V kryptografii je X.509 standard pro systémy založené na veřejném klíči (PKI, public key infrastructure) pro jednoduché podepisování. X.509 specifikuje mezi jiným formát certifikátů, seznamy odvolaných certifikátů (CRL, certificate revocation list), parametry certifikátů a metody kontroly platností certifikátů.

http://cs.wikipedia.org/wiki/X.509

OpenSSH secure shell and X.509 v3 certificates

http://roumenpetrov.info/openssh/



[ add comment ] ( 20 views )   |  [ 0 trackbacks ]   |  permalink

---

if the TLS: hostname does not match CN in peer certificate error appears during LDAPS handshake get the LDAP server certificate to check for the servename with command

# openssl s_client -connect ldapserver:port

---
Acceptable client certificate CA names
/C=CZ/CN=I.CA - Standard root certificate/O=Prvni certifikacni autorita a.s.
/O=Sun Microsystems/CN=Directory Server/CN=XXXX/CN=ServerName.Domain.com
---

to avoid certificate check on client modify the /etc/openldap/ldap.conf and add/replace TLS_REQCERT ie

TLS_REQCERT allow

according to man of ldap.conf the level could be one of the following

       TLS_REQCERT <level>
              Specifies  what  checks  to perform on server certificates in a TLS session, if any. The <level> can be
              specified as one of the following keywords:

              never  The client will not request or check any server certificate.

              allow  The server certificate is requested. If no certificate is provided, the  session  proceeds  nor-
                     mally. If a bad certificate is provided, it will be ignored and the session proceeds normally.

              try    The  server  certificate  is requested. If no certificate is provided, the session proceeds nor-
                     mally. If a bad certificate is provided, the session is immediately terminated.

              demand | hard
                     These keywords are equivalent. The server certificate is requested. If no  certificate  is  pro-
                     vided,  or  a  bad  certificate  is provided, the session is immediately terminated. This is the
                     default setting.

[ add comment ] ( 8 views )   |  [ 0 trackbacks ]   |  permalink

---

taken from: http://www.sleuthkit.org/autopsy/help/index.html

Hash databases are used to quickly identify known good and known bad files using the MD5 or SHA-1 checksum value. Autopsy uses three types of hash databases to help the investigator reduce the number of files that they have to look at.
The NIST National Software Reference Library (NSRL) contains hashes of files that are found in operating systems and software distributions. These files are known to be good in that they came from trusted sources and are typically on authorized systems. When processing files in the image, this database can be used to ignore files because they are assumed to be known and therefore uninteresting. The location of this database is configured when Autopsy is installed. The NSRL must be obtained from NIST at www.nsrl.nist.gov.



[ add comment ] ( 20 views )   |  [ 0 trackbacks ]   |  permalink

---

http://www.openldap.org/faq/data/cache/185.html

[ add comment ] ( 19 views )   |  [ 0 trackbacks ]   |  permalink

---

/usr/sbin/tcpdump -nvX 'tcp and port 80 and dst 172.28.182.70'

[ add comment ] ( 11 views )   |  [ 0 trackbacks ]   |  permalink

---

http://s.ica.cz/cgi-bin/crt_spub.cgi

[ add comment ] ( 19 views )   |  [ 0 trackbacks ]   |  permalink

---

http://www.truthdig.com/
http://www.blisty.cz/
http://www.godlikeproductions.com/
http://www.examiner.com
http://cfp2.miroslavsuja.cz/
http://www.jetotak.sk
http://www.noveslovo.sk


[ add comment ] ( 19 views )   |  [ 0 trackbacks ]   |  permalink

---

#!/usr/bin/python

import sys

def main():
   '''Why does the sys module have "argv" but no "argc"?

   http://www.python.org/search/hypermail/ ... /1034.html

   If there was a sys.argc, then you would have to remember to
   update its value whenever you changed sys.argv.

   While this may not be common in C, it's not unusual in Python.
   '''

   argc = len(sys.argv)
   print "number of arguments is: ", argc

if __name__ == '__main__':
   main()

[ add comment ] ( 21 views )   |  [ 0 trackbacks ]   |  permalink

---

>>> import md5
>>> foo =  md5.new("hohoho!")
>>> foo.hexdigest()
'14874050f4928b54f58b6d292a681f00'

[ add comment ] ( 10 views )   |  [ 0 trackbacks ]   |  permalink

---

Allow cgi scripts, then follow the lightsquid documentation.

http://lightsquid.sourceforge.net/

/etc/httpd/conf.d/lightsquid.conf

<Directory "/var/www/html/lightsquid">
   DirectoryIndex index.cgi
   Options +ExecCGI
   AddHandler cgi-script .cgi
   AllowOverride All
</Directory>

/etc/httpd/conf/httpd.conf

#
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
#
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#
AddHandler cgi-script .cgi

[ add comment ] ( 10 views )   |  [ 0 trackbacks ]   |  permalink

---

<<First <Back | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | Next> Last>>

(c)2007 - All Photos on the pages by Olympus OM2(50/28mm) - Page Generated in 0.2531 seconds | Site Views: 193655