Skip to content

Instantly share code, notes, and snippets.

@ntk148v
ntk148v / xz-backdoor.md
Created April 2, 2024 06:47 — forked from thesamesam/xz-backdoor.md
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is still a new situation. There is a lot we don't know. We don't know if there are more possible exploit paths. We only know about this one path. Please update your systems regardless.

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

@ntk148v
ntk148v / udp-loader.go
Created June 30, 2022 03:05 — forked from jtblin/udp-loader.go
UDP server performance optimisation
package main
import (
"crypto/rand"
"flag"
"log"
mrand "math/rand"
"net"
"os"
"os/signal"
@ntk148v
ntk148v / iterm-to-hex.py
Created April 8, 2022 07:35 — forked from alfredodeza/iterm-to-hex.py
read an itermcolors export file and spit out Vim 8's ansi color var
#!/usr/bin/env python
#
# Convert .itermcolors files to hex colors
import sys
import xml.etree.ElementTree as ET
def rgb_to_hex(rgb):
return '#%02x%02x%02x' % rgb
@ntk148v
ntk148v / exabgp.conf
Last active February 7, 2022 08:25 — forked from bufadu/howto_bgp_ecmp_load_balancing.md
BGP ECMP Load Balancer
# Lb2 /etc/exabgp/exabgp.conf
neighbor 10.12.12.254 { # Remote neighbor to peer with
router-id 10.12.12.254; # Local router-id
local-address 10.12.12.2; # Local update-router
local-as 65500; # Local AS
peer-as 65500; # Peer AS
family {
ipv4 unicast;
}

EDIT from 2019: Hi folks. I wrote this gist for myself and some friends, and it seems like it's gotten posted somewhere that's generated some (ahem, heated) discussion. The whitespace was correct when it was posted, and since then GitHub changed how it formats <pre> tags. Look at the raw text if you care about this. I'm sure someone could tell me how to fix it, but (thank you @anzdaddy for suggesting a formatting workaround) honestly this is a random throwaway gist from 2015, and someone more knowledgable about this comparison should just write a proper blog post about it. If you comment here I'll hopefully see it and stick a link to it up here. Cheers. @oconnor663

Here's the canonical TOML example from the TOML README, and a YAML version of the same.

title = "TOML Example"
 
@ntk148v
ntk148v / Vault-ssh-ca-README.md
Created May 13, 2021 07:35 — forked from kawsark/Vault-ssh-ca-README.md
A guide for configuring Vault's SSH-CA

SSH CA use-case with Vault

In this scenario we are going to set up Vault to sign SSH keys using an internal CA. We will configure the SSH secrets engine and create a CA within Vault. We will then configure an SSH server to trust the CA key we just created. Finally we will attempt to SSH using a private key, and a public key signed by Vault SSH CA.

Prerequisites

  • This guide assumes you have already provisioned a Vault server, SSH host using OpenSSH server, and a SSH client machine.
  • The client system must be able to reach the Vault server and the OpenSSH server.
  • We will refer to these systems respectively as:
  • VAULT_SERVER
@ntk148v
ntk148v / container-transform.go
Created April 16, 2020 15:09 — forked from lox/container-transform.go
Convert from docker-compose.yml to ecs task definition in golang
package transform
import (
"errors"
"fmt"
"strconv"
"strings"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/ecs"
@ntk148v
ntk148v / linux_memory_control_to_avoid_swap_thrashing.md
Created November 28, 2019 09:41 — forked from JPvRiel/linux_memory_control_to_avoid_swap_thrashing.md
Notes on linux memory management options to prioritize and control memory access using older ulimits, newer cgroups and overcommit policy settings. Mostly as an attempt to keep a desktop environment responsive and avoid swap thrashing under high memory pressure.

Overview

Some notes about:

  • Explaining why current day Linux memory swap thrashing still happens (as of 2016).
  • Mitigating "stop the world" type thrashing issues on a Linux workstation when it's under high memory pressure and where responsiveness is more important than process completion.
  • Prioritizing and limiting memory use.
  • Older ulimit versus newer CGroup options.

These notes assume some basic background knowledge about memory management, ulimits and cgroups.

@ntk148v
ntk148v / main.go
Last active October 25, 2019 04:08 — forked from thrawn01/main.go
etcd `concurrency.Election` example with connection interruption detection and initial leadership status reporting
package main
import (
"context"
"fmt"
"os"
"os/signal"
"syscall"
"time"
@ntk148v
ntk148v / main.go
Created March 7, 2019 02:33 — forked from enricofoltran/main.go
A simple golang web server with basic logging, tracing, health check, graceful shutdown and zero dependencies
package main
import (
"context"
"flag"
"fmt"
"log"
"net/http"
"os"
"os/signal"