<?xml version="1.0" encoding="UTF-8"?>
 <rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://web.resource.org/cc/" xmlns:syn="http://purl.org/rss/1.0/modules/syndication/" xmlns:admin="http://webns.net/mvcb/">
  <channel rdf:about="http://pinboard.in">
    <title>Pinboard (mlednor)</title>
    <link>https://pinboard.in/u:mlednor/public/</link>
    <description>recent bookmarks from mlednor</description>
    <items>
      <rdf:Seq>	<rdf:li rdf:resource="https://www.cyberciti.biz/security/how-to-unlock-luks-using-dropbear-ssh-keys-remotely-in-linux/"/>
	<rdf:li rdf:resource="https://learn.adafruit.com/pi-hole-ad-pitft-tft-detection-display/overview"/>
	<rdf:li rdf:resource="http://www.pivpn.io/"/>
	<rdf:li rdf:resource="https://highon.coffee/blog/security-harden-centos-7/"/>
	<rdf:li rdf:resource="https://gist.github.com/monkyz/3849546"/>
	<rdf:li rdf:resource="https://www.cyberciti.biz/faq/how-to-configure-samba-to-use-smbv2-and-disable-smbv1-on-linux-or-unix/"/>
	<rdf:li rdf:resource="https://isc.sans.edu/diary/22876"/>
	<rdf:li rdf:resource="https://sslmate.com/signup?for=certspotter"/>
	<rdf:li rdf:resource="https://caatest.co.uk/lednor.com"/>
	<rdf:li rdf:resource="https://sslmate.com/caa/"/>
	<rdf:li rdf:resource="https://makezine.com/2017/09/07/secure-your-raspberry-pi-against-attackers/"/>
	<rdf:li rdf:resource="https://github.com/nccgroup/sobelow"/>
	<rdf:li rdf:resource="https://blog.trailofbits.com/2016/12/12/meet-algo-the-vpn-that-works/"/>
	<rdf:li rdf:resource="https://github.com/trailofbits/algo"/>
	<rdf:li rdf:resource="https://github.com/jlund/streisand"/>
	<rdf:li rdf:resource="https://github.com/bitly/oauth2_proxy"/>
	<rdf:li rdf:resource="https://gist.github.com/mwpastore/f42f6f1309a7b067519f4c08e18b0b6a"/>
	<rdf:li rdf:resource="https://caddyserver.com/"/>
	<rdf:li rdf:resource="https://certbot.eff.org/#ubuntuother-nginx"/>
	<rdf:li rdf:resource="https://subgraph.com/"/>
	<rdf:li rdf:resource="https://blog.gruby.com/2016/08/10/setting-up-an-edgerouter-lite-for-an-on-demand-ios-vpn/"/>
	<rdf:li rdf:resource="https://docs.meshwith.me/"/>
	<rdf:li rdf:resource="https://gist.github.com/renchap/c093702f06df69ba5cac"/>
	<rdf:li rdf:resource="http://www.emailquestions.com/encrypted-email-service-providers/"/>
	<rdf:li rdf:resource="http://qosient.com/argus/"/>
	<rdf:li rdf:resource="http://www.cipherdyne.org/psad/index.html"/>
	<rdf:li rdf:resource="https://gist.github.com/netson/c45b2dc4e835761fbccc"/>
	<rdf:li rdf:resource="http://hardenubuntu.com/"/>
	<rdf:li rdf:resource="https://osquery.io/"/>
	<rdf:li rdf:resource="https://www.authy.com/thefuture"/>
	<rdf:li rdf:resource="http://www.cyberciti.biz/faq/debian-8-ubuntu-14-04-lts-install-suhosin-extension-command/"/>
	<rdf:li rdf:resource="https://2ton.com.au/toplip/"/>
	<rdf:li rdf:resource="http://www.rutschle.net/tech/sslh.shtml"/>
	<rdf:li rdf:resource="https://github.com/georgebrock/1pass"/>
	<rdf:li rdf:resource="http://www.ubuntugeek.com/ssldump-an-ssltls-network-protocol-analyzer.html"/>
	<rdf:li rdf:resource="https://www.authy.com/"/>
	<rdf:li rdf:resource="https://github.com/jipegit/OSXAuditor"/>
	<rdf:li rdf:resource="http://sshpot.com/"/>
	<rdf:li rdf:resource="http://www.ubuntugeek.com/install-owncloud-on-ubuntu-14-04-trusty-tahr.html"/>
	<rdf:li rdf:resource="https://www.namecheap.com/security/ssl-certificates/domain-validation.aspx"/>
	<rdf:li rdf:resource="http://www.rubynginx.com/index.php/2013/03/15/installing-positivessl-certificate-with-nginx-on-ubuntu-12-04/"/>
	<rdf:li rdf:resource="https://tails.boum.org/"/>
	<rdf:li rdf:resource="https://jacob.hoffman-andrews.com/README/the-safe-way-to-put-a-pgp-key-in-your-twitter-bio/"/>
	<rdf:li rdf:resource="http://sagan.quadrantsec.com/"/>
	<rdf:li rdf:resource="https://www.pastevault.com/"/>
	<rdf:li rdf:resource="https://www.privacy-cd.org/"/>
	<rdf:li rdf:resource="http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/"/>
	<rdf:li rdf:resource="https://ngrok.com/"/>
	<rdf:li rdf:resource="https://anonymous-proxy-servers.net/en/help/email-provider.html"/>
	<rdf:li rdf:resource="https://www.privateinternetaccess.com/forum/index.php?p=/discussion/690/pia-for-linux-server-openvpn/p1"/>
	<rdf:li rdf:resource="https://github.com/gokyle/sshbox"/>
	<rdf:li rdf:resource="http://www.ubuntugeek.com/cutter-disconnect-routed-ip-connections.html"/>
	<rdf:li rdf:resource="http://joshrendek.com/2013/01/securing-ubuntu/"/>
	<rdf:li rdf:resource="https://github.com/twocanoes/audit"/>
	<rdf:li rdf:resource="https://www.startssl.com/"/>
	<rdf:li rdf:resource="http://codex.wordpress.org/Administration_Over_SSL"/>
	<rdf:li rdf:resource="http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics"/>
	<rdf:li rdf:resource="http://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers"/>
	<rdf:li rdf:resource="http://www.macgasm.net/2013/01/18/good-morning-your-mac-keeps-a-log-of-all-your-downloads/"/>
	<rdf:li rdf:resource="http://www.unixwiz.net/techtips/ssh-agent-forwarding.html"/>
	<rdf:li rdf:resource="http://derflounder.wordpress.com/2012/09/20/gatekeeper-status-check-script/"/>
	<rdf:li rdf:resource="http://lifehacker.com/5940565/why-you-should-start-using-a-vpn-and-how-to-choose-the-best-one-for-your-needs"/>
	<rdf:li rdf:resource="http://lifehacker.com/5935863/five-best-vpn-service-providers"/>
	<rdf:li rdf:resource="http://www.hiawatha-webserver.org/"/>
	<rdf:li rdf:resource="http://www.lavrsen.dk/foswiki/bin/view/Motion/WebHome"/>
	<rdf:li rdf:resource="https://gist.github.com/1583781"/>
	<rdf:li rdf:resource="http://mitmproxy.org/"/>
	<rdf:li rdf:resource="http://www.toughlocks.co.uk/store/"/>
	<rdf:li rdf:resource="http://www.tarsnap.com/"/>
	<rdf:li rdf:resource="https://moocode.com/posts/5-simple-two-factor-ssh-authentication"/>
      </rdf:Seq>
    </items>
  </channel><item rdf:about="https://www.cyberciti.biz/security/how-to-unlock-luks-using-dropbear-ssh-keys-remotely-in-linux/">
    <title>How to unlock LUKS using Dropbear SSH keys remotely in Linux - nixCraft</title>
    <dc:date>2021-03-02T11:54:59+00:00</dc:date>
    <link>https://www.cyberciti.biz/security/how-to-unlock-luks-using-dropbear-ssh-keys-remotely-in-linux/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[On Linux, we encrypt our partitions and entire disk using Linux Unified Key Setup-on-disk-format (LUKS) for security and privacy reasons. We unlock LUKS protected disk by providing a passphrase at boot time. You need to be in front of your computer or use a remote console to open the encrypted disk under Linux at boot time. However, if your system is in the basement, remote datacenter/office, or upstairs office, you won’t able to unlock and boot your Linux box. We can use the Dropbear SSH server for LUKS encrypted Debian or Ubuntu or any other Linux distro via SSH to solve this problem. Let us see how to unlock LUKS using Dropbear SSH keys in Linux at boot time.]]></description>
<dc:subject>linux security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:a075157e6455/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://learn.adafruit.com/pi-hole-ad-pitft-tft-detection-display/overview">
    <title>Overview | Pi Hole Ad Detection Display with PiTFT | Adafruit Learning System</title>
    <dc:date>2018-10-25T06:40:40+00:00</dc:date>
    <link>https://learn.adafruit.com/pi-hole-ad-pitft-tft-detection-display/overview</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Pi-hole is an open-source project which let's your Pi act as a DNS (Domain Name Server). While you may have an ad-blocker installed on your browser, do you have one on your phone? What about blocking in-application advertisements in your mobile games? On your Smart TV? On your smart fridge? 

