new tls course notes and devops

SUMMARY.md

@@ -78,6 +78,13 @@
 ## ♾️ DevOps Everything
 
 * [🔗 DevOps Resources](devops-everything/README.md)
+  * [Introduction to DevOps](devops-everything/intro-devops.md)
+  * [Docker](devops-everything/docker.md)
+  * [Git](devops-everything/git.md)
+  * [Kubernetes](devops-everything/kubernetes.md)
+  * [Terraform](devops-everything/terraform.md)
+  * [Vim](devops-everything/vim.md)
+
 
 ## 🔬 Home Lab
 

courses-notes/practical-networking/practical-tls/1-tls-ssl/README.md

@@ -1 +1,85 @@
-# TLS/SSL Overview
+# TLS/SSL Overview
+
+## Introduction
+
+[**SSL**](https://www.cloudflare.com/learning/ssl/what-is-ssl/) (**S**ecure **S**ockets **L**ayer) and [**TLS**](https://www.cloudflare.com/learning/ssl/transport-layer-security-tls/) (**T**ransport **L**ayer **S**ecurity) are both protocols used to secure internet communication. SSL was the original, but it has largely been replaced by TLS due to security improvements.
+
+By creating a **secure, protected "tunnel" across the Internet**, they encrypt data to keep it private and secure while it's being transmitted between a client (like a web browser) and a server (like a website). TLS is the newer (SSL renamed by IETF), more secure version that's widely used today. The 2 terms are often used interchangeably.
+
+- **HTTPS** - HTTP secured by an SSL/TLS
+- SSL VPN for private corporate network
+- SSL VPN via public VPN provider
+
+The purpose of SSL/TLS is to protect the data that can be captured.
+
+- **Confidentiality** - data accessible only by client and server - Encryption
+- **Integrity** - data is not modified between client and server - **Hashing**
+- **Authentication** - client/server are who they say they are - **PKI**
+
+The data put on the wire is still passing through someone else's network.
+
+- **Anti-Replay** - prevents attackers from reusing intercepted data to gain unauthorized access. It provides sequence numbers built in to integrity and authentication mechanism.
+- **Non-Repudiation** - ensures parties can't deny their involvement in a transaction or communication.
+
+ The key players of the SSL/TLS ecosystem are:
+
+- **Client** - entity initiating the TLS handshake, `e.g.` web browser, apps, IoT, etc
+  - optionally authenticated at the SSL layer (rarely provides a certificate)
+- **Server** - entity receiving the TLS handshake, `e.g.` web server, etc
+  - always authenticated (the user has to know what server he is talking to)
+- **Certificate Authority** (CA) - governing entity that issues digital certificates to servers
+  - trusted by client and server
+  - provides **Trust Anchor** - if the client trusts the CA, it can trust what the CA trusts
+  - [CAs organizations](https://w3techs.com/technologies/overview/ssl_certificate): [Let's Encrypt](https://letsencrypt.org/), [IdenTrust](https://www.identrust.com/), [GlobalSign](https://www.globalsign.com/en), [Sectigo](https://www.sectigo.com/), [DigiCert](https://www.digicert.com/), [GoDaddy](https://www.godaddy.com/), ...
+
+## TLS/SSL Versions
+
+- [SSL Guide – The Complete Guide to SSL/TLS Certificates](https://aboutssl.org/ssl-guide/)
+
+![SSL/TLS Versions - aboutssl.org](.gitbook/assets/ssl-tls-versions.png)
+
+- [Qualys SSL Labs - SSL Pulse](https://www.ssllabs.com/ssl-pulse/)
+
+![Qualys SSL Labs - SSL Pulse](.gitbook/assets/ssl-pulse-feb2024.png)
+
+Security must be balanced with Accessibility, based on the usage case.
+
+- [TLS vs SSL: What's the Difference? Which One Should You Use? - Kinsta.com](https://kinsta.com/knowledgebase/tls-vs-ssl/)
+
+![TLS 1.3 Usage - Kinsta.com](.gitbook/assets/tls-13-usage-1.png)
+
+![TLS 1.2 usage - Kinsta.com](.gitbook/assets/tls-12-usage.png)
+
+
+
+**SSL v3.0** (declared insecure as of Oct 2014 due to POODLE attack), as a complete redesign of SSL v2.0 is the foundation of the following TLS versions (TLS 1.0, 1.1, 1.2).
+
+**TLS v1.0**
+
+- Protocol ownership transferred to [**I.E.T.F.**](https://www.ietf.org/)
+- almost identical to SSL v3.0
+- Vulnerability: BEAST attack on CBC ciphers
+- **protocol deprecated** on March 2021
+
+**TLS v1.1**
+
+- deprecated EXPORT grade ciphers
+- protection against CBC attacks
+- **protocol deprecated** on March 2021
+
+[**TLS v1.2**](https://datatracker.ietf.org/doc/html/rfc5246)
+
+- improved security of key generation
+- support for **AEAD** ciphers (**A**uthentication **E**ncryption with **A**ssociated **D**ata)
+- secure, recommended
+
+[**TLS v1.3**](https://datatracker.ietf.org/doc/html/rfc8446)
+
+- major changes from prior TLS/SSL versions, favors security and simplicity
+- shorted handshake
+- **forward secrecy** required
+- 0-RTT resumption
+- AEAD ciphers required
+
+---
+

