a whole bunch of changes
This commit is contained in:
parent
c7dae52ec2
commit
1cea09b7b1
19 changed files with 890 additions and 24 deletions
2
404.html
2
404.html
|
@ -20,5 +20,5 @@ layout: default
|
|||
<h1>404</h1>
|
||||
|
||||
<p><strong>Page not found :(</strong></p>
|
||||
<p>The requested page could not be found.</p>
|
||||
<p>We do not have the droids that you are looking for.</p>
|
||||
</div>
|
||||
|
|
65
_layouts/default.html
Normal file
65
_layouts/default.html
Normal file
|
@ -0,0 +1,65 @@
|
|||
<!DOCTYPE html>
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en-us">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
|
||||
<title>{{ page.title }}</title>
|
||||
<meta name="author" content="Brendan McDevitt" />
|
||||
<link href="http://feeds.feedburner.com/brendan" rel="alternate" title="brendan mcdevitt" type="application/atom+xml" />
|
||||
<meta name="readability-verification" content="QCzSs992GxmRYRKVpPeZ6LE2tS8aYKxsSSQKV8YM"/>
|
||||
|
||||
<!-- syntax highlighting CSS -->
|
||||
<link rel="stylesheet" href="/css/syntax.css" type="text/css" />
|
||||
|
||||
<!-- Homepage CSS -->
|
||||
<link rel="stylesheet" href="/css/screen.css" type="text/css" media="screen, projection" />
|
||||
|
||||
<!-- Typekit -->
|
||||
<script type="text/javascript" src="http://use.typekit.com/jpd0pfm.js"></script>
|
||||
<script type="text/javascript">try{Typekit.load();}catch(e){}</script>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<!-- ClickTale Top part -->
|
||||
<script type="text/javascript">
|
||||
var WRInitTime=(new Date()).getTime();
|
||||
</script>
|
||||
<!-- ClickTale end of Top part -->
|
||||
|
||||
<div class="site">
|
||||
<div class="title">
|
||||
<a href="/">Brendan McDevitt</a>
|
||||
<a class="extra" href="/">home</a>
|
||||
<a class="extra" href="/about">about</a>
|
||||
</div>
|
||||
|
||||
|
||||
{{ content }}
|
||||
|
||||
<a href="http://github.com/booboy"><img style="position: absolute; top: 0;
|
||||
right: 0; border: 0;"
|
||||
src="https://s3.amazonaws.com/github/ribbons/forkme_right_red_aa0000.png" alt="Fork me on GitHub" /></a>
|
||||
|
||||
<!-- ClickTale Bottom part -->
|
||||
<div id="ClickTaleDiv" style="display: none;"></div>
|
||||
<script type="text/javascript">
|
||||
if(document.location.protocol!='https:')
|
||||
document.write(unescape("%3Cscript%20src='https://s.clicktale.net/WRb.js'%20type='text/javascript'%3E%3C/script%3E"));
|
||||
</script>
|
||||
<script type="text/javascript">
|
||||
if(typeof ClickTale=='function') ClickTale(206,0.3,"www03");
|
||||
</script>
|
||||
<!-- ClickTale end of Bottom part -->
|
||||
|
||||
<!-- Google Analytics -->
|
||||
<script type="text/javascript">
|
||||
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
|
||||
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
|
||||
</script>
|
||||
<script type="text/javascript">
|
||||
var pageTracker = _gat._getTracker("UA-6016902-1");
|
||||
pageTracker._trackPageview();
|
||||
</script>
|
||||
<!-- Google Analytics end -->
|
||||
|
||||
</body>
|
||||
</html>
|
15
_layouts/post.html
Normal file
15
_layouts/post.html
Normal file
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
layout: default
|
||||
---
|
||||
<div id="post">
|
||||
{{ content }}
|
||||
</div>
|
||||
|
||||
<div id="related">
|
||||
<h2>Related Posts</h2>
|
||||
<ul class="posts">
|
||||
{% for post in site.related_posts limit:3 %}
|
||||
<li><span>{{ post.date | date_to_string }}</span> » <a href="{{ post.url }}">{{ post.title }}</a></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</div>
|
|
@ -1,10 +0,0 @@
|
|||
---
|
||||
layout: post
|
||||
title: "cc fraud"
|
||||
date: 2017-07-06 02:31:36 -0400
|
||||
categories: jekyll update
|
||||
---
|
||||
Today was fun. It is payday! Unfortunately, woke up to login to my bank account and I see a $599.99 charge for B&H Photo in NYC. Banks are so slow nowadays that they need to wait for the transaction to post, then can proceed to cancel it. I have been given the timeframe of up to ten business days for money to be credited back to my account.
|
||||
|
||||
I think from now on, I will need to use prepaid credit cards when doing any form of online transactions. It is such an inconvenience when the card that is breached is the one tied to a bank account. Having a prepaid card loaded up with some cash can combat this, and if the card ever is breached...it won't be as big of an impact.
|
||||
|
|
@ -20,7 +20,7 @@ Fast forward about a year or two and I finally found Quake 3 CPMA. This was a su
|
|||
|
||||
{% include youtubePlayer.html id="Q3ui0hz6sm0" %}
|
||||
|
||||
Quake is one of the only games where you can have a slight skill gap between two players, and the score would not reflect this minor difference. It would be a rape of 40 to 0, even though player A is only slightly better than player B. This hardcore aspect is what kept me playing the game. Nobody likes to be raped 40 to 0 and when that would happen to me, it would really push me to try to improve and learn from my mistakes.
|
||||
Quake is one of the only games where you can have a slight skill gap between two players, and the score would not reflect this minor difference. It would be a score of 40 to 0, even though player A is only slightly better than player B. This hardcore aspect is what kept me playing the game. Nobody likes to be owned 40 to 0 and when that would happen to me, it would really push me to try to improve and learn from my mistakes.
|
||||
|
||||
Quake Champions is id softwares newest implementation of the series. It is currently in beta stages and I have been having fun with it. It is a combination of all of the movement styles of the previous Quake games. Really fun to play. I recommend anyone who is curious about deathmatch games to pick this up and enter into the arena to test your skills among the most skilled fps players. I leave you with a quad damage run that I recently made in Quake Champions. Enjoy.