Pi-hole lets you block ads from any device configured to use it as a Domain Name Server. When an advertisement (i.e: ads.adserver.com) tries to resolve it's IP address, Pi-hole will return nothing back. You'll never connect to the advertisement server and the ad won't even load. This makes it quicker, faster, and use less data than conventional ad blockers. ]]></description>
<dc:subject>linux security network dns</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:0463e03b7cad/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:network"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:dns"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.pivpn.io/">
    <title>PiVPN: Simplest setup of OpenVPN</title>
    <dc:date>2018-10-11T12:07:37+00:00</dc:date>
    <link>http://www.pivpn.io/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Simplest OpenVPN setup and configuration,
designed for Raspberry Pi.]]></description>
<dc:subject>raspberrypi security vpn software</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:2d88cacaaed1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:raspberrypi"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:vpn"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:software"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://highon.coffee/blog/security-harden-centos-7/">
    <title>Security Harden CentOS 7</title>
    <dc:date>2018-08-02T08:32:59+00:00</dc:date>
    <link>https://highon.coffee/blog/security-harden-centos-7/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[This HowTo walks you through the steps required to security harden CentOS 7, it’s based on the OpenSCAP benchmark, unfortunately the current version of OpenSCAP that ships with CentOS does not offically support CentOS CPE’s. But there is a “workaround” that will allow OpenSCAP + OpenSCAP workbench to run on CentOS, I’ll document this in a separate post.]]></description>
<dc:subject>security centos</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:7f4cdc8a09e2/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:centos"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://gist.github.com/monkyz/3849546">
    <title>Creating a transparent SSH tunnel through a bastion host</title>
    <dc:date>2018-07-06T07:30:42+00:00</dc:date>
    <link>https://gist.github.com/monkyz/3849546</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Creating a transparent SSH tunnel through a bastion host]]></description>
<dc:subject>ssh security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:7f9fba6d9e9d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.cyberciti.biz/faq/how-to-configure-samba-to-use-smbv2-and-disable-smbv1-on-linux-or-unix/">
    <title>How to configure Samba to use SMBv2 and disable SMBv1 on Linux or Unix - nixCraft</title>
    <dc:date>2018-06-16T18:07:54+00:00</dc:date>
    <link>https://www.cyberciti.biz/faq/how-to-configure-samba-to-use-smbv2-and-disable-smbv1-on-linux-or-unix/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[I am a new Linux user and for security reasons and to avoid ransomware, I would like to disable the SMB1 protocol in samba configuration on a CentOS Linux version 7 server. Is it possible to disable SMBv1 on a Linux or UNIX-like operating system?]]></description>
<dc:subject>linux security samba</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:79f14a627377/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:samba"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://isc.sans.edu/diary/22876">
    <title>InfoSec Handlers Diary Blog - The easy way to analyze huge amounts of PCAP data</title>
    <dc:date>2017-09-29T06:18:17+00:00</dc:date>
    <link>https://isc.sans.edu/diary/22876</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[When you are investigating a security incident, there are chances that, at a certain point, you will have to dive into network traffic analysis. If you’re lucky, you’ll have access to a network capture. Approximatively one year ago, I wrote a quick diary[1] to explain how to implement a simple FPC or “Full Packet Capture” solution based on a Docker container. It’s nice to capture all the traffic in PCAP files but then? PCAP files are not convenient to process and they consume a lot of disk space (depending on the captured traffic of course).]]></description>
<dc:subject>security tcpdump pcap internet</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:1a2bce908b83/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:tcpdump"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:pcap"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:internet"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://sslmate.com/signup?for=certspotter">
    <title>Sign Up for Cert Spotter</title>
    <dc:date>2017-09-28T13:07:48+00:00</dc:date>
    <link>https://sslmate.com/signup?for=certspotter</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Cert Spotter monitors Certificate Transparency logs so you know what certificates you have and when they expire. Free for up to 5 domains.]]></description>
<dc:subject>ssl security website monitoring</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:d798a09f52b6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:website"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:monitoring"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://caatest.co.uk/lednor.com">
    <title>DNS CAA Tester</title>
    <dc:date>2017-09-28T13:06:20+00:00</dc:date>
    <link>https://caatest.co.uk/lednor.com</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[DNS Certification Authority Authorization (CAA) uses your DNS records to let you specify which certificate authorities are allowed to issue certificates for the domains you own.]]></description>
<dc:subject>ssl security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:8f7ff6de7d44/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://sslmate.com/caa/">
    <title>CAA Record Generator</title>
    <dc:date>2017-09-28T13:06:05+00:00</dc:date>
    <link>https://sslmate.com/caa/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Over a hundred certificate authorities (CAs) have the power to issue certificates which vouch for the identity of your website. Certificate Authority Authorization (CAA) is a way for you to whitelist the CAs you actually use so you can minimize your risk from security vulnerabilities in all the others.

