View update_aws.sh
#!/bin/bash
ZONE="example.com"
HOSTNAME="test"
SGROUP="my_security_group"
CURRENT_IP=$(dig @resolver1.opendns.com myip.opendns.com +short)
OLD_IP=$(dig @resolver1.opendns.com $HOSTNAME.$ZONE +short)
if [[ $CURRENT_IP =~ [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ ]] ; then
View dns-analyzer.sh
#!/bin/bash
# Note: Do not run this script as root. Allow the standard user under which it runs the ability to execute /bin/fuser without entering credentials.
# Example: username ALL = (root) NOPASSWD: /bin/fuser
cd /capture
for file in dns*.pcap;
do
if ! sudo fuser -s $file; then
/usr/bin/tshark -n -t ad -r $file | awk '{ if ($10 !="query") print $2, $3, "ERROR: " $0; else if ($11 == "response") print $2, $3, $12, "R", $4, $6, substr($0, index($0,$13)); else print $2, $3, $11, "Q", $4, $6, $12, $13, $14 }' 1>>/var/log/dns/query.log 2>/dev/null;
mv $file /capture/processed/$file
fi
View dns-sniffer.sh
#!/bin/bash
# Note: Do not run this script as root. You know better than that. Allow the standard user under which it runs the ability to execute /usr/sbin/tcpdump.
# Example: setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/sbin/dumpcap
/usr/sbin/tcpdump -i [INTERFACE] -s0 -G 300 -w '/capture/dns_%Y-%m-%d_%H:%M:%S.pcap' 'port 53'
View dns-sniffer.service
[Unit]
Description=DNS Sniffer
[Service]
User=[USERNAME_HERE]
ExecStart=/usr/local/bin/dns-sniffer.sh
[Install]
WantedBy=multi-user.target
View ticketbleed.go
package main
import (
"crypto/tls"
"fmt"
"log"
"strings"
"os"
)
View conkyrc
# .conkyrc
background yes
use_xft yes
xftfont Droid:normal:size=10
xftalpha 1
update_interval 1.0
top_cpu_separate true
total_run_times 0
own_window yes
View update_dnsbl.sh
#!/bin/bash
HOME=/var/named
ADLISTURL="https://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig;showintro=0;mimetype=plaintext"
MWLISTURL="http://mirror1.malwaredomains.com/files/spywaredomains.zones"
ADLISTFILE=/tmp/adlistfile
MWLISTFILE=/tmp/mwlistfile
# Download newest blacklists
curl -s -o $ADLISTFILE $ADLISTURL
View iptohex.py
#!/usr/bin/python
import sys
import re
def DecToHex(dec_ip):
dec_octets = str.split(dec_ip, '.')
hex_octets = []
if len(dec_octets) != 4:
View checklog.py
#!/usr/bin/python
import sys
import re
def ParseLog(filename, search_string):
try:
f = open(filename, 'rU')
except IOError:
print '\n*** I/O Error: Can\'t read file', filename, '***\n'
View service
#!/bin/bash
# Replace myservice with your service name. Insert commands where noted.
# chkconfig: - 99 00
# Source function library.
. /etc/rc.d/init.d/functions
case "$1" in
start)
echo -n "Starting myservice"