|
||||
|
||||
|
|
149
_posts/2017-08-22-security+-notes-part1.markdown
Normal file
149
_posts/2017-08-22-security+-notes-part1.markdown
Normal file
|
@ -0,0 +1,149 @@
|
|||
# Security Threats and Controls
|
||||
|
||||
## CIA Triade
|
||||
Data needs to be the following:
|
||||
- Confidentiality
|
||||
- Integrity
|
||||
- Availability
|
||||
|
||||
## Security Policy Steps
|
||||
- obtain support & committment for policy proposed throughout entire org
|
||||
- analyze risks to security within the org that the policy proposes
|
||||
- implement controls that detect and prevent losses & procedures that enable
|
||||
the org to recover from losses
|
||||
- review, test, and update procedures continually. continued compliance.
|
||||
|
||||
## Security Controls
|
||||
- National Institute of Standards and Technolog (NIST)
|
||||
- Federal Information Processing Standards [(FIPS)](http://csrc.nist.gov/publications/PubsFIPS.html)
|
||||
|
||||
## Control Types
|
||||
- Fips 200 (Minimum Security Requirements)
|
||||
- security control will belong to 1 of 18 families of classes.
|
||||
- Access Control, Awareness and Training, Audit and Accountability, Security
|
||||
Assessment and Authorization, Configuration Management, Contingency Planning,
|
||||
Identification and Authentication, Incident Response, Maintenance, Media
|
||||
Protection, Physical and Environmental Protection, Planning, Personnel
|
||||
Security, Risk Assessment, Systems and Services Aquisition, System and
|
||||
Communications Protection, System and Information Integrity, Program
|
||||
Management
|
||||
|
||||
## Physical Security Control Types
|
||||
- Administrative - controls that determine the way people act, including
|
||||
policies, procedures, and guidance.
|
||||
- Technical - controls implemented in operating systems, software, and hardware
|
||||
devices.
|
||||
- Preventative - the control physically or logically restricts unauthorized
|
||||
access. A directive can be thought of as an administrative version of a
|
||||
preventive control.
|
||||
- Deterrent - the control may not physically or logically prevent access, but
|
||||
psychologically discourages an attacker from attempting an intrusion.
|
||||
- Detective - the control may not prevent or deter access, but it will identify
|
||||
and record any attempted or successful intrusion.
|
||||
- Corrective - the control responds to and fixes an incident and may also
|
||||
prevent its reoccurrence.
|
||||
- Compensating - the control does not prevent the attack but restores the
|
||||
function of the system through some other means, such as using data backup or
|
||||
an alternative site.
|
||||
|
||||
## Access Control and ACL
|
||||
- Identification
|
||||
- Authentication
|
||||
- Authorization
|
||||
- Accounting
|
||||
|
||||
## Formal Access Control Models
|
||||
- DAC - Discretionary Access Control - The owner is granted full control over
|
||||
the resource, meaning that s/he can modify its ACL to grant rights to others.
|
||||
- RBAC - Rule Based Access Control - Under RBAC, a set of organizational roles
|
||||
are defined and users allocated to those roles.
|
||||
- MAC - Mandatory Access Control - based on the idea of security clearance
|
||||
levels. Rather than defining access control lists on resources, each object
|
||||
and each subject is granted a clearance level (referred to as a label).
|
||||
|
||||
|
||||
# Crypto:
|
||||
|
||||
## Bit length of hashing algorithm
|
||||
- sha-1, 160 bits
|
||||
- sha-2, up to 512 bits
|
||||
- md5, 128 bits
|
||||
- ripemd-160 - 160 bits
|
||||
|
||||
## Stream ciphers and block ciphers
|
||||
- 3DES / Triple DES - block cipher - 56 bit key - 64 bit blocks
|
||||
- AES / AES25 - block cipher - 128 bit block size, variable key length
|
||||
- RC4 stream cipher - from 40 to 128 bits, variable length key - used in SSL / WEP
|
||||
- Blowfish - 64 bits, variable length key
|
||||
- Twofish - 128 bits, variable length key
|
||||
- RSA - finds prime factors of large sets of number. variable key size. 2048
|
||||
key size ( 2048 / 8 ) - 11
|
||||
- DSA (Digital Signature Algorithm)
|
||||
|
||||
|
||||
## Asymmetric vs Symmetric encryption
|
||||
### Asymmetric
|
||||
- uses pki. two keys, one key is needed to encrypt & decrypt the other
|
||||
- public key, private key
|
||||
### Symmetric
|
||||
- uses the same key for encryption & decryption
|
||||
|
||||
## PKI (Public Key Infrastructure)
|
||||
Three main elements to a PKI:
|
||||
- Organization
|
||||
- Servers
|
||||
- Client
|
||||
|
||||
## Key Management
|
||||
Stages of a key lifecycle. Key mgmt can either be centralized(admin controls
|
||||
all of it) or decentralized(each user controls own keys).
|
||||
- Key Generation
|
||||
- Certificate Generation
|
||||
- Distribution
|
||||
- Storage
|
||||
- Revocation
|
||||
- Expiration
|
||||
|
||||
## Public Key Crypto Standards
|
||||
- PKCS #1 - defines the properties of public/private key pairs and the
|
||||
algorithms for RSA encryption.
|
||||
- PKCS #3 - defines Diffie-Hellman key agreeement.
|
||||
- PKCS #6 - the original (v1) standard for X.509 certificates. As noted above,
|
||||
the latest X.509 v3 standard is published as RFC 5280 .
|
||||
- PKCS #7 - provides the basis for S/MIME (Secure Multipart Internet Mail
|
||||
Extensions), allowing users to sign and encrypt email messages using digital
|
||||
certificates. S/MIME is published as the Cryptographic Message Standard (CMS)
|
||||
in RFC 5652 .
