| # This Envoy config is intended for user with Apple Network Relay clients: | |
| # https://support.apple.com/en-au/guide/deployment/dep91a6e427d/web | |
| # and can be used to support both HTTP/3 and HTTP/2 with both Extended CONNECT and MASQUE (CONNECT-UDP). | |
| # | |
| # It features: | |
| # - HTTP/2 listener (with client certificate validation) | |
| # - HTTP/3 listener | |
| # - Dynamic forward proxy cluster | |
| # | |
| # In its current form, it can be used for testing and experimenting with relay and MASQUE technologies, but it is |
| #!/usr/bin/env bash | |
| function make_mc () { | |
| yq << EOF | |
| interfaces: | |
| - name: bond0 | |
| type: bond | |
| state: absent |
| #!/bin/bash | |
| #set -e | |
| #Directories: | |
| ROOT_CA_DIRECTORY=/etc/ssl/testCA | |
| INTERMEDIATE_CA1_DIRECTORY=/etc/ssl/intermediateTestCA1 | |
| INTERMEDIATE_CA2_DIRECTORY=/etc/ssl/intermediateTestCA2 | |
| INTERMEDIATE_CA3_DIRECTORY=/etc/ssl/intermediateTestCA3 | |
| CRL_SERVER_DIRECTORY=/var/www/localhost/pki | |
| DEFAULT_CERTS_DIRECTORY=certs |
There are at least two valid, signed TLS certificates that are bundled with publicly available Netgear device firmware.
These certificates are trusted by browsers on all platforms, but will surely be added to revocation lists shortly.
The firmware images that contained these certificates along with their private keys were publicly available for download through Netgear's support website, without authentication; thus anyone in the world could have retrieved these keys.
| #@ /etc/quagga/bgpd.conf (Centos & Ubuntu) | |
| hostname <Local OS hostname> | |
| password <Any random phrase> | |
| enable password <Any random phrase> | |
| ! | |
| log file /var/log/quagga/bgpd | |
| !debug bgp events | |
| !debug bgp zebra | |
| debug bgp updates |
| #!/usr/bin/python | |
| # This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
| from impacket import smb, ntlm | |
| from struct import pack | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 8 and 2012 by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
| { | |
| "ignition": { "version": "2.0.0" }, | |
| "systemd": { | |
| "units": [ | |
| { | |
| "name": "auto-update-kmods.service", | |
| "enable": true, | |
| "contents": "[Unit]\nDescription=Install custom kernel modules\nAfter=lib-modules.mount network-online.target\nRequires=lib-modules.mount network-online.target\nConditionPathExists=!/opt/modules/%v\nConditionPathExistsGlob=/lib/modules/auto-update-kmods.d/*.sh\n\n[Service]\nType=oneshot\nExecStart=/bin/bash -ex /lib/modules/auto-update-kmods.sh\n\n[Install]\nWantedBy=multi-user.target\n" | |
| }, | |
| { |
(from Understanding Nginx Server and Location Block Selection Algorithms - https://goo.gl/YyzshP)
server {
#Container Resource Allocation Options in docker-run
now see: https://docs.docker.com/engine/reference/run/#runtime-constraints-on-resources
You have various options for controlling resources (cpu, memory, disk) in docker. These are principally via the docker-run command options.
##Dynamic CPU Allocation
-c, --cpu-shares=0
CPU shares (relative weight, specify some numeric value which is used to allocate relative cpu share)