something like this will add a great regularly updated malware file for it to use. More security and privacy to you! Specifically, this uses https://github.com/StevenBlack/hosts Choose one of the Raw Hosts file from there to use.
To setup DNSMasq, follow the below ...
wget -O- https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts | awk '$1 == "0.0.0.0" { print "address=/"$2"/0.0.0.0/"}' > /etc/dnsmasq.d/malware.conf`
| # SiInit | |
| 299D6F8B-2EC9-4E40-9EC6-DDAA7EBF5FD9 12 P:81E10080000033C1:9090909090909090 | |
| # PpmInitialize Reset IA32_TSC_ADJUST to 0 instead of enforcing 0xE2 lock | |
| 3FFCAE95-23CF-4967-94F5-16352F68E43B 10 P:742CB9E20000000F3248C1E220480BC20FBAE00F488944240872130FBAE80F89442408488B54240848C1EA200F30:BA00000000B800000000B93B0000000F309090909090909090909090909090909090909090909090909090909090 | |
| # CpuInitPei Reset IA32_TSC_ADJUST to 0 instead of enforcing 0xE2 lock | |
| 01359D99-9446-456D-ADA4-50A711C03ADA 12 P:B9E20000000F328BC8BE0080000023CE0BCF75190BC6894424088954240C8B54240C8B442408B9E20000000F30:BA00000000B800000000B93B0000000F3090909090909090909090909090909090909090909090909090909090 | |
| # CpuMpDxe to disable TSC writes |
| local _M = { | |
| _VERSION = '0.1' | |
| } | |
| local connect = function() | |
| local redis = require "resty.redis" | |
| local red = redis:new() | |
| red:set_timeout(1000) -- 1 sec | |
| local ok, err = red:connect("127.0.0.1", 6379) | |
| if not ok then |
| From 3a8fe43e9e073f26e44f62ad072079acd8b78de3 Mon Sep 17 00:00:00 2001 | |
| From: =?UTF-8?q?Felix=20Bu=CC=88nemann?= <[email protected]> | |
| Date: Mon, 30 May 2016 00:00:29 +0200 | |
| Subject: [PATCH] Add SPDY support back to Nginx with HTTP/2 | |
| Ported to 1.9.15 from 1.9.7 patch by Jiale Zhi from CloudFlare with | |
| additional fixes to re-enable deprecated spdy directives and fix | |
| compilation with http_v2 module enabled and spdy disabled. | |
| --- | |
| auto/modules | 31 + |
I like public key auth. I feel safer using them instead of a username and password login. But, I might not have my private key with me at a time where I need access.
I started using yubikey with LastPass and since I have it always on my keychain, I decided to find more ways to make use of it.
I wasn't originally aware, but if you pass a private key to ssh and sshd is configured to accept a key, it appears pam isn't used. Your authorized keys are checked and you are logged in. If you don't pass a private key, ssh falls back to the more standard un*x style login found in /etc/pam.d/sshd. This is where we'll add the yubikey pam. I am currently unaware of a way to use both public key auth and yubikey for login.
These steps worked for me on debian squeeze/wheezy.
more info at the yubico-pam github repo
| # based on http://uberblo.gs/2011/06/high-performance-url-shortening-with-redis-backed-nginx | |
| # using code from http://stackoverflow.com/questions/3554315/lua-base-converter | |
| # "database scheme" | |
| # database 0: id ~> url | |
| # database 1: id ~> hits | |
| # database 2: id ~> [{referer|user_agent}] | |
| # database 3: id ~> hits (when id is not found) | |
| # database 4: id ~> [{referer|user_agent}] (when id is not found) | |
| # database 5: key "count" storing the number of shortened urls; the id is generated by (this number + 1) converted to base 62 |