|
||||
- PKCS #10 - format for requests certificates from a CA
|
||||
|
||||
## RFCS
|
||||
- [2104](https://tools.ietf.org/html/rfc2104) hashbased message authentication code (HMAC)
|
||||
- [5280](https://tools.ietf.org/html/rfc5280) x.509 public key infrastructure
|
||||
- [2527](https://tools.ietf.org/html/rfc2527) certificate policies
|
||||
- [4880](https://tools.ietf.org/html/rfc4880) pretty good privacy (pgp)
|
||||
- [5280](https://tools.ietf.org/html/rfc5280)
|
||||
- [5652](https://tools.ietf.org/html/rfc5652)
|
||||
- [4120](https://tools.ietf.org/html/rfc4120) kerberos
|
||||
- [1334](https://tools.ietf.org/html/rfc1334) PAP - password authentication protocol
|
||||
- [1994](https://tools.ietf.org/html/rfc1994) CHAP - challenge handshake authentication protocol
|
||||
- [4226](https://tools.ietf.org/html/rfc4226) HOTP - HMAC based one-time password algorithm
|
||||
- [6238](https://tools.ietf.org/html/rfc6238) TOTP - Timebased one-time password algorithm
|
||||
- [3748](https://tools.ietf.org/html/rfc3748) EAP - Extensible Authentication Protocol
|
||||
- [5216](https://tools.ietf.org/html/rfc5216) EAP-TLS
|
||||
- [2865](https://tools.ietf.org/html/rfc2865) RADIUS - Remote Authentication Dial-in User Service
|
||||
|
||||
## FIPS - Federal Information Processing Standards
|
||||
- FIPS 180
|
||||
- FIPS 198
|
||||
- FIPS 186
|
||||
- FIPS 140
|
||||
- FIPS 201
|
||||
|
||||
## Suite B
|
||||
Suite B is a set of cryptographic algorithms mandated by the National Security
|
||||
Agency (NSA) for use by US government agencies. Suite A is an unpublished list
|
||||
of classified algorithms.
|
||||
- Encryption AES-128 & AES-256
|
||||
- Digital Signature - ECDSA with 256 and 384 bit keys
|
||||
- Key Exchange - Diffie Hellman with 256 and 384 bit keys
|
||||
- Cryptographic Hash - SHA-256 and SHA-384
|
226
_posts/2017-08-23-security+-notes-part2.markdown
Normal file
226
_posts/2017-08-23-security+-notes-part2.markdown
Normal file
|
@ -0,0 +1,226 @@
|
|||
## LDAP
|
||||
- everything is done in plaintext
|
||||
- there is a TLS version of it. LDAPS
|
||||
- port 636
|
||||
|
||||
## Windows Active Directory
|
||||
- tree and forest type of hierarchical design
|
||||
- For example, the widget.com parent domain (the root of the tree) could
|
||||
contain child domains (sales.widget.com, mis.widget.com, partners.widget.com,
|
||||
and so on). These domains have twoway transitive trusts, meaning that (for
|
||||
example) a user account in one domain in the tree could access resources (an
|
||||
application or file server for instance) in another domain.
|
||||
|
||||
### Security Accounts Manager
|
||||
- database on windows systems up to windows 7 that stored hashed version
|
||||
usually ntlm hash of passwords. stored in the registry path:
|
||||
%SystemRoot%/system32/config/SAM
|
||||
|
||||
### Naming Strategy
|
||||
- how will AD namespace integrate with public dns entries?
|
||||
- consider grouping OU by location & group info
|
||||
|
||||
### Group Management
|
||||
AGDLP (Accounts go into Global groups, which go into Domain Local groups,
|
||||
which get Permissions)
|
||||
- domain local - privileges only assigned to members in same domain. Accounts
|
||||
or universal and global groups from any trusted domain can be a member of a
|
||||
domain local group.
|
||||
- global - groups can contain only user and global or universal group accounts
|
||||
from the same domain but can be used to assign rights to resources in any
|
||||
trusted domain (essentially, the opposite of domain local scope).
|
||||
- univesal - can contain accounts from any trusted domain and can also be used
|
||||
to grant permissions on any object in any trusted domain.
|
||||
- other groups: security, distribution, system
|
||||
|
||||
### Group Policy and Local Security Policy
|
||||
- password policy: min age, complexity, min length, password history (y/n),
|
||||
change pass option, pass expire (y/n)
|
||||
- account restrictions: time, workstation, # consecutive logins, expiration
|
||||
date, disable account, max # incorrect login attempt before lockout
|
||||
|
||||
## Secure Network Topologies
|
||||
topology - a description of how a computer network is physically or logically
|
||||
organized.
|
||||
|
||||
### Subnetting
|
||||
- useful because traffic that passes through each subnet can be subject to
|
||||
filtering and access control at the router.
|
||||
- also can make it harder to sniff traffic on the network due to it being
|
||||
divided.
|
||||
|
||||
### Zones
|
||||
an area of the network where the security configuration is the same for all
|
||||
hosts within it.
|
||||
- Firewalls block traffic based on zones - example zones: intranet, exranet
|
||||
(semi-trusted hosts, who must auth with extranet), internet
|
||||
- Uses ACL
|
||||
- DMZ - demilitarized zone. traffic cannot pass through.
|
||||
|
||||
### Tunneling
|
||||
VPNs are biggest example. a tunnel is often used as example to describe a VPN's
|
||||
functionality.
|
||||
|
||||
### Switches
|
||||
- VLAN protocols: VTP (VLAN Trunking Protocol), GARP (Generic Attribute
|
||||
Registration Protocol), GVRP (Generic VLAN Registration Protocol)
|
||||
- Pruning - removing broadcasts related to particular VLANs from a trunk to
|
||||
preserve bandwidth
|
||||
- Vulnerabilities: MAC flooding, ARP poisoning, VLAN hopping: this exploits the
|
||||
native VLAN feature of 802.1Q. Native VLANs are designed to provide
|
||||
compatibility with non-VLAN capable switches. The attacker (using a device
|
||||
placed in the native VLAN) crafts a frame with two VLAN tag headers. The
|
||||
first trunk switch to inspect the frame strips the first header and the frame
|
||||
gets forwarded to the target VLAN. VTP attacks (attacker masquerades as
|
||||
another switch to try to have the configuration replicated to it), Spanning
|
||||
Tree Attacks
|
||||
|
||||
### Routers
|
||||
- fault tolerant
|
||||
- dynamic router protocols: bgp (big isp), opsf - link state algorithm used,
|
||||
rip - distance vector algorithm. less efficient than link state algorithm.