Beginning September 8, 2017, all certificate authorities will be required to respect your CAA policy, so now is the perfect time to set up CAA. Setting up CAA using this tool is an easy way to improve your website's security.]]></description>
<dc:subject>dns generator security ssl</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:0304f8c16008/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:dns"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:generator"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ssl"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://makezine.com/2017/09/07/secure-your-raspberry-pi-against-attackers/">
    <title>Take These Steps to Secure Your Raspberry Pi Against Attackers</title>
    <dc:date>2017-09-12T11:48:06+00:00</dc:date>
    <link>https://makezine.com/2017/09/07/secure-your-raspberry-pi-against-attackers/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Raspberry Pi boards are fantastic for any project — they’re cheap, easy to use, can run a wide range of possible operating systems, and provide programmable GPIO pins as well as multi-core CPU availability and multiple USB ports.

You can use Raspberry Pi boards for all kinds of automation and information gathering projects. But, if you are not careful, your little hobby project might result in a security risk that acts as an entry point into your network. They can’t perform secure booting such as ARM Trustzone, and the SD card and operating system are not easily encrypted. Follow these security tips to safeguard your Pi and other devices on your network.]]></description>
<dc:subject>linux raspberrypi security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:01264ce39339/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:raspberrypi"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/nccgroup/sobelow">
    <title>nccgroup/sobelow: Security-focused static analysis for the Phoenix Framework</title>
    <dc:date>2017-05-31T06:38:55+00:00</dc:date>
    <link>https://github.com/nccgroup/sobelow</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Security-focused static analysis for the Phoenix Framework]]></description>
<dc:subject>elixir security phoenix</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:cbc2df8c2d55/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:elixir"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:phoenix"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.trailofbits.com/2016/12/12/meet-algo-the-vpn-that-works/">
    <title>Meet Algo, the VPN that works | Trail of Bits Blog</title>
    <dc:date>2017-04-14T10:19:03+00:00</dc:date>
    <link>https://blog.trailofbits.com/2016/12/12/meet-algo-the-vpn-that-works/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[ think you’ll agree when I say: there’s no VPN option on the market designed with equal emphasis on security and ease of use.

That changes now.

Today we’re introducing Algo, a self-hosted personal VPN server designed for ease of deployment and security. Algo automatically deploys an on-demand VPN service in the cloud that is not shared with other users, relies on only modern protocols and ciphers, and includes only the minimal software you need.

And it’s free.

For anyone who is privacy conscious, travels for work frequently, or can’t afford a dedicated IT department, this one’s for you.]]></description>
<dc:subject>privacy security vpn</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:abd3a53f4f9a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:vpn"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/trailofbits/algo">
    <title>trailofbits/algo: Set up a personal IPSEC VPN in the cloud</title>
    <dc:date>2017-04-14T10:18:45+00:00</dc:date>
    <link>https://github.com/trailofbits/algo</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Set up a personal IPSEC VPN in the cloud]]></description>
<dc:subject>linux security tools vpn</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:dd47e0703449/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:tools"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:vpn"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/jlund/streisand">
    <title>jlund/streisand: Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are give</title>
    <dc:date>2017-04-14T10:18:08+00:00</dc:date>
    <link>https://github.com/jlund/streisand</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.]]></description>
<dc:subject>cloud privacy security vpn</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:f46c46fd2ba9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:cloud"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:vpn"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/bitly/oauth2_proxy">
    <title>bitly/oauth2_proxy: A reverse proxy that provides authentication with Google, Github or other provider</title>
    <dc:date>2017-03-25T13:11:20+00:00</dc:date>
    <link>https://github.com/bitly/oauth2_proxy</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[A reverse proxy that provides authentication with Google, Github or other provider]]></description>
<dc:subject>GitHub google security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:3699817e1fa3/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:GitHub"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:google"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://gist.github.com/mwpastore/f42f6f1309a7b067519f4c08e18b0b6a">
    <title>Lightning Fast WordPress: Caddy+Varnish+PHP-FPM · GitHub</title>
    <dc:date>2017-01-19T13:11:12+00:00</dc:date>
    <link>https://gist.github.com/mwpastore/f42f6f1309a7b067519f4c08e18b0b6a</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Lightning Fast WordPress: Caddy+Varnish+PHP-FPM]]></description>
<dc:subject>caddy web webserver security php wordpress</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:36a99ff5b952/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:caddy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:web"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:webserver"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:php"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:wordpress"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://caddyserver.com/">
    <title>Caddy - The HTTP/2 Web Server with Fully Managed TLS</title>
    <dc:date>2017-01-19T13:10:56+00:00</dc:date>
    <link>https://caddyserver.com/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[The HTTP/2 web server with automatic HTTPS]]></description>
<dc:subject>web development security caddy webserver</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:d27e6bf04744/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:web"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:development"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:caddy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:webserver"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://certbot.eff.org/#ubuntuother-nginx">
    <title>Certbot</title>
    <dc:date>2016-11-10T06:59:39+00:00</dc:date>
    <link>https://certbot.eff.org/#ubuntuother-nginx</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Automatically enable HTTPS on your website with EFF's Certbot, deploying Let's Encrypt certificates.]]></description>
<dc:subject>letsencrypt security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:35cf803a676d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:letsencrypt"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://subgraph.com/">
    <title>Subgraph OS</title>
    <dc:date>2016-10-01T07:03:47+00:00</dc:date>
    <link>https://subgraph.com/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Subgraph OS is a desktop computing and communications platform that is designed to be resistant to network-borne exploit and malware attacks. It is also meant to be familiar and easy to use. Even in alpha, Subgraph OS looks and feels like a modern desktop operating system.

Subgraph OS includes strong system-wide attack mitigations that protect all applications as well as the core operating system, and key applications are run in sandbox environments to reduce the impact of any attacks against applications that are successful.]]></description>
<dc:subject>linux security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:7bc184870893/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.gruby.com/2016/08/10/setting-up-an-edgerouter-lite-for-an-on-demand-ios-vpn/">
    <title>Setting up an EdgeRouter Lite for an On Demand iOS VPN | Scott Gruby's Blog</title>
    <dc:date>2016-08-11T14:28:02+00:00</dc:date>
    <link>https://blog.gruby.com/2016/08/10/setting-up-an-edgerouter-lite-for-an-on-demand-ios-vpn/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Ever since I started my career, I’ve used Virtual Private Networks (VPN) to connect to a company network. My first experience is with AppleTalk Remote Access and I thought it was neat to be able to have my home computer on the work network. Over my career, I’ve used VPNs mostly as a user as I had no use for one as a home user.

