Recent Comments
- Roy on Firefox 48 的 Electrolysis (e10s),多程序視窗
- Shane on Lenovo 開始出 Microsoft-only 機了,其他的 OS 都會被鎖住不能用
- Google 研發出的 BBR: Congestion-Based Congestion Control | Gea-Suan Lin's BLOG on Google Chrome 52 預設開啟了更快的 QUIC (被戲稱為 TCP/2)
- guest on 不打開書直接掃描內容
- MySQL 5.6 到 5.7 改變的預設值 | Gea-Suan Lin's BLOG on 熱 MySQL InnoDB 的方式...
Archives
- September 2016 (63)
- August 2016 (69)
- July 2016 (19)
- June 2016 (42)
- May 2016 (61)
- April 2016 (51)
- March 2016 (74)
- February 2016 (87)
- January 2016 (31)
- December 2015 (36)
- November 2015 (61)
- October 2015 (72)
- September 2015 (53)
- August 2015 (42)
- July 2015 (38)
- June 2015 (30)
- May 2015 (18)
- April 2015 (57)
- March 2015 (41)
- February 2015 (50)
- January 2015 (35)
- December 2014 (50)
- November 2014 (56)
- October 2014 (41)
- September 2014 (37)
- August 2014 (37)
- July 2014 (28)
- June 2014 (50)
- May 2014 (32)
- April 2014 (46)
- March 2014 (38)
- February 2014 (29)
- January 2014 (52)
- December 2013 (50)
- November 2013 (45)
- October 2013 (40)
- September 2013 (48)
- August 2013 (22)
- July 2013 (25)
- June 2013 (13)
- May 2013 (16)
- April 2013 (28)
- March 2013 (37)
- February 2013 (36)
- January 2013 (57)
- December 2012 (44)
- November 2012 (10)
- October 2012 (12)
- September 2012 (21)
- August 2012 (21)
- July 2012 (25)
- June 2012 (8)
- May 2012 (10)
- April 2012 (11)
- March 2012 (10)
- February 2012 (11)
- January 2012 (5)
- December 2011 (13)
- November 2011 (12)
- October 2011 (10)
- September 2011 (7)
- August 2011 (5)
- July 2011 (11)
- June 2011 (21)
- May 2011 (22)
- April 2011 (36)
- March 2011 (43)
- February 2011 (23)
- January 2011 (24)
- December 2010 (34)
- November 2010 (19)
- October 2010 (16)
- September 2010 (15)
- August 2010 (10)
- July 2010 (12)
- June 2010 (3)
- May 2010 (3)
- April 2010 (4)
- March 2010 (8)
- February 2010 (14)
- January 2010 (13)
- December 2009 (16)
- November 2009 (28)
- October 2009 (24)
- September 2009 (12)
- August 2009 (7)
- July 2009 (10)
- June 2009 (11)
- May 2009 (22)
- April 2009 (21)
- March 2009 (18)
- February 2009 (7)
- January 2009 (32)
- December 2008 (19)
- November 2008 (12)
- October 2008 (15)
- September 2008 (14)
- August 2008 (15)
- July 2008 (18)
- June 2008 (20)
- May 2008 (19)
- April 2008 (27)
- March 2008 (22)
- February 2008 (21)
- January 2008 (15)
- December 2007 (22)
- November 2007 (17)
- October 2007 (29)
- September 2007 (31)
- August 2007 (34)
- July 2007 (31)
- June 2007 (36)
- May 2007 (23)
- April 2007 (22)
- March 2007 (30)
- February 2007 (50)
- January 2007 (75)
- December 2006 (48)
- November 2006 (59)
- October 2006 (89)
- September 2006 (29)
- August 2006 (48)
- July 2006 (14)
- June 2006 (35)
- May 2006 (62)
- April 2006 (63)
- March 2006 (72)
- February 2006 (83)
- January 2006 (56)
- December 2005 (46)
- November 2005 (60)
- October 2005 (27)
- September 2005 (54)
- August 2005 (83)
Tags
Categories
- Anime (28)
- AWS (308)
- BBS (22)
- Blog (244)
- Book (30)
- Bridge (1)
- Browser (487)
- CDN (161)
- Cloud (425)
- CMS (57)
- Comic (19)
- Computer (3,997)
- Computer and Network Center (33)
- CSS (62)
- Database (354)
- DNS (115)
- Editor (22)
- Financial (81)
- Firefox (217)
- Food (14)
- FreeBSD (136)
- FTP (2)
- Game (54)
- GoogleChrome (145)
- Hardware (334)
- IE (92)
- Joke (158)
- Lab (3)
- Linux (156)
- MacOS (25)
- Mail (112)
- MariaDB (17)
- Movie (28)
- Murmuring (4,123)
- Music (47)
- MySQL (253)
- NCTU (64)
- NetBSD (7)
- Network (2,915)
- OpenBSD (7)
- Opera (26)
- OS (358)
- P2P (125)
- Photo (67)
- Political (117)
- PostgreSQL (36)
- Programming (668)
- Recreation (508)
- RSS (78)
- Safari (36)
- Science (84)
- Search Engine (173)
- Security (904)
- SMS (9)
- Social (188)
- Software (2,103)
- Spam (100)
- Sport (9)
- Telephone (109)
- Television (54)
- Usenet (14)
- Vim (13)
- VPN (16)
- Wiki (47)
- Windows (68)
- WWW (1,508)
Blogroll
Meta
Tag Archives: shell
更新 letsencrypt.sh 的 PPA
letsencrypt.sh 是個用 shell script 實作出來的 letsencrypt/acme client,可以對 Let's Encrypt 申請出 SSL certificate。相較於官方後來交接給 EFF 的 Certbot,我還蠻推薦使用純粹只需要 shell script 的 letsencrypt.sh... 由於作者沒有發出新的 release tarball,加上目前最新的 release 的程式也已經無法使用,所以昨天花了點時間更新了 letsencrypt.sh 的 PPA,就弄了一個 0.2.0.20160822 (版本號碼大於目前的 release 版本的 0.2.0):「PPA for letsencrypt.sh」。 與 0.2.0 版相比有個 BC-break 的地方:新版的 config … Continue reading
Posted in Computer, Murmuring, Network, Security, Software, WWW
Tagged certificate, letsencrypt, letsencrypt.sh, ppa, script, shell, ssl, tls, ubuntu
Leave a comment
中國富豪搬移財產的方法
中國因為一年只讓國民帶五萬美金出國,於是中國的富豪就想到各種方法搬移財產,其中 Boing Boing 介紹的這個方法真的頗棒的 XDDD:「Chinese millionaire sues himself through an offshore shell company to beat currency export controls」。 先成立一家空殼公司,然後再用空殼公司告自己的公司,藉由法院的賠償程序,避開了個人財產的轉移限制: But there's a better way: for a small sum, you can just set up an offshore shell company, direct it to … Continue reading
Bash Handbook (更像長篇的 Cheatsheet?)