|
||||
- attacks: fingerprinting, exploits in the OS running the router, spoofed
|
||||
routing info, denial of service, arp poisoning, icmp redirect
|
||||
|
||||
### Network Address Translation
|
||||
Types:
|
||||
- Static 1:1 mapping made between inside / outside address ip space
|
||||
- Dynamic - has pool of addresses. assigns and relases them as needed
|
||||
- Overloaded
|
||||
- Destinaton
|
||||
- NAPT - assigning ports to internal ip
|
||||
- DNAT - destination port forwarding to open up internal port to interwebs
|
||||
|
||||
### Firewalls
|
||||
basic function of a firewall is traffic filtering
|
||||
- types: packet filtering, stateful, stateful inspection, application aware
|
||||
devices
|
||||
- packet filtering: can inspect the headers of ip packets
|
||||
- packet filtering: block traffic with ip filtering, protocol type, port
|
||||
filtering
|
||||
- stateful inspection: records up to layer 5 (session) layer. Stores state
|
||||
information in a statet table
|
||||
- application aware: records up to layer 7 (application) layer.
|
||||
|
||||
### Proxies and Gateways
|
||||
- Proxy can be setup as man-in-the-middle to filter traffic or simply monitor
|
||||
outbound traffic
|
||||
- can work as a caching engine to store frequently requested web pages in an
|
||||
effort to speed up load times
|
||||
- Reverse Proxy - a way to take internal facing applications and make them face
|
||||
the public internet
|
||||
|
||||
### Implementing a Firewall or Gateway
|
||||
- Appliance Firewall - uses dedicated hardware
|
||||
- Router Firewall - built into router
|
||||
- Switch Firewall - some layer 3 switches can perform packet filtering
|
||||
- NOS Firewall - designed to run under a network server
|
||||
- Application Firewall - software based firewall running on a host
|
||||
- Personal Firewall - software based firewall only running on a single host
|
||||
|
||||
### Web Application Firewall (WAF)
|
||||
Designed to specifically block threats over https and https
|
||||
|
||||
### Web and Security Gateways
|
||||
- Designed for corporate control over websites employees visit on a network.
|
||||
- Is usually implemented via a stand-alone appliance or proxy server software.
|
||||
- Can also be used to filter email attachments
|
||||
|
||||
### Intrusion Detection System (IDS) / Network Intrusion Detection Systems
|
||||
(NIDS)
|
||||
- will detect an attack and log, usually creating and alerting the
|
||||
administrator
|
||||
- uses an analysis engine: usually with console access.
|
||||
- passive in nature: there to be able to alert and notify the administrator of
|
||||
the event triggered
|
||||
- some have active detection: will end the TCP session
|
||||
|
||||
### Intrusion Prevention System (IPS)
|
||||
Designed to detect an attack, log it, and put a stop to it! Usually by
|
||||
completely ending the TCP connection and/or session.
|
||||
|
||||
### Unified Threat Management (UTM)
|
||||
All-in-one merger of roles of NIDS / IDS / IPS / NIPS
|
||||
usually will be very high end machines capable or accepting lots of traffic and
|
||||
analyzing it along with signature checking against a database.
|
||||
|
||||
### Host Based IDS (HIDS)
|
||||
captures information from a single host on a network
|
||||
|
||||
### IDS Analysis Engines
|
||||
- signature based detection or pattern matching. engine is loaded with a DB of
|
||||
attack patterns or malware signatures and checks incoming traffic against
|
||||
this DB.
|
||||
- behavior based detection: engine is trained to first recognize a baseline
|
||||
'normal' behavior, and then acts on incoming traffic that deviates from the
|
||||
baseline or 'normal' behavior
|
||||
- anomaly based detection: acts if the engine detects things that are anomolous
|
||||
in nature or irregularities occurring in protocols.
|
||||
|
||||
### Wifi Security
|
||||
- Wardriving - driving around looking for insecure wireless access points
|
||||
- Warchalking - marking locations with something so you can come back later to
|
||||
pwn the wifi network.
|
||||
- WEP cracking - aircrack-ng suite of tools can be used to listen to ARP IV's
|
||||
since the encryption key is transfered via plaintext. encryption is an rc4
|
||||
cipher.
|
||||
- WPA2 - AES put in place to encrypt instead of RC4.
|
||||
- WPA2 - attacker can get pre-shared encryption key by associating with access
|
||||
point. then the attacker will brute force the passphrase using the pre-shared
|
||||
encryption key.
|
||||
|
||||
### Open Authentication and Captive Portals
|
||||
open wifi basically an unecrypted open network.
|
||||
- captive portal: on an open network, making a secondary login usually with
|
||||
https via a web browser so clients have to login.
|
||||
- mac address filtering could work to better secure an open wifi network
|
||||
- another method to secure: disable dhcp and enforce users connceting to use a static ip
|
||||
- signal strength: increase / decrease power of wifi antenna based on site-survey for the
|
||||
physical space
|
||||
|
||||
### IPSEC
|
||||
- layer 3
|
||||
- two core protocols: AH (authentication header), ESP(encapsulation security
|
||||
payload).
|
||||
- AH will encrypt the IP header in the packet
|
||||
- ESP will encrypt the entire payload.
|
||||
- HMAC-MD5, HMAC-SHA-1, or HMAC-SHA-2 and 3DES or AES (symmetric encryption
|
||||
ciphers) are the algorithms typically used by ESP.
|
||||
|
||||
#### Internet Key Exchange / ISAKMP
|
||||
- AH and ESP both depend on a shared secret key that is only known to the two
|
||||
hosts
|
||||
- phase 1: establishes identity of two hosts & key agreement with diffie hellmen key exchange.
|
||||
- phase 2: diffie-hellmen key agreement establishes shared key used to sign
|
||||
packets for msg integrity. diffie-hellmen however does not authenticate the
|
||||
endpoints.
|
||||
- phase 3: authenticatin endpoint kicks in. endpoints are: pki, pre-shared
|
||||
key, kerberos
|
||||
|
||||
#### Transport and Tunnel Modes
|
||||
- Transport mode - ip header is not encrypted, only the payload is
|
||||
- Tunnel mode - entire ip packet. header + payload all encrypted
|
||||
|
||||
### Remote Access Hardening
|
||||
things to look for on servers in regards to hardening:
|
||||
- malware protection - is antivirus installed?