When I setup cameras at my house over 3 years ago, I wanted to remotely connect to the cameras. Since I put together my own system, there wasn’t an out of the box way to view the cameras (it does have a web interface, but I didn’t want to directly expose that to the world). This gave me the first experience in setting up a VPN. I turned on Mac OS X Server’s VPN, configured my iOS devices for the VPN and I was easily able to connect.

Recently I’ve been working with mobile device management (MDM) and one of the features that I’ve been reading about is on-demand VPN. I became curious about it and wanted to see if I could set it up more of an exercise than anything else, but also it would be useful to hop on any WiFi network and automatically connect to my home network. The iOS on-demand VPN requires that the VPN use certificate authentication instead of just a username and password. Unfortunately, the OS X Server’s L2TP IPSec VPN doesn’t support certificates, so I had to look to other options. Luckily, my EdgeRouter Lite can be configured as an OpenVPN server with certificate authentication. Given that, the only obstacle to setting this up was time and some futzing to get things right. I’ve scoured the web and managed to find the pieces to get things working.

The rest of this entry will document how to setup the server as well as the iOS client side. For the server setup, I followed this article, but had to make a few changes to get things to work the way I wanted. I then used another article to setup the iOS side.

This is a really long setup, but it is straightforward. If you’re intimidated by command lines and editing text files, this process is not for you!]]></description>
<dc:subject>security network vpn</dc:subject>
<dc:identifier>https://pinboard.in/u:mlednor/b:524b4673d0f0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:network"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:vpn"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://docs.meshwith.me/">
    <title>Project Meshnet Documentation</title>
    <dc:date>2016-08-05T05:50:53+00:00</dc:date>
    <link>https://docs.meshwith.me/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[We're a community of local Wifi initiatives, programmers, and enthusiasts. We run a peer-to-peer IPv6 network with automatic end-to-end encryption, distributed IP address allocation, and DHT-based Source Routing.

Existing applications Just Work
Low entry barriers for users and ISPs
Runs on Linux, Android, OpenWrt, OS X, and many others
Hyperboria is based on the cjdns routing protocol.]]></description>
<dc:subject>privacy security network</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:7b2ba6d15a0d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:network"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://gist.github.com/renchap/c093702f06df69ba5cac">
    <title>One-line certificate generation/renews with Letsencrypt and nginx</title>
    <dc:date>2015-11-17T08:59:25+00:00</dc:date>
    <link>https://gist.github.com/renchap/c093702f06df69ba5cac</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[One-line certificate generation/renews with Letsencrypt and nginx]]></description>
<dc:subject>letsencrypt nginx security website webserver</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:100371a44528/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:letsencrypt"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:nginx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:website"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:webserver"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.emailquestions.com/encrypted-email-service-providers/">
    <title>Compare - Encrypted Email Service Providers</title>
    <dc:date>2015-11-07T09:37:40+00:00</dc:date>
    <link>http://www.emailquestions.com/encrypted-email-service-providers/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Email services that focus on encryption, security, and privacy.]]></description>
<dc:subject>security email privacy</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:b14cf46f0c0f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:email"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:privacy"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://qosient.com/argus/">
    <title>ARGUS- Auditing Network Activity</title>
    <dc:date>2015-11-03T11:56:28+00:00</dc:date>
    <link>http://qosient.com/argus/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Welcome to Argus, the network Audit Record Generation and Utilization System. The Argus Project is focused on developing all aspects of large scale network activity audit. Argus, itself, is next-generation network flow technology, going from packets on the wire to advanced network flow data, to network forensics data; all in support of Network Operations, Performance and Security Management. If you need to know what is going on in your network, right now or historically, you will find Argus a useful tool.]]></description>
<dc:subject>network monitoring security tools</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:c64c1db2646c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:network"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:monitoring"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:tools"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.cipherdyne.org/psad/index.html">
    <title>psad - Intrusion Detection with iptables, iptables Log Analysis, iptables Policy Analysis</title>
    <dc:date>2015-10-20T12:31:19+00:00</dc:date>
    <link>http://www.cipherdyne.org/psad/index.html</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[psad is a collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze iptables log messages to detect port scans and other suspicious traffic. A typical deployment is to run psad on the iptables firewall where it has the fastest access to log data. ]]></description>
<dc:subject>security linux ubuntu</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:879c925623ab/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ubuntu"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://gist.github.com/netson/c45b2dc4e835761fbccc">
    <title>Using PSAD and UFW</title>
    <dc:date>2015-10-20T12:28:08+00:00</dc:date>
    <link>https://gist.github.com/netson/c45b2dc4e835761fbccc</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[psad is a collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze iptables log messages to detect port scans and other suspicious traffic. A typical deployment is to run psad on the iptables firewall where it has the fastest access to log data.]]></description>
<dc:subject>security ubuntu</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:9cf244febde6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ubuntu"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://hardenubuntu.com/">
    <title>Ubuntu Hardening Guide - hardenubuntu.com</title>
    <dc:date>2015-10-14T12:08:13+00:00</dc:date>
    <link>http://hardenubuntu.com/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[This guide will help you to secure and optimize your Ubuntu Server.

Hardening (securing a system by reducing its surface of vulnerability) your Ubuntu Server is an important process to protect your websites, data, emails and any other informations you want to keep safe from the hands of hackers.

