I hereby claim:
- I am cjharms on github.
- I am gastro (https://keybase.io/gastro) on keybase.
- I have a public key ASCXkcX_WXAgrVhteqQVDncTWWvxZIfxvxLCT1_NPpPEFwo
To claim this, I am signing this object:
CJHarms CJHarms
CJHarms
/ keybase.md
Created
January 19, 2018 08:04
CJHarms
/ NS-Mozilla-Intermediate-Cipher-List-NoRSA.conf
Created
January 12, 2018 13:39
NetScaler Mozilla Intermediate Cipher List without any RSA Encryption Ciphers to prevent the ROBOT Attack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| add ssl cipher Intermediate-Cipher-List-NoRSA | |
| bind ssl cipher Intermediate-Cipher-List-NoRSA -cipherName TLS1.2-ECDHE-RSA-CHACHA20-POLY1305 | |
| bind ssl cipher Intermediate-Cipher-List-NoRSA -cipherName TLS1.2-ECDHE-ECDSA-AES128-GCM-SHA256 | |
| bind ssl cipher Intermediate-Cipher-List-NoRSA -cipherName TLS1.2-ECDHE-RSA-AES128-GCM-SHA256 | |
| bind ssl cipher Intermediate-Cipher-List-NoRSA -cipherName TLS1.2-ECDHE-ECDSA-AES256-GCM-SHA384 | |
| bind ssl cipher Intermediate-Cipher-List-NoRSA -cipherName TLS1.2-ECDHE-RSA-AES256-GCM-SHA384 | |
| bind ssl cipher Intermediate-Cipher-List-NoRSA -cipherName TLS1.2-DHE-RSA-AES128-GCM-SHA256 | |
| bind ssl cipher Intermediate-Cipher-List-NoRSA -cipherName TLS1.2-DHE-RSA-AES256-GCM-SHA384 | |
| bind ssl cipher Intermediate-Cipher-List-NoRSA -cipherName TLS1.2-ECDHE-ECDSA-AES128-SHA256 |
CJHarms
/ NetScaler-HTTPS-Redirect.conf
Created
July 28, 2016 06:20
NetScaler Redirect HTTP to HTTPS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| add responder action resp_act_HTTPS_Redirect redirect "\"https://\" + HTTP.REQ.HOSTNAME.HTTP_URL_SAFE" -responseStatusCode 302 | |
| add responder policy resp_pol_HTTPS_Redirect "HTTP.REQ.URL.PATH.EQ(\"/\")" resp_act_HTTPS_Redirect |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Remove all CDP Extensions and adds new correct ones | |
| $crllist = Get-CACrlDistributionPoint; foreach ($crl in $crllist) {Remove-CACrlDistributionPoint $crl.uri -Force}; | |
| Add-CACRLDistributionPoint -Uri C:\Windows\System32\CertSrv\CertEnroll\Customer-RootCA%8%9.crl -PublishToServer -PublishDeltaToServer -Force | |
| Add-CACRLDistributionPoint -Uri file://\\pki.contoso.local\pki\Customer-RootCA%8%9.crl -PublishToServer -PublishDeltaToServer -Force | |
| Add-CACRLDistributionPoint -Uri http://pki.contoso.local/pki/Customer-RootCA%8%9.crl -AddToCertificateCDP -AddToFreshestCrl -Force | |
| # Remove all AIA Extensions except for the Default one for C:\Windows\system32\CertSrv\CertEnroll | |
| Add-CAAuthorityInformationAccess -Uri http://pki.contoso.local/pki/Customer-RootCA%4.crt -AddToCertificateAia -Force | |
| Add-CAAuthorityInformationAccess -Uri http://pki.contoso.local/ocsp -AddToCertificateOcsp -Force |
CJHarms
/ CAPolicy.inf
Last active
May 16, 2023 16:32
Microsoft AD CS Intermediate CAPolicy.inf Example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Version] | |
| Signature="$Windows NT$" | |
| ;[RequestAttributes] | |
| ;CertificateTemplate=ExampleSubCA | |
| [PolicyStatementExtension] | |
| Policies=InternalPolicy,AllIssuancePolicy | |
| [AllIssuancePolicy] |
CJHarms
/ NetScaler-Sharefile-AAATM-SAML.conf
Created
July 15, 2016 06:42
NetScaler Sharefile SAML IDP
CJHarms