|
||||
- security information - is authentication info stored on the server?
|
||||
- data transfer - files copied to remote hosts can no longer be secured
|
||||
- local privileges - sudo users and what not that can escalate privileges
|
||||
- weak authentication - users that use weak passwds get pwned
|
||||
|
||||
## RFC
|
||||
- [1123](https://tools.ietf.org/html/rfc1123)
|
||||
- [3022](https://tools.ietf.org/html/rfc3022) NAT
|
||||
- [1918](https://tools.ietf.org/html/rfc1918) Private IP address classes
|
||||
- [2637](https://tools.ietf.org/html/rfc2637) PPTP
|
||||
- [2661](https://tools.ietf.org/html/rfc2661) L2TP
|
||||
- [3193](https://tools.ietf.org/html/rfc3193) IPSec in conjuction with L2TP as
|
||||
a vpn solution
|
||||
- [4301](https://tools.ietf.org/html/rfc4301) IPSec
|
||||
- [4385](https://tools.ietf.org/html/rfc4385) Algorithms that an implementation
|
||||
must adhere to be standards-compliant.
|
||||
- [1001](https://tools.ietf.org/html/rfc1001) NETBios
|
||||
- [1002](https://tools.ietf.org/html/rfc1002) NetBios
|
||||
- [4942](https://tools.ietf.org/html/rfc4942) IPv6 Vulnerabilities
|
||||
|
103
_posts/2017-08-24-securty+-notes-part3.markdown
Normal file
103
_posts/2017-08-24-securty+-notes-part3.markdown
Normal file
|
@ -0,0 +1,103 @@
|
|||
## Host Security
|
||||
- Common Criteria (CC)
|
||||
- Security Target (ST)
|
||||
- baseline: snapshot of the typical activity on your network on any given host.
|
||||
|
||||
### OS Hardening
|
||||
- Windows: Group Policy, Local Security Policy
|
||||
- Unix: SystemV (AT&T), BSD (All the BSDS YES!)
|
||||
- Linux: Many distributions.
|
||||
- Patch Management - make sure you patch your shit yo
|
||||
- Windows: Windows update to update the OS
|
||||
- Linux/Unix: System package manager or recompile packages based on needs
|
||||
- Hotfixes: specific customer request for a piece of software to be fixed.
|
||||
Usuaully hurried in nature.
|
||||
- Windows: Service packs
|
||||
- Windows Update Services: basically an update server that works like a proxy
|
||||
server. you can centralize and speed up windows updates times in your organization
|
||||
- Firmware Updates: you have seen examples via IPMI updates on servers. Routers
|
||||
/ Switches very important to have latest firmware updates applied.
|
||||
- Driver updates: Make sure all the crapp windows software has been updated to
|
||||
latest drivers. linux will take care via the pkg manager.
|
||||
- Endpoint Security: If they can't get to your individual hardended server
|
||||
because you have something like a firewall setup at your network endpoint,
|
||||
then you are doing it right!
|
||||
- Physical Security: Access to USB port / network ports on servers, switches, routers
|
||||
- Mac Filtering: Specifying which MAC addresses are allowed to connect to a
|
||||
specific network port.
|
||||
- PNAC (Port Based Network Access Control) - performs some sort of
|
||||
authentication of the attached device before activating the port.
|
||||
- EAPoL (Extensible Authentication Protocol over LAN) - authenticating devices
|
||||
using EAP or with PKI to pass authentication portion over to a RADIUS server.
|
||||
RADIUS server will check creds and give access denied or allow access. If
|
||||
access granted, switch will enable the VLAN tag that the port is setup with
|
||||
to enable network access.
|
||||
|
||||
### Data Security
|
||||
- data policy: describes the security controls that will be applied to protect
|
||||
data at each stage of its lifecycle.
|
||||
- information classification and access control: unclassified (public) data,
|
||||
classified (private/restricted) data, confidential aka highly sensitive data,
|
||||
secret data, top-secret.
|
||||
- classified, confidential, secret, and top-secret should be encrypted
|
||||
- publication and distribution: storage and retrieval, distribution - what
|
||||
restrictions are there on making copies of the data, security - what is the
|
||||
security process if the document is compromised
|
||||
- data states: data at rest, data in-transit, data in-use
|
||||
- retention, storage, and destruction: retention aka archiving the data,
|
||||
destruction aka destroying the data
|
||||
|
||||
### Personally Identifiable Information (PII)
|
||||
Protect yourself from identity theft yo, limit the use of PII!
|
||||
- PII - data that can be used to identify, contact, or locate an individual (or
|
||||
in the case of identity theft, to impersonate them).
|
||||
- Examples: tattoos, social security number, usernames, passwords, email
|
||||
addresses, dobs, cc #
|
||||
|
||||
### Data Encryption
|
||||
Encrypt all the things
|
||||
- file / folder encryption - many different filesystems that support
|
||||
encryption, efs and luks are some examples
|
||||
- disk encryption: BitLocker, TrueCrypt(discontinued), Symantec Drive
|
||||
Encryption
|
||||
- Hardware based encryption: TPM (Trusted Platform Module) - a little piece of
|
||||
hardware that stores the encryption key on it. starting to also be hardware
|
||||
based solutions that are meant to be installed as add-ons to bring load away
|
||||
from CPU.
|
||||
- Removable media encryption: usb devices, yubikeys, many different kinds.
|
||||
- Database encryption: most of the time it is better to encrypt files on the
|
||||
disk. encryption usually done at the column level so this is very CPU
|
||||
intensive.
|
||||
|
||||
### Data Loss Prevention
|
||||
Dont lose that data!
|
||||
- a database that identifies confidential data that should not be lost.
|
||||
- requires the following components: policy server - to configure
|
||||
confidentiality ruleset, endpoint agents - to enforce policy on client
|
||||
computers, network
|
||||
agents - scan communications at network borders and interface with web and
|
||||
messaging servers to enforce policy.
|
||||
- rights management services: assigns file permissions based on different
|
||||
document roles(such as author, editor, or reviewer). Restrict printing and
|
||||
forwarding of documents, event when sent as file attachments, Restrict
|
||||
printing and forwarding of email documents.