This guide guides you and shows you what you can do to protect your Ubuntu server. Not all topic listed in this guide needs to be implemented, it is up to you to choose which one you want to implement.]]></description>
<dc:subject>ubuntu security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:0cf5bfefee20/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ubuntu"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://osquery.io/">
    <title>osquery :: Home</title>
    <dc:date>2015-08-27T06:08:41+00:00</dc:date>
    <link>https://osquery.io/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[osquery allows you to easily ask questions about your Linux and OSX infrastructure. Whether your goal is intrusion detection, infrastructure reliability, or compliance, osquery gives you the ability to empower and inform a broad set of organizations within your company.]]></description>
<dc:subject>sysadmin security monitoring linux osx</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:28155152f577/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:sysadmin"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:monitoring"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:osx"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.authy.com/thefuture">
    <title>The future of Two-Factor Authentication | Authy</title>
    <dc:date>2015-08-19T06:32:24+00:00</dc:date>
    <link>https://www.authy.com/thefuture</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[All the benefits of Two-Factor Authentication. 
None of the Hassles. ]]></description>
<dc:subject>security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:256f5ac237c0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.cyberciti.biz/faq/debian-8-ubuntu-14-04-lts-install-suhosin-extension-command/">
    <title>Debian 8 and Ubuntu 14.04 LTS Install Suhosin PHP Extension To Protects Server</title>
    <dc:date>2015-07-28T06:04:48+00:00</dc:date>
    <link>http://www.cyberciti.biz/faq/debian-8-ubuntu-14-04-lts-install-suhosin-extension-command/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. How can I install suhosin extension on a Debian v8.x or Ubuntu Linux 14.04 LTS server?]]></description>
<dc:subject>php security ubuntu</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:8e3f197a699b/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:php"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ubuntu"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://2ton.com.au/toplip/">
    <title>toplip | 2 Ton Digital</title>
    <dc:date>2015-07-20T12:16:54+00:00</dc:date>
    <link>https://2ton.com.au/toplip/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[toplip - "the best place to hide something is right under your nose." toplip is our command line, very strong encryption and decryption utility with optional plausible deniability, image embedding, and multiple/variable passphrase complexity.]]></description>
<dc:subject>security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:0bfdd2ef1ab3/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.rutschle.net/tech/sslh.shtml">
    <title>ssl/ssh multiplexer</title>
    <dc:date>2015-07-07T09:18:14+00:00</dc:date>
    <link>http://www.rutschle.net/tech/sslh.shtml</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client.

Probes for HTTP, SSL, SSH, OpenVPN, tinc, XMPP are implemented, and any other protocol that can be tested using a regular expression, can be recognised. A typical use case is to allow serving several services on port 443 (e.g. to connect to ssh from inside a corporate firewall, which almost never block port 443) while still serving HTTPS on that port.

Hence sslh acts as a protocol demultiplexer, or a switchboard. Its name comes from its original function to serve SSH and HTTPS on the same port.

sslh supports IPv6, privilege dropping, transparent proxying, and more.]]></description>
<dc:subject>linux security ssh</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:081c79fd4d4e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ssh"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/georgebrock/1pass">
    <title>georgebrock/1pass · GitHub</title>
    <dc:date>2015-03-06T18:23:49+00:00</dc:date>
    <link>https://github.com/georgebrock/1pass</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[A command line interface (and Python library) for reading passwords from
`1Password <https://agilebits.com/onepassword>`_.]]></description>
<dc:subject>python security mac windows</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:f6ec2d441912/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:python"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:windows"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.ubuntugeek.com/ssldump-an-ssltls-network-protocol-analyzer.html">
    <title>ssldump – An SSL/TLS network protocol analyzer | Ubuntu Geek</title>
    <dc:date>2015-02-13T11:43:31+00:00</dc:date>
    <link>http://www.ubuntugeek.com/ssldump-an-ssltls-network-protocol-analyzer.html</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[ssldump is an SSL/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSL/TLS traffic. When it identifies SSL/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic.]]></description>
<dc:subject>network security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:52e863ad3422/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:network"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.authy.com/">
    <title>The future of Two-Factor Authentication | Authy</title>
    <dc:date>2014-12-13T18:16:22+00:00</dc:date>
    <link>https://www.authy.com/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[All the benefits of Two-Factor Authentication. 
None of the Hassles. ]]></description>
<dc:subject>security iPhone iPad mac</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:f7ea47be80a6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:iPhone"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:iPad"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:mac"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/jipegit/OSXAuditor">
    <title>jipegit/OSXAuditor</title>
    <dc:date>2014-09-17T14:46:28+00:00</dc:date>
    <link>https://github.com/jipegit/OSXAuditor</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[OS X Auditor is a free Mac OS X computer forensics tool]]></description>
<dc:subject>mac osx security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:f9cca40abf31/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:osx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://sshpot.com/">
    <title>SSHPot.com - Open Source SSH Honeypot</title>
    <dc:date>2014-08-19T09:26:57+00:00</dc:date>
    <link>http://sshpot.com/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[SSHPot.com is a open-source web service for receiving data from ssh-pot daemons, which act as a honeypot for ssh login attempts and records all user/password combinations along with the remote address. In order to run the daemon you must configure OpenSSH to run on a different port and let the honeypot run on port 22. We also record commands being run as well as proxy request data.]]></description>
<dc:subject>linux ssh security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:18a8fc893bb7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.ubuntugeek.com/install-owncloud-on-ubuntu-14-04-trusty-tahr.html">
    <title>Install Owncloud on Ubuntu 14.04 (Trusty Tahr) | Ubuntu Geek</title>
    <dc:date>2014-08-11T14:56:46+00:00</dc:date>
    <link>http://www.ubuntugeek.com/install-owncloud-on-ubuntu-14-04-trusty-tahr.html</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[ownCloud is open source file sync and share software for everyone from individuals operating the free ownCloud Community Edition, to large enterprises and service providers operating the ownCloud Enterprise Edition. ownCloud provides a safe, secure, and compliant file synchronization and sharing solution on servers that you control.
With ownCloud you can share one or more files and folders on your computer, and synchronize them with your ownCloud server. Place files in your local shared directories, and those files are immediately synchronized to the server and to other devices using the ownCloud Desktop Client. Not near a device running a desktop client? No problem! Simply log in using the ownCloud web client and manage your files from there. The ownCloud Android and iOS mobile applications enable you to browse, download, and upload photos and videos. On Android, you can also create, download, edit, and upload any other files, as long as the correct software is installed.

Whether you are using a mobile device, a workstation, or a web client, ownCloud provides the ability to put the right files in the right hands at the right time on any device with one simple-to-use, secure, private and controlled solution. After all, with ownCloud, it’s Your Cloud, Your Data, Your Way.]]></description>
<dc:subject>linux cloud security sysadmin</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:cf42c411e45f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:cloud"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:sysadmin"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.namecheap.com/security/ssl-certificates/domain-validation.aspx">
    <title>Cheap Domain Validation SSL Certificates • Namecheap.com</title>
    <dc:date>2014-06-03T07:17:24+00:00</dc:date>
    <link>https://www.namecheap.com/security/ssl-certificates/domain-validation.aspx</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Security for your site's visitors]]></description>
<dc:subject>website webserver security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:c5651be0a1a9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:website"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:webserver"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.rubynginx.com/index.php/2013/03/15/installing-positivessl-certificate-with-nginx-on-ubuntu-12-04/">
    <title>Installing PositiveSSL certificate with Nginx on Ubuntu 12.04 · Ruby, Nginx, PHP and Python</title>
    <dc:date>2014-06-03T07:17:05+00:00</dc:date>
    <link>http://www.rubynginx.com/index.php/2013/03/15/installing-positivessl-certificate-with-nginx-on-ubuntu-12-04/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[This article will explain how you can accomplish getting one of your domains to utilize a PositiveSSL certificate for serving up pages on https. The first thing you need to make sure of is that you have nginx-full installed on your machine as this is the version that includes SSL.]]></description>
<dc:subject>nginx security webserver website</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:d43b8be8b5ea/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:nginx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:webserver"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:website"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://tails.boum.org/">
    <title>Tails - Privacy for anyone anywhere</title>
    <dc:date>2014-05-02T06:18:33+00:00</dc:date>
    <link>https://tails.boum.org/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to:

