| { | |
| "Type":"UnencryptedConfiguration", | |
| "Certificates": [ { | |
| "GUID": "{<GUID#1>}", | |
| "Type": "Authority", | |
| "X509": "<CA_CERT>" | |
| } ], | |
| "NetworkConfigurations": [ { | |
| "GUID": "{<GUID#2>}", | |
| "Name": "<VPN_NAME>", |
| port 443 #Listen on port 443 - change if you like | |
| proto tcp #Use TCP - change to UDP if you prefer | |
| dev tun #Use tun interface - this is recommeded for most use cases | |
| ca ca.crt #Read CA cert/pub key from ca.crt (not-secret) | |
| cert server.crt #Read server cert/pub key from server.crt (not-secret) | |
| key server.key #Read server private key from server.key (SECRET!) | |
| dh dh2048.pem #Read Diffie Hellan (DH) parms from db2048.pem | |
| server 10.8.0.0 255.255.255.248 #IP range for clients - change if you like | |
| push "topology subnet" #Recommended topology | |
| ifconfig-pool-persist ipp.txt #Will try give the same ip to clients every connection |
| input { | |
| tcp { | |
| port => 5000 | |
| type => syslog | |
| } | |
| udp { | |
| port => 5000 | |
| type => syslog | |
| } | |
| } |
| input { | |
| tcp { | |
| port => 5000 | |
| type => syslog | |
| } | |
| udp { | |
| port => 5000 |
| grep -v '^$\|^\s*#' | |
| #consider setting up an alias in ~/.bash_aliases for example | |
| alias db="grep -v '^$\|^\s*#'" |
| version: ‘2’ | |
| services: | |
| elasticsearch: | |
| build: elasticsearch/ | |
| volumes: | |
| – ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml | |
| – ./elasticsearch/data:/usr/share/elasticsearch/data | |
| ports: | |
| – “9200:9200” |
| ___ _____ ___ _ _ _ _ _ _ _ _ _ _ _ | |
| /_\ \ / / __| ___ / __| ___| |_ _| |_(_)___ _ _ /_\ _ _ __| |_ (_) |_ ___ __| |_ /_\ ______ ___ __(_)__ _| |_ ___ | |
| / _ \ \/\/ /\__ \ |___| \__ \/ _ \ | || | _| / _ \ ' \ / _ \| '_/ _| ' \| | _/ -_) _| _| / _ \ (_-<_-</ _ \/ _| / _` | _/ -_) | |
| /_/ \_\_/\_/ |___/ |___/\___/_|\_,_|\__|_\___/_||_| /_/ \_\_| \__|_||_|_|\__\___\__|\__| /_/ \_\/__/__/\___/\__|_\__,_|\__\___| | |
| Notes taken between Dec-2017 and Jan-2018, from acloud.guru and AWS FAQs. | |
| Solution Architect Associate - Need to Know: |
| ___ _____ ___ _ _ __ _ _ ___ _ _ _ _ | |
| /_\ \ / / __| ___ / __|___ _ _| |_(_)/ _(_)___ __| | | \ _____ _____| |___ _ __ ___ _ _ /_\ ______ ___ __(_)__ _| |_ ___ | |
| / _ \ \/\/ /\__ \ |___| | (__/ -_) '_| _| | _| / -_) _` | | |) / -_) V / -_) / _ \ '_ \/ -_) '_| / _ \ (_-<_-</ _ \/ _| / _` | _/ -_) | |
| /_/ \_\_/\_/ |___/ \___\___|_| \__|_|_| |_\___\__,_| |___/\___|\_/\___|_\___/ .__/\___|_| /_/ \_\/__/__/\___/\__|_\__,_|\__\___| | |
| |_| | |
| Notes taken in Jan-2018, from acloud.guru and AWS FAQs. | |
| There is a lot of overlap in knowledge areas between Solution Architect Associate, and the Certified Developer Associate. | |
| Hence this doc only covers the deltas for the CDA exam. |
flaws.cloud itself says it best:
Through a series of levels you'll learn about common mistakes and gotchas when using Amazon Web Services (AWS).
There are no SQL injection, XSS, buffer overflows, or many of the other vulnerabilities you might have seen before. As much as possible, these are AWS specific issues.
A series of hints are provided that will teach you how to discover the info you'll need.
| import sqlite3 #Import the SQLite3 module | |
| import sys | |
| commit = False | |
| try: | |
| sqlite_file = sys.argv[1] | |
| except: | |
| print "You must specify a sqlite db file as an argument." | |
| quit() |