|
||||
|
||||
### Big Data
|
||||
The new buzzword to throw around in todays IT world
|
||||
- big data: an unstructured database set, usually setup into some sort of
|
||||
database management system.
|
||||
|
||||
### Backup Plans and Policies
|
||||
Do you have backups of your backups?
|
||||
- backup types: full, incremental, differential
|
||||
- keep your stuff backed up versionally - use version control, stupid.
|
||||
- snapshots - meant to keep copies of open files, zfs, btrfs filesystems have
|
||||
this feature built-in to the filesystem.
|
||||
- tapes: tapes are mainly used for archiving purposes. they use an autoloader
|
||||
to preload tapes. tapes are rotated. a good rotation policy - monthly,
|
||||
weekly, daily.
|
||||
- is there an offsite backup solution in place?
|
||||
- make you sure that you are testing backups to make sure you can restore
|
||||
everything from them
|
||||
|
||||
|
16
_posts/2017-10-12-snapping-pics-by-the-zoo.markdown
Normal file
16
_posts/2017-10-12-snapping-pics-by-the-zoo.markdown
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
layout: post
|
||||
title: "snapping pics by the zoo"
|
||||
date: 2017-10-13
|
||||
categories: misc
|
||||
---
|
||||
|
||||
I walked almost 5 miles today throughout downtown Chicago. On my way back, I
|
||||
cut through the Lincoln Park Zoo parking lot. They have something going on
|
||||
right now during Halloween season titled 'Fall Fest' where they have some
|
||||
different carnival rides at the Zoo. The Zoo was closed at the time I was
|
||||
walking home, but I still felt the need to snap this picture of the Ferris
|
||||
Wheel. It almost looks haunted.
|
||||
|
||||
{:class="img-responsive"}
|
||||
|
12
about.md
12
about.md
|
@ -4,12 +4,12 @@ title: About
|
|||
permalink: /about/
|
||||
---
|
||||
|
||||
I am an aspiring security researcher working as a *nix system administrator. I like to program in python and play fast paced deathmatch video games. I try to better myself each day. If you would like to reach out, I can be reached via email at bpmcdevitt at thelinuxspace.com
|
||||
I am an aspiring security researcher working as a *nix administrator. I
|
||||
like to program in python and play fast paced deathmatch video games. I try to
|
||||
better myself each day. If you would like to reach out, I can be reached via:
|
||||
|
||||
This page is designed with Jekyll
|
||||
- email - bpmcdevitt[at]thelinuxspace[dot]com
|
||||
- [pgp key](/assets/brendanmcdevittkey.asc)
|
||||
|
||||
You can find the source code for Jekyll at GitHub:
|
||||
[jekyll][jekyll-organization] /
|
||||
[jekyll](https://github.com/jekyll/jekyll)
|
||||
{:class="img-responsive"}
|
||||
|
||||
[jekyll-organization]: https://github.com/jekyll
|
||||
|
|
BIN
assets/bailey1.jpg
Normal file
BIN
assets/bailey1.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 3 MiB |
BIN
assets/bailey2.jpg
Normal file
BIN
assets/bailey2.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 3.7 MiB |
34
assets/brendanmcdevittkey.asc
Normal file
34
assets/brendanmcdevittkey.asc
Normal file
|
@ -0,0 +1,34 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: OpenPGP.js v2.3.8
|
||||
Comment: http://openpgpjs.org
|
||||
|
||||
xsBNBFfTfBkBCADW/Ay1ko2M43tGvB2Pgj0sq10x2E8iLTFKOsVXy/V+gTXh
|
||||
I0qmS1cOTjiLaUyB41KuBkz4GR9e2d2djzCOAV2CcCHpHrkmq+J2t7CPDV6V
|
||||
ed+5IUojOb8anVM3FKmTUYa//ZDlaa0ObpoR+4ZFtBaCqNUtlX/+wTcixnTD
|
||||
kQymRqZBTncRMpH0bvel1wvOivvjoAjwJNeBDbkf4isl6AJm5KaJlXP6twtv
|
||||
Qd9B99uYMSVmRH14sjzESuR086momxg+wJsNudRaur3i2SmAu1iB1ven3Vx2
|
||||
cROpxINZIglyiEZcBJuRbtwdvj6HdBhRB8Ws7hXwsWXaOjYAWXke5xMJABEB
|
||||
AAHNO2JwbWNkZXZpdHRAdGhlbGludXhzcGFjZS5jb20gPGJwbWNkZXZpdHRA
|
||||
dGhlbGludXhzcGFjZS5jb20+wsB1BBABCAApBQJY3uabBgsJBwgDAgkQyxE/
|
||||
F1Yw9hEEFQgKAgMWAgECGQECGwMCHgEAADg1B/9hJdcgUTra7+KXOf5I6MFi
|
||||
DzENRMGCUKfJe08Vw/fxJVJSgWq459mhJRHRm+M5gPtTSdvxAdVoiUyK+xFm
|
||||
I/+xV+D+ZrYDkzu4hngkL/ziNuBrrR/qrT2TG2QV4OtzQr04cXV2Rk5ObtcR
|
||||
nfwgYj1ytya2kqWPEV/6w3B7Y/CUoycN2B8yJcNO3rtGH8SiWaqjRD4eLlGO
|
||||
e4/fHQqxmkVKJSVsf7Vzfu+da94xeMnKcpZS/jDboj8EHD0GkE+7h5obTxUO
|
||||
7QMFsEhIBKgiT8RXnTEksmb3ondarFRdBsQTpVCaC23idoOvYh3Q3Gsmt+/p
|
||||
zJCXLlkqP8gEPUcnVgaazsBNBFfTfBkBCADGBeZ/Ox/JdTtLXslnUStr6je3
|
||||
L12q66t7nmtxmkQTJvQjI8xVqaA9JtkspiqxdV2LEJk6uWEGunF0t/rOyAU8
|
||||
2SM1z8PvVcviF5DrtlvMq8K2eEA4xOaMmWgSn3kkxpes9hb298Hx3nQh0cCC
|
||||
YjosSTCSOrvfgfDcgGBjVE+pYvrDDXdgOgeBGESFyGFJoEkSut3ry7RAFPJZ
|
||||
fs/GRlWXGvef2ZlDOt5mztmqUQpL4/EziX2DxvJGJzPKx9IBuMWxKFiF9oRU
|
||||
PjhQHHi+kfIfXgFashT1Rqj4+nxkH4imLpXUhwClmsK7+sMDH9UYCMHWrKG/
|
||||
Ykyg4FfNdvZAU2mVABEBAAHCwF8EGAEIABMFAlje5pwJEMsRPxdWMPYRAhsM
|
||||
AACLGgf/YOzQMyQ5m3qM82lf41SXrT/t5rKLcRzgCMmhAkZm3Od80SeklVGY
|
||||
Yjtu96vcU1H9hwT3joXiGuPAEttA9lb2OCYUcn8zpiq1AtyaTUgX09HBm4Xv
|
||||
