.pub |
cd /var/log/mongodb/ | |
grep '2015-07-10' mongodb.log| grep IXSCAN | sed -e s'/.*planSummary: IXSCAN//' | sed -e 's/ cursorid.*//; s/ keyUpdates.*//; s/ nto.*//; ' | perl -lne 'print join "\n", split /, IXSCAN/;' | perl -pne 's/(^\s+)//' | sort | uniq -c |
find security.report.safer.* -type f -printf "%C@ %p\n" | sort -rn | head -n 2 | |
diff <(tail -n +4 file | head -n -1) <(tail -n +4 file2 | head -n -1) |
egrep -i 'authentication failure;' FILENAME.txt | egrep 'root' | egrep -v ' more ' | awk '{print $14}' | tr '=' ' ' | awk '{print $2}' | sort | uniq -c | sort -nr | more |
for k in $(git branch -a --merged|grep -v "\->"|sed s/^..//);do echo -e $(git log -1 --pretty=format:"%Cgreen%ci %Cred%cr%Creset" "$k")\\t"$k";done|sort|more |
git ls-files -z | xargs -0n1 git blame -w | ruby -n -e '$_ =~ /^.*\((.*?)\s[\d]{4}/; puts $1.strip' | sort -f | uniq -c | sort -n |