Hugo | DevOps | Cybersecurity12h ago

CVE-2014-0160 Heartbleed exploit using OpenSSL s_client with -tlsextdebug flag to extract up to 64KB of server heap memory per heartbeat request. Tested on Ubuntu 22.04, Debian 12, Kali Linux. #cve #heartbleed #ValtersIT

https://www.valtersit.com/vault/cve20140160-heartbleed-memory-dump-extraction-via-openssl-ffe2d0/

CVE-2014-0160 Heartbleed Memory Dump Extraction via OpenSSL | Expert Vault | Valters IT Hub

This snippet uses OpenSSL to exploit the Heartbleed vulnerability (CVE-2014-0160) for testing purposes, extracting up to 64KB of server memory per heartbea

Valters IT Hub
Hugo | DevOps | Cybersecurity16h ago

Need consistent MongoDB replica set backups? Use mongodump with --oplog for point-in-time consistency. Connects to primary, captures writes during dump, writes BSON files, and compresses with gzip. Works on Ubuntu 22.04, CentOS 7, RHEL 9. #database #snippet #mongodb #mongodump #ValtersIT

https://www.valtersit.com/vault/mongodb-replica-set-backup-with-mongodump-and-oplog-270774/

MongoDB Replica Set Backup with mongodump and Oplog | Expert Vault | Valters IT Hub

This command performs a consistent backup of a MongoDB replica set by connecting to the primary node and including the oplog. The --oplog flag captures ong

Valters IT Hub
Hugo | DevOps | Cybersecurity19h ago

Multi-stage Docker build for Rails 7: precompile assets with Yarn in stage 1, copy only essentials to slim Ruby image. Cuts final image size by excluding dev gems and build tools. #docker #ruby #rails #ValtersIT

https://www.valtersit.com/vault/ruby-on-rails-with-asset-precompilation-and-yarn-f54291/

Ruby on Rails with Asset Precompilation and Yarn | Expert Vault | Valters IT Hub

This multi-stage build optimizes a Ruby on Rails application by precompiling assets in a separate stage to reduce final image size. The first stage uses a

Valters IT Hub
Hugo | DevOps | Cybersecurity1d ago

Automate Elasticsearch index transitions with a hot-warm-cold-delete ILM policy. Triggers rollover at 50GB, then shrink, force merge, and freeze by age thresholds using a state machine. Phases: hot → warm (min_age) → cold → delete. #elasticsearch #ilm #ValtersIT

https://www.valtersit.com/vault/elasticsearch-index-lifecycle-hotwarmcolddelete-policy-1a23e4/

Elasticsearch Index Lifecycle Hot-Warm-Cold-Delete Policy | Expert Vault | Valters IT Hub

This index lifecycle management policy automates the transition of indices through hot, warm, cold, and delete phases based on age and size. Internally, El

Valters IT Hub
Hugo | DevOps | Cybersecurity1d ago

ZFS deduplication (dedup) saves space but eats RAM. Run DDT checks with zdb -D, identify duplicate blocks via awk, then delete/recreate dataset with dedup=off to clean up. Proxmox/FreeBSD compatible. #zfs #snippet #deduplication #storage #ValtersIT

https://www.valtersit.com/vault/zfs-deduplication-verification-and-cleanup-script-449f7b/

ZFS Deduplication Verification and Cleanup Script | Expert Vault | Valters IT Hub

This snippet runs a ZFS deduplication table (DDT) check and removes redundant blocks using zdb and zfs destroy. Deduplication stores unique blocks once and

Valters IT Hub
Hugo | DevOps | Cybersecurity1d ago

Exploit Heartbleed (CVE-2014-0160) with OpenSSL s_client: send a malformed heartbeat request with oversized payload length to extract up to 64KB of heap memory. Use -no_ssl3 -no_tls1 for TLS 1.0/1.1, -msg to capture leaked data. #cve #snippet #heartbleed #cve-2014-0160 #ValtersIT

https://www.valtersit.com/vault/heartbleed-memory-extraction-via-openssl-sclient-80ed4a/

Heartbleed Memory Extraction via OpenSSL s_client | Expert Vault | Valters IT Hub

This command uses OpenSSL's s_client to exploit Heartbleed (CVE-2014-0160) by sending a malformed heartbeat request with a large payload length, causing th

Valters IT Hub
Hugo | DevOps | Cybersecurity1d ago

ZFS native encryption with AES-256-GCM protects data at rest using a master key secured by passphrase. Each block gets a derived key. High throughput on modern CPUs with AES-NI. #zfs #encryption #ValtersIT

https://www.valtersit.com/vault/zfs-encryption-at-rest-with-native-dataset-encryption-a776b9/

ZFS Encryption at Rest with Native Dataset Encryption | Expert Vault | Valters IT Hub

This command creates a ZFS dataset with native encryption using AES-256-GCM, protecting data at rest without external tools. Internally, ZFS uses a master

Valters IT Hub
Hugo | DevOps | Cybersecurity1d ago

Running BGP between ZeroTier and your physical router? This snippet configures VyOS to redistribute ZeroTier subnets via iBGP using FRR, making zt0 routes available to your local network. Full config at #zerotier #snippet #bgp #vyos #ValtersIT

https://www.valtersit.com/vault/zerotier-route-redistribution-via-bgp-on-vyos-2c3ef2/

ZeroTier Route Redistribution via BGP on VyOS | Expert Vault | Valters IT Hub

This snippet configures VyOS to run BGP between the ZeroTier interface and the local network, advertising ZeroTier subnets to the physical router. It uses

Valters IT Hub
Hugo | DevOps | Cybersecurity2d ago
Stop SMBv1 attacks. Disable this legacy protocol via Registry to harden Windows security. Step-by-step guide with key paths and verification commands. #DevOps #Security #ValtersIT https://www.valtersit.com/vault/disable-smbv1-protocol-via-registry-181283/
Disable SMBv1 Protocol via Registry | Expert Vault | Valters IT Hub

This snippet disables the SMBv1 protocol on Windows systems by modifying the registry key for the SMBv1 server and client. The command sets the SMB1 value

Valters IT Hub
Hugo | DevOps | Cybersecurity3d ago

Stop false positives in ClamAV. Use signature-based exclusions to whitelist specific files without disabling detection. A precise approach for Linux security. #DevOps #Linux #Security #ValtersIT https://www.valtersit.com/vault/clamav-whitelisting-with-signaturebased-exclusions-3f

https://www.valtersit.com/vault/clamav-whitelisting-with-signaturebased-exclusions-3f4284/