xBXZ4JhTN5aV9Qg9GuRjMFfV7WgykM5hjQ7iALaz3FbAX3jouC8rb0VOt6Rw
|
||||
2hBy4Ai7MzqdarAucSW19IXVm3129iBmR+wBnvronTGlPzWBwgkw3qCyv+dk
|
||||
yccWTi8shBCgKMSPVIOlbhdTR1Topg6hWxAEkqbLh+e4CnH8VEdGsJVYmLdx
|
||||
a2OZ8b9lJxrdnzhb22m6gBySUV30/JF8rCfPvdqUI4pulEntFw==
|
||||
=bxtl
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
BIN
assets/ferris_wheel_2017_oct_lpzoo.jpg
Normal file
BIN
assets/ferris_wheel_2017_oct_lpzoo.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 355 KiB |
BIN
assets/me.jpg
Normal file
BIN
assets/me.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 50 KiB |
202
css/screen.css
Normal file
202
css/screen.css
Normal file
|
@ -0,0 +1,202 @@
|
|||
/*****************************************************************************/
|
||||
/*
|
||||
/* Common
|
||||
/*
|
||||
/*****************************************************************************/
|
||||
|
||||
/* Global Reset */
|
||||
|
||||
* {
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
}
|
||||
|
||||
html, body {
|
||||
height: 100%;
|
||||
}
|
||||
|
||||
body {
|
||||
background-color: white;
|
||||
font: 13.34px helvetica, arial, clean, sans-serif;
|
||||
*font-size: small;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
h1, h2, h3, h4, h5, h6 {
|
||||
font-size: 100%;
|
||||
}
|
||||
|
||||
h1 {
|
||||
margin-bottom: 1em;
|
||||
}
|
||||
|
||||
p {
|
||||
margin: 1em 0;
|
||||
}
|
||||
|
||||
a {
|
||||
color: #00a;
|
||||
}
|
||||
|
||||
a:hover {
|
||||
color: black;
|
||||
}
|
||||
|
||||
a:visited {
|
||||
color: #a0a;
|
||||
}
|
||||
|
||||
table {
|
||||
font-size: inherit;
|
||||
font: 100%;
|
||||
}
|
||||
|
||||
/*****************************************************************************/
|
||||
/*
|
||||
/* Home
|
||||
/*
|
||||
/*****************************************************************************/
|
||||
|
||||
ul.posts {
|
||||
list-style-type: none;
|
||||
margin-bottom: 2em;
|
||||
}
|
||||
|
||||
ul.posts li {
|
||||
line-height: 1.75em;
|
||||
}
|
||||
|
||||
ul.posts span {
|
||||
color: #aaa;
|
||||
font-family: Monaco, "Courier New", monospace;
|
||||
font-size: 80%;
|
||||
}
|
||||
|
||||
/*****************************************************************************/
|
||||
/*
|
||||
/* Site
|
||||
/*
|
||||
/*****************************************************************************/
|
||||
|
||||
.site {
|
||||
font-size: 110%;
|
||||
text-align: justify;
|
||||
width: 42em;
|
||||
margin: 3em auto 2em auto;
|
||||
line-height: 1.5em;
|
||||
}
|
||||
|
||||
.title {
|
||||
color: #a00;
|
||||
font-weight: bold;
|
||||
margin-bottom: 2em;
|
||||
}
|
||||
|
||||
.site .title a {
|
||||
color: #a00;
|
||||
text-decoration: none;
|
||||
}
|
||||
|
||||
.site .title a:hover {
|
||||
color: black;
|
||||
}
|
||||
|
||||
.site .title a.extra {
|
||||
color: #aaa;
|
||||
text-decoration: none;
|
||||
margin-left: 1em;
|
||||
}
|
||||
|
||||
.site .title a.extra:hover {
|
||||
color: black;
|
||||
}
|
||||
|
||||
.site .meta {
|
||||
color: #aaa;
|
||||
}
|
||||
|
||||
.site .footer {
|
||||
font-size: 80%;
|
||||
color: #666;
|
||||
border-top: 4px solid #eee;
|
||||
margin-top: 2em;
|
||||
overflow: hidden;
|
||||
}
|
||||
|
||||
.site .footer .contact {
|
||||
float: left;
|
||||
margin-right: 3em;
|
||||
}
|
||||
|
||||
.site .footer .contact a {
|
||||
color: #8085C1;
|
||||
}
|
||||
|
||||
.site .footer .rss {
|
||||
margin-top: 1.1em;
|
||||
margin-right: -.2em;
|
||||
float: right;
|
||||
}
|
||||
|
||||
.site .footer .rss img {
|
||||
border: 0;
|
||||
}
|
||||
|
||||
/*****************************************************************************/
|
||||
/*
|
||||
/* Posts
|
||||
/*
|
||||
/*****************************************************************************/
|
||||
|
||||
#post {
|
||||
|
||||
}
|
||||
|
||||
/* standard */
|
||||
|
||||
#post pre {
|
||||
border: 1px solid #ddd;
|
||||
background-color: #eef;
|
||||
padding: 0 .4em;
|
||||
}
|
||||
|
||||
#post ul,
|
||||
#post ol {
|
||||
margin-left: 1.35em;
|
||||
}
|
||||
|
||||
#post code {
|
||||
border: 1px solid #ddd;
|
||||
background-color: #eef;
|
||||
font-size: 85%;
|
||||
padding: 0 .2em;
|
||||
}
|
||||
|
||||
#post pre code {
|
||||
border: none;
|
||||
}
|
||||
|
||||
#post img {
|
||||
max-width: 42em;
|
||||
padding: 1em 0;
|
||||
}
|
||||
|
||||
/* terminal */
|
||||
|
||||
#post pre.terminal {
|
||||
border: 1px solid black;
|
||||
background-color: #333;
|
||||
color: white;
|
||||
}
|
||||
|
||||
#post pre.terminal code {
|
||||
background-color: #333;
|
||||
}
|
||||
|
||||
#related {
|
||||
margin-top: 2em;
|
||||
}
|
||||
|
||||
#related h2 {
|
||||
margin-bottom: 1em;
|
||||
}
|
60
css/syntax.css
Normal file
60
css/syntax.css
Normal file
|
@ -0,0 +1,60 @@
|
|||
.highlight { background: #ffffff; }
|
||||