use the Internet anonymously and circumvent censorship;
all connections to the Internet are forced to go through the Tor network;
leave no trace on the computer you are using unless you ask it explicitly;
use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.]]></description>
<dc:subject>privacy security linux</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:5d4724f7b2e1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://jacob.hoffman-andrews.com/README/the-safe-way-to-put-a-pgp-key-in-your-twitter-bio/">
    <title>The Safe Way to Put a PGP Key in Your Twitter Bio at jsha/README</title>
    <dc:date>2014-02-15T11:58:28+00:00</dc:date>
    <link>https://jacob.hoffman-andrews.com/README/the-safe-way-to-put-a-pgp-key-in-your-twitter-bio/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[I’m thrilled to see so many more reporters using PGP, and putting their PGP key in their Twitter bios. The options to securely contact a reporter are tremendously increased over a year ago. However, not everyone is sharing their key in the safest way possible. I’d like to recommend that you tweet the fingerprint (not the shorter key id) of your PGP key.]]></description>
<dc:subject>security twitter privacy</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:04f51f77a97d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:twitter"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:privacy"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://sagan.quadrantsec.com/">
    <title>The Sagan Log Analysis Engine.</title>
    <dc:date>2013-11-16T19:32:30+00:00</dc:date>
    <link>http://sagan.quadrantsec.com/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Sagan is an open source (GNU/GPLv2) high performance, real-time log analysis & correlation engine that run under *nix operating systems (Linux/FreeBSD/ OpenBSD/etc). It is written in C and uses a multi-threaded architecture to deliver high performance log & event analysis. Sagan's structure and rules work similarly to the Sourcefire "Snort" IDS/IPS engine. This was intentionally done to maintain compatibility with rule management software (oinkmaster/pulledpork /etc) and allows Sagan to correlate log events with your Snort IDS/IPS system. Sagan can also write to Snort IDS/IPS databases via Unified2/Barnyard2. Sagan is compatible with all Snort "consoles". For example, Sagan is will work with Snorby (http://www.snorby.org), Sguil (http://sguil.sourceforge.net), BASE, the Prelude IDS framework (https://www.prelude-ids.org) and proprietary consoles! (to name a few).

Sagan supports many different output formats, log normalization (via liblognorm), script execution on event detection, automatic firewall support via "Snortsam" and much more.]]></description>
<dc:subject>sysadmin monitoring security opensource</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:83b2595f3ee7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:sysadmin"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:monitoring"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:opensource"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.pastevault.com/">
    <title>Temporary Encrypted Text :: PasteVault</title>
    <dc:date>2013-09-20T05:42:07+00:00</dc:date>
    <link>https://www.pastevault.com/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Sensitive information sent via email lives forever.

Not with Paste Vault. Encrypted expiring text shared via secure link.

Great for:

Sending login details to support
Passing secret URL's to coworkers
Sharing passwords with coworkers]]></description>
<dc:subject>passwords security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:e75476385ee3/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:passwords"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.privacy-cd.org/">
    <title>What is UPR?</title>
    <dc:date>2013-09-17T09:22:03+00:00</dc:date>
    <link>https://www.privacy-cd.org/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[The goal of Ubuntu Privacy Remix is to provide an isolated working environment where sensitive data can be dealt with safely. The system installed on the computer running UPR remains untouched, UPR is not intended for permanent installation on hard disk. Instead of that Ubuntu Privacy Remix runs from a modified Live-CD based on Ubuntu Linux. All user data reside exclusively on encrypted removable media.
Ubuntu Privacy Remix is a tool to protect your data against unsolicited access. The risk of theft of such private data arises not only from "conventional" criminals, trojans. rootkits, keyloggers etc. In many countries, measures are taken by the state aiming at spying and monitoring its citizens.]]></description>
<dc:subject>linux privacy security ubuntu</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:33b9a5e0f68f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ubuntu"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/">
    <title>NSA-proof your e-mail in 2 hours | Sealed Abstract</title>
    <dc:date>2013-08-26T13:05:06+00:00</dc:date>
    <link>http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[You may be concerned that the NSA is reading your e-mail. Is there really anything you can do about it though? After all, you don’t really want to move off of GMail / Google Apps. And no place you would host is any better.]]></description>
<dc:subject>email security linux</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:3002326baa72/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:email"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://ngrok.com/">
    <title>ngrok - secure introspectable tunnels to localhost</title>
    <dc:date>2013-08-24T18:43:41+00:00</dc:date>
    <link>https://ngrok.com/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[“I want to securely expose a local web server to the internet and capture all traffic for detailed inspection and replay.”]]></description>
<dc:subject>development tools webdesign security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:a32a2229acd1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:development"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:tools"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:webdesign"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://anonymous-proxy-servers.net/en/help/email-provider.html">
    <title>Recommended eMail Provider</title>
    <dc:date>2013-08-09T11:44:11+00:00</dc:date>
    <link>https://anonymous-proxy-servers.net/en/help/email-provider.html</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[The reasons as to why using e-mail accounts together with JonDonym may be:

You have to use unsave networks like WLAN at the airport or hotel and need a secure connection to your mail provider.
Avoid interconnections between your e-mail identity and other data colletions.
You would like to have a data retention free email account. (IP addresses of JonDonym mixes are useless for data retention.)
You do not want to disclose your location to recipients and mail providers to avoid tracking of your movements.
You would like to use a pseudonym without linkability to your real identity (anonymous email account).
If you would like to have an anonymous email account, please create a new account first. Choose an E-Mail address of the form anonymous1234abcd@xx.yy, that is "anonymous" + numbers + letters. If all JonDo users create addresses of this form, they are much less distinguishable. You can use JonDo+JonDoFox to create the account in the web interface of the new provider.]]></description>
<dc:subject>email security privacy</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:a5a6d22454e0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:email"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:privacy"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.privateinternetaccess.com/forum/index.php?p=/discussion/690/pia-for-linux-server-openvpn/p1">
    <title>PIA for Linux Server OpenVPN - Privacy Online Forum</title>
    <dc:date>2013-07-01T07:21:36+00:00</dc:date>
    <link>https://www.privateinternetaccess.com/forum/index.php?p=/discussion/690/pia-for-linux-server-openvpn/p1</link>
    <dc:creator>mlednor</dc:creator><dc:subject>privacy security linux</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:7f87d7d14e62/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/gokyle/sshbox">
    <title>gokyle/sshbox · GitHub</title>
    <dc:date>2013-06-29T13:35:51+00:00</dc:date>
    <link>https://github.com/gokyle/sshbox</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[sshbox: encrypt and decrypt files using OpenSSH keys.

sshbox is a utility to encrypt and decrypt files using OpenSSH keys. The
files may be PEM-encoded (ASCII-armoured) or DER-encoded (a binary
format). Public keys may be fetched over HTTP(S); however, private keys
must be local. sshbox uses cryptobox[1] as the underlying cryptographic
system. It uses the sshkey[2] package to load the keys.