courses-notes/practical-networking/practical-tls/2-cryptography/README.md

@@ -1 +1,2 @@
-# Cryptography
+# Cryptography
+

courses-notes/practical-networking/practical-tls/practicaltls-references.md

@@ -1 +1,14 @@
-# 🌐 Practical TLS References
+# 🌐 Practical TLS References
+
+- [AboutSSL Guide](https://aboutssl.org/ssl-guide/)
+- [What is Transport Layer Security (TLS)? - Cloudflare](https://www.cloudflare.com/learning/ssl/transport-layer-security-tls/)
+- [A complete overview of SSL/TLS and its cryptographic system - DEV Community](https://dev.to/techschoolguru/a-complete-overview-of-ssl-tls-and-its-cryptographic-system-36pd)
+- [Usage Statistics and Market Share of SSL Certificate Authorities for Websites May 2024](https://w3techs.com/technologies/overview/ssl_certificate)
+- [Qualys SSL Labs - SSL Pulse](https://www.ssllabs.com/ssl-pulse/)
+- [TLS vs SSL: What's the Difference? Which One Should You Use? - Kinsta.com](https://kinsta.com/knowledgebase/tls-vs-ssl/)
+- [Why use TLS 1.3? - Cloudflare](https://www.cloudflare.com/learning/ssl/why-use-tls-1.3/)
+
+## Tools
+
+- [How's My SSL?](https://www.howsmyssl.com/)
+- [SSL Server Test (Qualys SSL Labs)](https://www.ssllabs.com/ssltest/)

devops-everything/README.md

@@ -4,17 +4,17 @@
 
 - [CNCF - Cloud Native Computing Foundation](https://www.cncf.io/)
 
+- [ProDevOpsGuy - Cloud & DevOps Blogs](https://prodevopsguy.xyz/)
+  - [Intro The DevOps - Github](https://github.com/NotHarshhaa/into-the-devops)
+  - [DevOps Tools - Github](https://github.com/NotHarshhaa/devops-tools)
+  - [prodevopsguy - Telegram channel](https://t.me/prodevopsguy)
+
+- [DevOpsCube - Resources & Roadmaps](https://devopscube.com/)
+
 - [DevOps - Telegram](https://t.me/thedevs_devops)
 
-> Overview:
->
->  - DevOps Landscape: [https://roadmap.sh/devops](https://roadmap.sh/devops)
->
-> Cloud:
->  - Docker: [https://www.docker.com](https://www.docker.com)
->  - Kubernetes: [https://kubernetes.io](https://kubernetes.io)
->  - Terraform: [https://www.terraform.io](https://www.terraform.io)
->
+- [DevOps Roadmap.sh](https://roadmap.sh/devops)
+
 > CI/CD:
 > - GitHub Actions: [https://github.com/features/actions](https://github.com/features/actions)
 > - Travis: [https://travis-ci.org](https://travis-ci.org)
@@ -23,32 +23,23 @@
 > - CircleCI: [https://circleci.com](https://circleci.com)
 > - AppVeyor: [https://www.appveyor.com](https://www.appveyor.com)
 > - Bamboo (Altassian): [https://www.atlassian.com/software/bamboo](https://www.atlassian.com/software/bamboo)
-> - Argo CD: [https://argoproj.github.io/cd/](https://argoproj.github.io/cd/)
+>- Argo CD: [https://argoproj.github.io/cd/](https://argoproj.github.io/cd/)
 > - Flux: [https://fluxcd.io/](https://fluxcd.io/)
 > - Agola: [https://github.com/agola-io/agola](https://github.com/agola-io/agola)
 > - Buildkite: [https://buildkite.com/](https://buildkite.com/)
 > - GoCD: [https://github.com/gocd/gocd](https://github.com/gocd/gocd)
 > - Octopus Deploy: [https://octopus.com/](https://octopus.com/)
 > - TeamCity: [https://www.jetbrains.com/teamcity/](https://www.jetbrains.com/teamcity/)
->
-> Repos:
->   - Artifactory (jFrog): [https://jfrog.com/artifactory/](https://jfrog.com/artifactory/)
->
+> 
+> 
+> 
 > Service Mesh:
 >  - Consul (Hashicorp): [https://www.consul.io/](https://www.consul.io/)
 > - Istio: [https://istio.io/](https://istio.io/)
->
-> Kubernetes:
->  - Backups:
->     - Velero: [https://github.com/vmware-tanzu/velero](https://github.com/vmware-tanzu/velero)
->   - Serverless:
->     - Knative: [https://github.com/knative](https://github.com/knative)
->
-> Standards:
->  - Open Containers Initiative (OCI): [https://www.opencontainers.org](https://www.opencontainers.org)
-> - Cloud Native Computing Foundation (CNCF): [https://www.cncf.io/](https://www.cncf.io/)
->
-> Documentation:
+> 
+> 
+> 
+>Documentation:
 > - Principles of Chaos: [http://principlesofchaos.org/](http://principlesofchaos.org/)
 > - Visualize your architecture: [http://c4model.com](http://c4model.com)
 >
@@ -60,6 +51,8 @@
 ## 📚 Courses
 
 - [TechWorld - DevOps Bootcamp By Nana](https://www.techworld-with-nana.com/devops-bootcamp) - 68h
+  - [DevOps Bootcamp - Exercises](https://gitlab.com/devops-bootcamp3)
+
 
 ![DevOps Bootcamp Schedule](.gitbook/assets/nana-schedule.png)
 
@@ -68,8 +61,8 @@
 
 - [TechWorld - Certified Kubernetes Administrator (CKA Course)](https://www.techworld-with-nana.com/kubernetes-administrator-cka)
 - [KodeKloud Training Courses](https://kodekloud.com/)
-
   - [KodeKloud Engineer Practice](https://engineer.kodekloud.com/signup?referral=6607378b4014655f23f038ae)
+  - [Udemy - Certified Kubernetes Administrator (CKA) with Practice Tests](https://www.udemy.com/course/certified-kubernetes-administrator-with-practice-tests/)
 
 
 ---