.highlight .c { color: #999988; font-style: italic } /* Comment */
|
||||
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
|
||||
.highlight .k { font-weight: bold } /* Keyword */
|
||||
.highlight .o { font-weight: bold } /* Operator */
|
||||
.highlight .cm { color: #999988; font-style: italic } /* Comment.Multiline */
|
||||
.highlight .cp { color: #999999; font-weight: bold } /* Comment.Preproc */
|
||||
.highlight .c1 { color: #999988; font-style: italic } /* Comment.Single */
|
||||
.highlight .cs { color: #999999; font-weight: bold; font-style: italic } /* Comment.Special */
|
||||
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
|
||||
.highlight .gd .x { color: #000000; background-color: #ffaaaa } /* Generic.Deleted.Specific */
|
||||
.highlight .ge { font-style: italic } /* Generic.Emph */
|
||||
.highlight .gr { color: #aa0000 } /* Generic.Error */
|
||||
.highlight .gh { color: #999999 } /* Generic.Heading */
|
||||
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
|
||||
.highlight .gi .x { color: #000000; background-color: #aaffaa } /* Generic.Inserted.Specific */
|
||||
.highlight .go { color: #888888 } /* Generic.Output */
|
||||
.highlight .gp { color: #555555 } /* Generic.Prompt */
|
||||
.highlight .gs { font-weight: bold } /* Generic.Strong */
|
||||
.highlight .gu { color: #aaaaaa } /* Generic.Subheading */
|
||||
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
|
||||
.highlight .kc { font-weight: bold } /* Keyword.Constant */
|
||||
.highlight .kd { font-weight: bold } /* Keyword.Declaration */
|
||||
.highlight .kp { font-weight: bold } /* Keyword.Pseudo */
|
||||
.highlight .kr { font-weight: bold } /* Keyword.Reserved */
|
||||
.highlight .kt { color: #445588; font-weight: bold } /* Keyword.Type */
|
||||
.highlight .m { color: #009999 } /* Literal.Number */
|
||||
.highlight .s { color: #d14 } /* Literal.String */
|
||||
.highlight .na { color: #008080 } /* Name.Attribute */
|
||||
.highlight .nb { color: #0086B3 } /* Name.Builtin */
|
||||
.highlight .nc { color: #445588; font-weight: bold } /* Name.Class */
|
||||
.highlight .no { color: #008080 } /* Name.Constant */
|
||||
.highlight .ni { color: #800080 } /* Name.Entity */
|
||||
.highlight .ne { color: #990000; font-weight: bold } /* Name.Exception */
|
||||
.highlight .nf { color: #990000; font-weight: bold } /* Name.Function */
|
||||
.highlight .nn { color: #555555 } /* Name.Namespace */
|
||||
.highlight .nt { color: #000080 } /* Name.Tag */
|
||||
.highlight .nv { color: #008080 } /* Name.Variable */
|
||||
.highlight .ow { font-weight: bold } /* Operator.Word */
|
||||
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
|
||||
.highlight .mf { color: #009999 } /* Literal.Number.Float */
|
||||
.highlight .mh { color: #009999 } /* Literal.Number.Hex */
|
||||
.highlight .mi { color: #009999 } /* Literal.Number.Integer */
|
||||
.highlight .mo { color: #009999 } /* Literal.Number.Oct */
|
||||
.highlight .sb { color: #d14 } /* Literal.String.Backtick */
|
||||
.highlight .sc { color: #d14 } /* Literal.String.Char */
|
||||
.highlight .sd { color: #d14 } /* Literal.String.Doc */
|
||||
.highlight .s2 { color: #d14 } /* Literal.String.Double */
|
||||
.highlight .se { color: #d14 } /* Literal.String.Escape */
|
||||
.highlight .sh { color: #d14 } /* Literal.String.Heredoc */
|
||||
.highlight .si { color: #d14 } /* Literal.String.Interpol */
|
||||
.highlight .sx { color: #d14 } /* Literal.String.Other */
|
||||
.highlight .sr { color: #009926 } /* Literal.String.Regex */
|
||||
.highlight .s1 { color: #d14 } /* Literal.String.Single */
|
||||
.highlight .ss { color: #990073 } /* Literal.String.Symbol */
|
||||
.highlight .bp { color: #999999 } /* Name.Builtin.Pseudo */
|
||||
.highlight .vc { color: #008080 } /* Name.Variable.Class */
|
||||
.highlight .vg { color: #008080 } /* Name.Variable.Global */
|
||||
.highlight .vi { color: #008080 } /* Name.Variable.Instance */
|
||||
.highlight .il { color: #009999 } /* Literal.Number.Integer.Long */
|
12
index.html
Normal file
12
index.html
Normal file
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
layout: default
|
||||
title: brendan mcdevitt
|
||||
---
|
||||
|
||||
<div id="home">
|
||||
<h1>Blog Posts</h1>
|
||||
<ul class="posts">
|
||||
{% for post in site.posts %}
|
||||
<li><span>{{ post.date | date_to_string }}</span> » <a href="{{ post.url }}">{{ post.title }}</a></li>
|
||||
{% endfor %}
|
||||
</ul>
|
6
index.md
6
index.md
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
# You don't need to edit this file, it's empty on purpose.
|
||||
# Edit theme's home layout instead if you wanna make some changes
|
||||
# See: https://jekyllrb.com/docs/themes/#overriding-theme-defaults
|
||||
layout: home
|
||||
---
|
Loading…
Add table
Reference in a new issue