The utility is designed for encryption smaller files (under 128M), as the
file is read into memory.

Password-protected keys are now supported, as are both ECDSA and RSA keys.
]]></description>
<dc:subject>security ssh</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:95de06f33ec0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ssh"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.ubuntugeek.com/cutter-disconnect-routed-ip-connections.html">
    <title>Cutter – Disconnect routed IP connections | Ubuntu Geek</title>
    <dc:date>2013-06-01T08:48:44+00:00</dc:date>
    <link>http://www.ubuntugeek.com/cutter-disconnect-routed-ip-connections.html</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Cutter is an open source program that uses the FIN-ACK-RST packet technique described above to abort TCP/IP connections routed over the firewall or router on which it is run.]]></description>
<dc:subject>ubuntu network security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:952ec343d55c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ubuntu"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:network"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://joshrendek.com/2013/01/securing-ubuntu/">
    <title>Securing Ubuntu - Josh Rendek</title>
    <dc:date>2013-04-26T08:21:51+00:00</dc:date>
    <link>http://joshrendek.com/2013/01/securing-ubuntu/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Let’s login to our new machine and take some initial steps to secure our system. For this article I’m going to assume your username is ubuntu.]]></description>
<dc:subject>linux security ubuntu</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:b87125a6a747/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ubuntu"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/twocanoes/audit">
    <title>twocanoes/audit · GitHub</title>
    <dc:date>2013-04-26T06:28:07+00:00</dc:date>
    <link>https://github.com/twocanoes/audit</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[OS X has a built in auditing system build into OS X based on OpenBSM. It is configured and setup via the command line, and has some esoteric syntax. To deal with this, I created a system preference pane to configure the options, and a log reader to read and search the binary logs. For more detailed information, see man audit on OS X.

The preference pane creates the audit config files in their normal places (/etc/security) and aids in creating the files for later distribution or for individual configuration.]]></description>
<dc:subject>mac osx security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:7122b43806ab/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:osx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.startssl.com/">
    <title>StartSSL™ Certificates &amp; Public Key Infrastructure - StartSSL™ Home</title>
    <dc:date>2013-04-16T06:26:44+00:00</dc:date>
    <link>https://www.startssl.com/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[StartSSL™ is the trade mark of the StartCom® Certification Authority - a leader of the digital certification industry. We provide you with everything from free low-assurance SSL certificates up to the most advanced PKI and security solutions for your business and personal use.]]></description>
<dc:subject>security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:c5aa18eb964b/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://codex.wordpress.org/Administration_Over_SSL">
    <title>Administration Over SSL « WordPress Codex</title>
    <dc:date>2013-04-16T06:26:18+00:00</dc:date>
    <link>http://codex.wordpress.org/Administration_Over_SSL</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[WordPress 2.6 and later has greatly improved support for administration over SSL out of the box.

To easily enable (and enforce) administration over SSL, there are two constants that you can define in your blog's wp-config.php file. It is not sufficient to define these constants in a plugin file; they must be defined in your wp-config.php file. You must also already have SSL configured on the server and a (virtual) host configured for the secure server before your site will work properly with these constants set to true.]]></description>
<dc:subject>wordpress security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:e5d187eae9b9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:wordpress"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics">
    <title>How to secure an Ubuntu 12.04 LTS server - Part 1 The Basics | How To | The Fan Club | dynamic design solutions</title>
    <dc:date>2013-04-09T11:57:58+00:00</dc:date>
    <link>http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[This guide is based on various community forum posts and webpages. Special thanks to all. All comments and improvements are very welcome as this is purely a personal experimental project at this point and must be considered a work in progress. ]]></description>
<dc:subject>security ubuntu</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:eedd1f00eb7e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ubuntu"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers">
    <title>My First 5 Minutes On A Server; Or, Essential Security for Linux Servers | Bryan Kennedy</title>
    <dc:date>2013-03-17T11:49:24+00:00</dc:date>
    <link>http://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Server security doesn’t need to be complicated. My security philosophy is simple: adopt principles that will protect you from the most frequent attack vectors, while keeping administration efficient enough that you won’t develop “security cruft”. If you use your first 5 minutes on a server wisely, I believe you can do that.]]></description>
<dc:subject>linux security sysadmin ubuntu</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:8c76d5323d58/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:sysadmin"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ubuntu"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.macgasm.net/2013/01/18/good-morning-your-mac-keeps-a-log-of-all-your-downloads/">
    <title>Good Morning, Your Mac Keeps A Log Of All Your Downloads | Macgasm</title>
    <dc:date>2013-01-19T07:53:43+00:00</dc:date>
    <link>http://www.macgasm.net/2013/01/18/good-morning-your-mac-keeps-a-log-of-all-your-downloads/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[The terminal is a pretty powerful tool in Mac OS X. Hardcore server nuts can fly through preferences and settings tweaks without ever touching a GUI. Then there are some things you can do in the Terminal that are just straight out important. This is likely one of the latter, though it does present a bit of a privacy issue. According to OS X Daily the Launch Services quarantine keeps a list of every file you’ve ever downloaded on your Mac, as that’s what triggers the warning dialog about opening files from the Internet. Oddly enough, even if you’ve disabled this in the command line, the database is still keeping track.]]></description>
<dc:subject>mac osx privacy security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:1e5987bde62a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:osx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.unixwiz.net/techtips/ssh-agent-forwarding.html">
    <title>An Illustrated Guide to SSH Agent Forwarding</title>
    <dc:date>2012-11-10T05:55:28+00:00</dc:date>
    <link>http://www.unixwiz.net/techtips/ssh-agent-forwarding.html</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[The Secure Shell is widely used to provide secure access to remote systems, and everybody who uses it is familiar with routine password access. This is the easiest to set up, is available by default, but suffers from a number of limitations. These include both security and usability issues, and we hope to cover them here.

