Create a template service file at /etc/systemd/system/secure-tunnel@.service
. The template parameter will correspond to the name
of target host:
[Unit]
Description=Setup a secure tunnel to %I
After=network.target
# How to sign your custom RPM package with GPG key | |
# Step: 1 | |
# Generate gpg key pair (public key and private key) | |
# | |
# You will be prompted with a series of questions about encryption. | |
# Simply select the default values presented. You will also be asked | |
# to create a Real Name, Email Address and Comment (comment optional). | |
# | |
# If you get the following response: |
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log
and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
# create an account, create an app | |
# @see https://apps.twitter.com/ | |
# retrieve the access tokens | |
# @see https://dev.twitter.com/oauth/reference/post/oauth2/token | |
# create the file ~/twitter_api | |
nano ~/twitter_api | |
Authorization: OAuth oauth_consumer_key="XXXXXX", oauth_nonce="11111111", oauth_signature="XXXXXX", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1450728725", oauth_token="99999-XXXXXX", oauth_version="1.0" |
{% if salt['pkg.version']('apache2') %} | |
poodle apache server restart: | |
service.running: | |
- name: apache2 | |
{% for foundfile in salt['cmd.run']('rgrep -m 1 SSLProtocol /etc/apache*').split('\n') %} | |
{% if 'No such file' not in foundfile and 'bak' not in foundfile and foundfile.strip() != ''%} | |
poodle {{ foundfile.split(':')[0] }}: | |
file.replace: | |
- name : {{ foundfile.split(':')[0] }} | |
- pattern: "SSLProtocol all -SSLv2[ ]*$" |
#!/bin/bash | |
set -e | |
if [ "${LISTEN_PID}" != $$ ]; then | |
echo >&2 "file descriptors not for us, pid not matching: '${LISTEN_PID}' != '$$'" | |
exit 255 | |
fi | |
if [ "${LISTEN_FDS}" != "1" ]; then |
# inspired by http://askubuntu.com/a/528171 and the comments below | |
# build bash 3.2, though this should work for other versions as well | |
BASH_MAJOR=3 | |
BASH_MINOR=2 | |
# prerequisites | |
sudo apt-get install build-essential gettext bison | |
# get bash source |