- disable input once historical data onboarding is completed.
- required on UF, HF, IDX, SH
[monitor:///usr/local/bro/logs/*/*.log.gz]
sourcetype = brogz
index = bro
https://developers.redhat.com/blog/2016/03/31/no-cost-rhel-developer-subscription-now-available/
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 10000 -nodes |
[WinEventLog:Security] | |
#Returns most of the space savings XML would provide | |
SEDCMD-clean0-null_sids = s/(?m)(^\s+[^:]+\:)\s+-?$/\1/g s/(?m)(^\s+[^:]+\:)\s+-?$/\1/g s/(?m)(\:)(\s+NULL SID)$/\1/g s/(?m)(ID\:)(\s+0x0)$/\1/g | |
SEDCMD-clean1-summary = s/This event is generated[\S\s\r\n]+$//g | |
SEDCMD-clean2-cert_summary = s/Certificate information is only[\S\s\r\n]+$//g | |
SEDCMD-clean3-blank_ipv6 = s/::ffff://g | |
SEDCMD-clean4-token_elevation_summary = s/Token Elevation Type indicates[\S\s\r\n]+$//g | |
SEDCMD-clean5-network_share_summary = s/(?ms)(A network share object was checked to see whether.*$)//g | |
SEDCMD-clean6-authentication_summary = s/(?ms)(The computer attempted to validate the credentials.*$)//g | |
SEDCMD-clean7-local_ipv6 = s/(?ms)(::1)//g |
#!/bin/bash | |
# NB: First install nscd with sudo apt-get install nscd | |
# run this command to flush dns cache: | |
sudo /etc/init.d/dns-clean restart | |
# or use: | |
sudo /etc/init.d/networking force-reload | |
# Flush nscd dns cache: | |
sudo /etc/init.d/nscd restart |
cat << EOF | sudo tee /etc/yum.repos.d/ol7_addons.repo | |
[ol7_addons] | |
name=Oracle Linux $releasever Add ons (\$basearch) | |
baseurl=http://public-yum.oracle.com/repo/OracleLinux/OL7/addons/\$basearch/ | |
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle | |
gpgcheck=1 | |
enabled=1 | |
EOF | |
# Verify this manually if you're paranoid like me |
Here are several different ways to test a TCP port without telnet.
$ cat < /dev/tcp/127.0.0.1/22
SSH-2.0-OpenSSH_5.3
^C
$ cat < /dev/tcp/127.0.0.1/23
csshX --login user --ssh_args '-i /path/to/key.pem' ddd.ddd.ddd.dd1 ddd.ddd.ddd.dd2 |
Magic words:
psql -U postgres
Some interesting flags (to see all, use -h
or --help
depending on your psql version):
-E
: will describe the underlaying queries of the \
commands (cool for learning!)-l
: psql will list all databases and then exit (useful if the user you connect with doesn't has a default database, like at AWS RDS)$('form').each(function(i, el){ | |
var sender = $(this).parent().siblings('p').text().trim(); | |
if (sender == 'Errbit') { | |
var data = 'action=delete'; | |
data += '&message_id='+$(el).find('input[name="message_id"]').val(); | |
data += '&xsrf_token='+$(el).find('input[name="xsrf_token"]').val(); | |
data += '&message_index='+$(el).find('input[name="message_index"]').val(); | |
$.ajax({ | |
type: $(el).attr('method'), | |
url: $(el).attr('action'), |