/ NS-Mozilla-Intermediate-Cipher-List.conf
Last active
April 22, 2020 20:20
NetScaler Mozilla Intermediate Cipher List
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| add ssl cipher Intermediate-Cipher-List | |
| bind ssl cipher Intermediate-Cipher-List -cipherName TLS1.2-ECDHE-RSA-CHACHA20-POLY1305 | |
| bind ssl cipher Intermediate-Cipher-List -cipherName TLS1.2-ECDHE-ECDSA-AES128-GCM-SHA256 | |
| bind ssl cipher Intermediate-Cipher-List -cipherName TLS1.2-ECDHE-RSA-AES128-GCM-SHA256 | |
| bind ssl cipher Intermediate-Cipher-List -cipherName TLS1.2-ECDHE-ECDSA-AES256-GCM-SHA384 | |
| bind ssl cipher Intermediate-Cipher-List -cipherName TLS1.2-ECDHE-RSA-AES256-GCM-SHA384 | |
| bind ssl cipher Intermediate-Cipher-List -cipherName TLS1.2-DHE-RSA-AES128-GCM-SHA256 | |
| bind ssl cipher Intermediate-Cipher-List -cipherName TLS1.2-DHE-RSA-AES256-GCM-SHA384 | |
| bind ssl cipher Intermediate-Cipher-List -cipherName TLS1.2-ECDHE-ECDSA-AES128-SHA256 |
CJHarms
/ NS-Mozilla-Modern-Cipher-List.conf
Last active
March 9, 2018 15:32
NetScaler Mozilla Modern Cipher List
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| add ssl cipher Modern-Cipher-List | |
| bind ssl cipher Modern-Cipher-List -cipherName TLS1.2-ECDHE-ECDSA-AES256-GCM-SHA384 | |
| bind ssl cipher Modern-Cipher-List -cipherName TLS1.2-ECDHE-RSA-AES256-GCM-SHA384 | |
| bind ssl cipher Modern-Cipher-List -cipherName TLS1.2-ECDHE-RSA-CHACHA20-POLY1305 | |
| bind ssl cipher Modern-Cipher-List -cipherName TLS1.2-ECDHE-ECDSA-AES128-GCM-SHA256 | |
| bind ssl cipher Modern-Cipher-List -cipherName TLS1.2-ECDHE-RSA-AES128-GCM-SHA256 | |
| bind ssl cipher Modern-Cipher-List -cipherName TLS1.2-ECDHE-ECDSA-AES256-SHA384 | |
| bind ssl cipher Modern-Cipher-List -cipherName TLS1.2-ECDHE-RSA-AES-256-SHA384 | |
| bind ssl cipher Modern-Cipher-List -cipherName TLS1.2-ECDHE-ECDSA-AES128-SHA256 |
CJHarms
/ NetScaler-O365-AAATM-SAML.conf
Last active
March 23, 2018 14:54
NetScaler O365 SAML AAA-TM Authentication Policies
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set authentication ldapPolicy auth_pol_LDAPS -Attribute1 mail -Attribute2 objectGUID | |
| add authentication samlIdPProfile auth_prof_saml_idp_Office365 -samlIdPCertName SAML-SigningCert -assertionConsumerServiceURL "https://login.microsoftonline.com/login.srf" -samlIssuerName "https://login.example.com/saml/login" -signatureAlg RSA-SHA256 -digestMethod SHA256 -audience urn:federation:MicrosoftOnline -NameIDFormat persistent -NameIDExpr "HTTP.REQ.USER.ATTRIBUTE(2).B64ENCODE" -Attribute1 IDPEmail -Attribute1Expr "HTTP.REQ.USER.ATTRIBUTE(1)" | |
| add authentication samlIdPPolicy auth_pol_saml_idp_Office365 -rule "HTTP.REQ.HEADER(\"Referer\").CONTAINS(\"https://login.microsoftonline.com/PostToIDP.srf\")" -action auth_prof_saml_idp_Office365 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Exclusion List - Directories | |
| $Recycle.Bin | |
| AppData\Local\Microsoft\Windows\Burn | |
| AppData\Local\Microsoft\Windows Live | |
| AppData\Local\Microsoft\Windows Live Contacts | |
| AppData\Local\Microsoft\Terminal Server Client | |
| AppData\Local\Microsoft\Messenger | |
| AppData\Local\Microsoft\OneNote | |
| AppData\Local\Windows Live | |
| AppData\Local\Sun |
NewerOlder