http://www.root.cz/clanky/dnssec-jako-b ... ssh-klicu/
Stavíme tunely v OpenSSH
http://www.root.cz/clanky/stavime-tunely-v-openssh/
Používání klíčů v OpenSSH
http://www.root.cz/clanky/pouzivani-klicu-v-openssh/
[ add comment ] ( 11 views ) | [ 0 trackbacks ] | permalink
What the noclobber does?
# echo "hihi" > file
# cat file
hihi
# set -o noclobber
# echo "hihi2you" > file
-bash: file: cannot overwrite existing file
# set +o noclobber
# echo "hihi2you" > file
# cat file
hihi2you
clobber [noun] veci, kramy, hadry, ohoz
clobber [v] bit, tlouci, mlatit, uhodit, postihnout, zasahnout
[ add comment ] ( 11 views ) | [ 0 trackbacks ] | permalink
http://ocw.mit.edu/courses/physics/8-01 ... lecture-6/
Topics covered: This lecture is all about Newton's First (inertia), Second (F=ma) and Third (action=-reaction) Laws.
Instructor/speaker: Prof. Walter Lewin
Date recorded: September 20, 1999
http://oyc.yale.edu/philosophy/death/co ... ure05.html
Overview:
Professor Kagan discusses in detail the argument of free will as proof for the existence of an immaterial soul. The argument consists of three premises: 1) We have free will. 2) Nothing subject to determinism has free will. 3) All purely physical systems are subject to determinism. The conclusion drawn from this is that humans are not a purely physical system; but Professor Kagan explains why this argument is not truly compelling. In addition, near-death experiences and the Cartesian argument are discussed at length.
[ 1 comment ] ( 24 views ) | [ 0 trackbacks ] | permalink
V kryptografii je X.509 standard pro systémy založené na veřejném klíči (PKI, public key infrastructure) pro jednoduché podepisování. X.509 specifikuje mezi jiným formát certifikátů, seznamy odvolaných certifikátů (CRL, certificate revocation list), parametry certifikátů a metody kontroly platností certifikátů.
http://cs.wikipedia.org/wiki/X.509
OpenSSH secure shell and X.509 v3 certificates
http://roumenpetrov.info/openssh/
[ add comment ] ( 20 views ) | [ 0 trackbacks ] | permalink
if the TLS: hostname does not match CN in peer certificate error appears during LDAPS handshake get the LDAP server certificate to check for the servename with command
# openssl s_client -connect ldapserver:port ---
Acceptable client certificate CA names
/C=CZ/CN=I.CA - Standard root certificate/O=Prvni certifikacni autorita a.s.
/O=Sun Microsystems/CN=Directory Server/CN=XXXX/CN=ServerName.Domain.com
---
to avoid certificate check on client modify the /etc/openldap/ldap.conf and add/replace TLS_REQCERT ie
TLS_REQCERT allow
according to man of ldap.conf the level could be one of the following
TLS_REQCERT <level>
Specifies what checks to perform on server certificates in a TLS session, if any. The <level> can be
specified as one of the following keywords:
never The client will not request or check any server certificate.
allow The server certificate is requested. If no certificate is provided, the session proceeds nor-
mally. If a bad certificate is provided, it will be ignored and the session proceeds normally.
try The server certificate is requested. If no certificate is provided, the session proceeds nor-
mally. If a bad certificate is provided, the session is immediately terminated.
demand | hard
These keywords are equivalent. The server certificate is requested. If no certificate is pro-
vided, or a bad certificate is provided, the session is immediately terminated. This is the
default setting.
[ add comment ] ( 8 views ) | [ 0 trackbacks ] | permalink
taken from: http://www.sleuthkit.org/autopsy/help/index.html
Hash databases are used to quickly identify known good and known bad files using the MD5 or SHA-1 checksum value. Autopsy uses three types of hash databases to help the investigator reduce the number of files that they have to look at.
The NIST National Software Reference Library (NSRL) contains hashes of files that are found in operating systems and software distributions. These files are known to be good in that they came from trusted sources and are typically on authorized systems. When processing files in the image, this database can be used to ignore files because they are assumed to be known and therefore uninteresting. The location of this database is configured when Autopsy is installed. The NSRL must be obtained from NIST at www.nsrl.nist.gov.
[ add comment ] ( 20 views ) | [ 0 trackbacks ] | permalink
http://www.openldap.org/faq/data/cache/185.html
[ add comment ] ( 19 views ) | [ 0 trackbacks ] | permalink
/usr/sbin/tcpdump -nvX 'tcp and port 80 and dst 172.28.182.70'
[ add comment ] ( 11 views ) | [ 0 trackbacks ] | permalink
http://s.ica.cz/cgi-bin/crt_spub.cgi
[ add comment ] ( 19 views ) | [ 0 trackbacks ] | permalink
http://www.truthdig.com/
http://www.blisty.cz/
http://www.godlikeproductions.com/
http://www.examiner.com
http://cfp2.miroslavsuja.cz/
http://www.jetotak.sk
http://www.noveslovo.sk
[ add comment ] ( 19 views ) | [ 0 trackbacks ] | permalink
Calendar
