Suzanne Aldrich suzannealdrich

Network Hardware Vulnerabilities Library

The Network Hardware Vulnerabilities Library documents known security vulnerabilities affecting various network devices, including F5, Palo Alto Networks, Citrix NetScaler, SonicWall, Fortinet FortiGate, and Z-Wave devices. It provides structured information on each vulnerability, including CVE identifiers, descriptions, potential impacts, and mitigation recommendations, along with links to official security advisories and research reports. This resource serves as a reference for security professionals, network administrators, and researchers to assess and address critical vulnerabilities in network infrastructure, ensuring timely patching and risk mitigation.

F5

CVE-2022-1388

Title: iControl REST Authentication Bypass

macOS 12 Monterey Setup

An easy to refer to document for setting up macOS 12 Monterey.

Previous Setup Gists

My previous macOS / OSX setup gists:

macOS 10.15 Catalina - https://gist.github.com/suzannealdrich/bf145e46d48c6d74c775951a939ec9f5
Mac OS X 10.10 Yosemite - https://gist.github.com/suzannealdrich/d240c4741052b5db732a

macOS 10.15 Catalina Setup

An easy to refer to document for setting up macOS 10.15 Catalina.

Previous Setup Gists

My previous macOS / OSX setup gists:

Mac OS X 10.10 Yosemite - https://gist.github.com/suzannealdrich/d240c4741052b5db732a

Mac OS X 10.10 Yosemite

Recipe for custom OS X 10.10 Yosemite setup with Homebrew Cask installed user apps and Docker developer environment.

Fork this and modify to match your needs.

Install Software

The software selected is needed after fresh installs. Software not listed here is handled on a case-by-case basis.

Keybase proof

I hereby claim:

I am suzannealdrich on github.
I am suzannealdrich (https://keybase.io/suzannealdrich) on keybase.
I have a public key whose fingerprint is E778 D500 BF7C 34FA 3472 5472 3747 228B E9CC 066E

To claim this, I am signing this object:

	-----BEGIN PGP SIGNED MESSAGE-----
	Hash: SHA512

	PGP Key Transition Statement
	Suzanne Aldrich <[email protected]>
	Wed May 4 06:55:38 UTC 2016

	I have generated a new PGP key, and this statement generated at the date and
	time provided above, is signed using both my old key and my new key. This
	change was not prompted by any specific incident, and was done simply to

	#!/bin/bash
	# Returns the diff between response headers of a domain vs. its origin ip. Requires SSL.

	NAME=`basename $0`
	COMMAND="diff <(curl -Isk https://$1) <(curl -Isk -H 'Host: $1' https://$2)"

	if [ $# -ne 2 ]
	then
	echo "Usage: $NAME domain.tld origin.ip" 1>&2
	echo "Returns the response headers and a diff of a domain vs. its origin ip. Requires SSL." 1>&2

	wget --spider -o wget.log -e robots=off -r -l 5 -p -S --header="X-Bypass-Cache: 1" --limit-rate=124k www.example.com

	# Options explained
	# --spider: Crawl the site
	# -o wget.log: Keep the log
	# -e robots=off: Ignore robots.txt
	# -r: specify recursive download
	# -l 5: Depth to search. I.e 1 means 'crawl the homepages'. 2 means 'crawl the homepage and all pages it links to'...
	# -p: get all images, etc. needed to display HTML page
	# -S: print server response

	$ openssl s_client -cipher EXPORT -connect www.nsa.gov:443
	CONNECTED(00000003)
	depth=1 /C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G4
	verify error:num=20:unable to get local issuer certificate
	verify return:0
	---
	Certificate chain
	0 s:/C=US/ST=Maryland/L=Fort George G Meade/O=National Security Agency/OU=Akamai SAN SSL OV/CN=www.nsa.gov
	i:/C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G4
	1 s:/C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G4

	// CloudFlare Connecting IP
	if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
	$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
	}

	// CloudFlare SSL Enabled
	if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
	$_SERVER['HTTPS'] = 'on';
	}