在「Bash Handbook」這篇看到了有人在 GitHub 上整理了「For those who wanna learn Bash」。 說是 Handbook,更像長篇的 Cheatsheet,帶了基本的說明讓有背景的人可以馬上了解要怎麼用... 另外因為 Bash 是很多 shell 分支的起源,其實有不少東西對應到 Zsh (以及其他 shell) 也是會通的,拿來複習也是不錯 :o
Posted in Computer, Murmuring, Software
Tagged bash, cheatsheet, github, handbook, manual, shell
Leave a comment
用 Shell Script 寫的 Let's Encrypt Client
在找 Let's Encrypt 安裝方法時找到的專案:「letsencrypt/acme client implemented as a shell-script」。 整個專案用 bash 寫,用到的 dependency 都非常基本,「比較特別的」只有 curl 與 openssl,這兩個套件應該不是什麼問題... XD 沒有安裝問題 (因為只有一個 shell script 檔案),用起來也很簡單,執行速度也比官方快多了 (畢竟官方的考慮比較多),之後應該就會用這個吧... 另外自動化的部份也應該會用這個解決 :o
AWS 推出的 aws-shell
AWS 推出的 aws-shell 透過大量的 auto completion 幫助你管理 AWS 的各種資源,可以從官方說明看出是 AWS Command Line Interface (aws-cli) 的延伸: An integrated shell for working with the AWS CLI. 程式是用 Python 寫的,可以透過 pip 直接安裝到自己的目錄下,官方說明支援 2.6.5+、2.7+、3.3+、3.4+,所以應該是不會有太多問題: $ pip install aws-shell 第一次執行的時候放著讓他背景建立 index 會比較順。 可以看到功能相當強,甚至可以連到 AWS 上取得資料。 … Continue reading
測試 HTTPS 設定的 shell script
在「Using testssl.sh」這邊看到「testssl.sh」這個工具。 需要新版的 OpenSSL 會掃的比較完整,不過看起來 Ubuntu 14.04 內建的就可以掃不少東西了 (當然還是少了 ChaCha20+Poly1305)。 Qualys 的「SSL Server Test」只能掃有開放給公開使用的站台,而這個工具就可以拿來掃內部網站了。 拿官方給的 screenshot 來看結果:
安全的 SSH (Secure Secure Shell)
在 Twitter 上看到「Secure Secure Shell」這篇文章,介紹要如何加強 OpenSSH。 文章裡分成四個部份討論,從 Key exchange 開始,Authentication、Symmetric ciphers 以及 Message authentication codes。 先把已知有問題的技術都先拿掉 (像是 MD5、RC4 與 DES),然後有被 NSA 影響到的技術,而且有不錯的替代方案的也拿掉。 另外還介紹了 Tor hidden service 下的保護。 感覺有點偏激的文件,可以拿來參考...
AWS Lambda 的系統環境
Eric Hammond 在「Exploring The AWS Lambda Runtime Environment」觀察了目前 AWS Lambda 的系統環境。 不過這只是好奇性質而已,Amazon 本來就不保證不會改變: For the curious, here are some results. Please note that this is running on a preview and is in no way a guaranteed part of the environment … Continue reading
Shellshock,Windows 版
愈來愈噴飯了啦,有人發現 Windows 10 有類似的問題: Windows 10 is also vulnerable to the bash bug! #shellshock pic.twitter.com/uypsMgxbKC — Ferdinand Hagethorn (@hagnf) October 2, 2014 然後有人拿去 Windows 7 與 Windows 8.1 上面測試,發現也中獎: @hagnf Windows 7 and 8.1 also behave the same. I suspect … Continue reading
Posted in Computer, Murmuring, OS, Programming, Security, Software, Windows
Tagged security, shell, shellshock, windows
5 Comments
關於 Shellshock (Bash) 問題
因為 Bash 太多人用,找到安全漏洞的成本效益太高,看起來最近會有大量的人力跳進去 code review,接下來應該是 CVE 滿天飛,跟當初 OpenSSL 的情況類似。 目前建議是直接看維基百科的說明:「Shellshock (software bug)」,裡面直接列出了目前發現的 CVE 以及 attack vector。 會讓管理者想要抱頭痛哭,無止盡的 patch...