Skip to content

Instantly share code, notes, and snippets.

View keybase.md

Keybase proof

I hereby claim:

  • I am therandomsecurityguy on github.
  • I am dchamorro (https://keybase.io/dchamorro) on keybase.
  • I have a public key whose fingerprint is EF75 2860 41CA FA9C C088 364E 1C01 B4C1 A1F8 2C12

To claim this, I am signing this object:

@therandomsecurityguy
therandomsecurityguy / ubuntu16.04.sh
Created Sep 25, 2018
Ubuntu 16.04 hardening script
View ubuntu16.04.sh
#!/bin/bash
# Title: Ubuntu 16.04 Hardening
#
# DESCRIPTION: MODIFY / CHANGE / UPDATE / CONFIGURE
#
# Patching and Software Updates
apt-get -y update
apt-get -y upgrade
#
# File System Configuration
View slack-black.css
body { background: #222; color: #e6e6e6; }
a { color: #949494; }
a:link, a:visited { color: #949494; }
a:hover, a:active, a:focus { color: #c7c7c7; }
hr { border-bottom: 1px solid #424242; border-top: 1px solid #222; }
@therandomsecurityguy
therandomsecurityguy / vault.service
Created Jun 22, 2017
Vault server service for systemd
View vault.service
[Unit]
Description=vault server
Requires=network-online.target
After=network-online.target consul.service
[Service]
EnvironmentFile=-/etc/sysconfig/vault
Restart=on-failure
ExecStart=/usr/local/bin/vault server $OPTIONS -config=/etc/vault.d
@therandomsecurityguy
therandomsecurityguy / consul.service
Last active Jun 22, 2017
Consul service for systemd
View consul.service
[Unit]
Description=consul agent
Requires=network-online.target
After=network-online.target
[Service]
EnvironmentFile=-/etc/sysconfig/consul
Environment=GOMAXPROCS=2
Restart=on-failure
ExecStart=/usr/local/bin/consul agent $OPTIONS -config-dir=/etc/consul.d
View vault-pki.md

Vault PKI Root and Intermediate Certificates

Root Certificate

vault mount -path=pki-root pki

vault mount-tune -max-lease-ttl=87600h pki-root

# This will write a json file to the filesystem.
vault write -format=json pki-root/root/generate/exported \
  common_name=example.com \
View vault-on-aws-with-s3
# HOWTO: Installing Vault On AWS with S3 backend
This is a HOWTO on installing [Vault](https://www.vaultproject.io/https://github.com/hashicorp/vault) on AWS with S3.
Components used:
* [Vault](https://www.vaultproject.io/https://github.com/hashicorp/vault)
* [AWS S3](https://aws.amazon.com/s3/)
* [AWS IAM](https://aws.amazon.com/iam/)
* [AWS EC2](https://aws.amazon.com/ec2/)
* [OpenSSL](https://www.openssl.org/)
View netperf_udp_stream.sh
#!/bin/sh
#
# This is an example script for using netperf. Feel free to modify it
# as necessary, but I would suggest that you copy this one first.
# This script performs various UDP unidirectional stream tests.
# usage: ./netperf_udp_stream.sh [machine A's IP] [CPU] [-Tx,x] > filename.txt
#
if [ $# -gt 4 ]; then
echo "try again, correctly -> udp_stream_script hostname [CPU] [-Tx,x] [I]"
View netperf_tcp_stream.sh
#!/bin/sh
#
# This is an example script for using netperf. Feel free to modify it
# as necessary, but I would suggest that you copy this one first.
#
# This version has been modified to take advantage of the confidence
# interval support in revision 2.0 of netperf. it has also been altered
# to make submitting its resutls to the netperf database easier
#
# usage: ./netperf_tcp_stream.sh [machine A's IP] [CPU] [-Tx,x] > filename.txt
View nova.conf
[DEFAULT]
# Trunk fork: http://docs.openstack.org/trunk/config-reference/content/list-of-compute-config-options.html
# IPv6 info and IP
use_ipv6 = True
my_ip = <put your IPv6 IP here>
rpc_backend = rabbit
rabbit_host = controller.putyourowndomainhere.com