Skip to content

Instantly share code, notes, and snippets.

TheRandomSecurityGuy therandomsecurityguy

Block or report user

Report or block therandomsecurityguy

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View keybase.md

Keybase proof

I hereby claim:

  • I am therandomsecurityguy on github.
  • I am dchamorro (https://keybase.io/dchamorro) on keybase.
  • I have a public key whose fingerprint is EF75 2860 41CA FA9C C088 364E 1C01 B4C1 A1F8 2C12

To claim this, I am signing this object:

@therandomsecurityguy
therandomsecurityguy / ubuntu16.04.sh
Created Sep 25, 2018
Ubuntu 16.04 hardening script
View ubuntu16.04.sh
#!/bin/bash
# Title: Ubuntu 16.04 Hardening
#
# DESCRIPTION: MODIFY / CHANGE / UPDATE / CONFIGURE
#
# Patching and Software Updates
apt-get -y update
apt-get -y upgrade
#
# File System Configuration
View slack-black.css
body { background: #222; color: #e6e6e6; }
a { color: #949494; }
a:link, a:visited { color: #949494; }
a:hover, a:active, a:focus { color: #c7c7c7; }
hr { border-bottom: 1px solid #424242; border-top: 1px solid #222; }
@therandomsecurityguy
therandomsecurityguy / vault.service
Created Jun 22, 2017
Vault server service for systemd
View vault.service
[Unit]
Description=vault server
Requires=network-online.target
After=network-online.target consul.service
[Service]
EnvironmentFile=-/etc/sysconfig/vault
Restart=on-failure
ExecStart=/usr/local/bin/vault server $OPTIONS -config=/etc/vault.d
@therandomsecurityguy
therandomsecurityguy / consul.service
Last active Jun 22, 2017
Consul service for systemd
View consul.service
[Unit]
Description=consul agent
Requires=network-online.target
After=network-online.target
[Service]
EnvironmentFile=-/etc/sysconfig/consul
Environment=GOMAXPROCS=2
Restart=on-failure
ExecStart=/usr/local/bin/consul agent $OPTIONS -config-dir=/etc/consul.d
View vault-pki.md

Vault PKI Root and Intermediate Certificates

Root Certificate

vault mount -path=pki-root pki

vault mount-tune -max-lease-ttl=87600h pki-root

# This will write a json file to the filesystem.
vault write -format=json pki-root/root/generate/exported \
  common_name=example.com \
View keybase.md

Keybase proof

I hereby claim:

  • I am therandomsecurityguy on github.
  • I am dchamorro (https://keybase.io/dchamorro) on keybase.
  • I have a public key ASBzIcrx_ZBAgf0SKnhyaKkhTu3sm1moLqkoAM9cBQ0aMQo

To claim this, I am signing this object:

View vault-on-aws-with-s3
# HOWTO: Installing Vault On AWS with S3 backend
This is a HOWTO on installing [Vault](https://www.vaultproject.io/https://github.com/hashicorp/vault) on AWS with S3.
Components used:
* [Vault](https://www.vaultproject.io/https://github.com/hashicorp/vault)
* [AWS S3](https://aws.amazon.com/s3/)
* [AWS IAM](https://aws.amazon.com/iam/)
* [AWS EC2](https://aws.amazon.com/ec2/)
* [OpenSSL](https://www.openssl.org/)
View netperf_udp_stream.sh
#!/bin/sh
#
# This is an example script for using netperf. Feel free to modify it
# as necessary, but I would suggest that you copy this one first.
# This script performs various UDP unidirectional stream tests.
# usage: ./netperf_udp_stream.sh [machine A's IP] [CPU] [-Tx,x] > filename.txt
#
if [ $# -gt 4 ]; then
echo "try again, correctly -> udp_stream_script hostname [CPU] [-Tx,x] [I]"
View netperf_tcp_stream.sh
#!/bin/sh
#
# This is an example script for using netperf. Feel free to modify it
# as necessary, but I would suggest that you copy this one first.
#
# This version has been modified to take advantage of the confidence
# interval support in revision 2.0 of netperf. it has also been altered
# to make submitting its resutls to the netperf database easier
#
# usage: ./netperf_tcp_stream.sh [machine A's IP] [CPU] [-Tx,x] > filename.txt
You can’t perform that action at this time.