In this paper, we'll present the various forms of authentication available to the Secure Shell user and contrast the security and usability tradeoffs of each. Then we'll add the extra functionality of agent key forwarding, we hope to make the case that using ssh public key access is a substantial win.]]></description>
<dc:subject>linux security</dc:subject>
<dc:source>https://instapaper.com/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:6e924cb2b150/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://derflounder.wordpress.com/2012/09/20/gatekeeper-status-check-script/">
    <title>Gatekeeper Status Check Script « Der Flounder</title>
    <dc:date>2012-10-02T08:59:34+00:00</dc:date>
    <link>http://derflounder.wordpress.com/2012/09/20/gatekeeper-status-check-script/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[As of Mac OS X 10.7.5, Apple has now made Gatekeeper’s GUI functionality available on both Lion and Mountain Lion. Gatekeeper is disabled on Lion Macs by default, but users with admin privileges can turn it on.

To help Mac admins monitor whether Gatekeeper has been enabled, I’ve written a script that checks spctl to see if Gatekeeper’s assessment system is enabled or disabled. When run with root privileges, this script checks 10.7 and 10.8 Macs to see if Gatekeeper is disabled. If Gatekeeper is disabled, script returns Disabled. Any other status will result in script returning Active.]]></description>
<dc:subject>mac security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:36bf844875f8/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://lifehacker.com/5940565/why-you-should-start-using-a-vpn-and-how-to-choose-the-best-one-for-your-needs">
    <title>Why You Should Start Using a VPN (and How to Choose the Best One for Your Needs)</title>
    <dc:date>2012-09-07T10:36:29+00:00</dc:date>
    <link>http://lifehacker.com/5940565/why-you-should-start-using-a-vpn-and-how-to-choose-the-best-one-for-your-needs</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[You may know what a VPN, or Virtual Private Network, is; you probably don't use one. You really should be using a VPN, and even if you don't think so now, at some point in the future you may consider it as important as your internet connection.
When we took at look at your five favorite VPN service providers, we noticed a few things. First, being the "best" is big business for VPN providers, and they'll fight dirty to be one of them. Second, there are so many VPN providers that it's difficult to choose a really good one. VPNs are not all created equally, and in this post, we're going to look at what a VPN is, why you want one, and how to pick the best one for you.]]></description>
<dc:subject>security network</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:e5795a1a18a2/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:network"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://lifehacker.com/5935863/five-best-vpn-service-providers">
    <title>Five Best VPN Service Providers</title>
    <dc:date>2012-08-20T11:35:09+00:00</dc:date>
    <link>http://lifehacker.com/5935863/five-best-vpn-service-providers</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Whether you're killing time at your favorite coffee shop or you're traveling for work and don't want your data falling into the wrong hands, you need a VPN to keep your traffic encrypted and secure. Even so, which VPN service is the best, and which offers the best combination of reliability, features, security, and affordability? We asked you, and this week we're going to look at the top five VPN service providers based on your nominations.]]></description>
<dc:subject>security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:fc40f5eb36e6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.hiawatha-webserver.org/">
    <title>Hiawatha - Hiawatha webserver</title>
    <dc:date>2012-07-25T11:49:35+00:00</dc:date>
    <link>http://www.hiawatha-webserver.org/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[An advanced and secure webserver for Unix]]></description>
<dc:subject>webserver security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:91620e3fefbd/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:webserver"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.lavrsen.dk/foswiki/bin/view/Motion/WebHome">
    <title>WebHome &lt; Motion &lt; Foswiki</title>
    <dc:date>2012-06-19T19:55:44+00:00</dc:date>
    <link>http://www.lavrsen.dk/foswiki/bin/view/Motion/WebHome</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Motion is a program that monitors the video signal from cameras. It is able to detect if a significant part of the picture has changed; in other words, it can detect motion.]]></description>
<dc:subject>linux security software</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:8b01f78efd1f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:software"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://gist.github.com/1583781">
    <title>Convert OS X Keychain exported entries into logins for 1Password import — Gist</title>
    <dc:date>2012-05-08T17:39:13+00:00</dc:date>
    <link>https://gist.github.com/1583781</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[These two files should help you to import passwords from mac OS X keychains to 1password.
]]></description>
<dc:subject>mac security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:830ef44d4c88/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://mitmproxy.org/">
    <title>mitmproxy - home</title>
    <dc:date>2012-03-27T06:39:21+00:00</dc:date>
    <link>http://mitmproxy.org/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[mitmproxy is an SSL-capable man-in-the-middle HTTP proxy. It provides a console interface that allows traffic flows to be inspected and edited on the fly.

mitmdump is the command-line version of mitmproxy, with the same functionality but without the frills. Think tcpdump for HTTP.

Intercept and modify HTTP traffic on the fly
Save HTTP conversations for later replay and analysis
Replay both HTTP clients and servers
Make scripted changes to HTTP traffic using Python
SSL interception certs generated on the fly]]></description>
<dc:subject>network security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:b5b28ab265db/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:network"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.toughlocks.co.uk/store/">
    <title>Tough Locks Ltd, - High Security Door Locks and Euro Cylinders</title>
    <dc:date>2012-02-25T22:18:45+00:00</dc:date>
    <link>http://www.toughlocks.co.uk/store/</link>
    <dc:creator>mlednor</dc:creator><dc:subject>security home</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:cc6001554553/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:home"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.tarsnap.com/">
    <title>Tarsnap - Online backups for the truly paranoid</title>
    <dc:date>2011-11-28T13:41:34+00:00</dc:date>
    <link>http://www.tarsnap.com/</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[Tarsnap is a secure online backup service for BSD, Linux, OS X, Solaris, Cygwin, and can probably be compiled on many other UNIX-like operating systems. The Tarsnap client code provides a flexible and powerful command-line interface which can be used directly or via shell scripts.

At the present time, Tarsnap does not support Windows (except via Cygwin) and does not have a graphical user interface.]]></description>
<dc:subject>s3 security linux backup</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:53e314dec957/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:s3"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:backup"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://moocode.com/posts/5-simple-two-factor-ssh-authentication">
    <title>Simple Two-Factor SSH Authentication with Google Authenticator - Moocode Blog</title>
    <dc:date>2011-10-08T13:12:46+00:00</dc:date>
    <link>https://moocode.com/posts/5-simple-two-factor-ssh-authentication</link>
    <dc:creator>mlednor</dc:creator><description><![CDATA[n a two-part post I'm going to show you some tricks you can do with SSH logins. This post covers setting up two-factor SSH authentication with the Google Authenticator app.

I was recently getting some servers in shape so I can pass the Payment Card Industry standards questionnaire and one requirement was two-factor authentication access to the server. I queried whether SSH key + passphrase was acceptable but didn't get a clear answer so I figured I'd explore setting up another authentication factor myself, plus it piqued my interest.

After a bit of research I found it was possible using a PAM module but it doesn't work along with SSH key authentication (only password authentication) and I only use SSH key logins for my servers.]]></description>
<dc:subject>google ssh security ruby</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:mlednor/b:4a8a09d4658f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:google"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:mlednor/t:ruby"/>
</rdf:Bag></taxo:topics>
</item>
</rdf:RDF>