- select large memory instance
- A machine with 64 GB of RAM is the ideal sweet spot, but 32 GB and 16 GB machines are also common. Less than 8 GB tends to be counterproductive (you end up needing many, many small machines), and greater than 64 GB has problems.
- In general, it is better to prefer medium-to-large boxes.
- create swap using instance store disk, not EBS.
- Disks should be ssd and iops
cfq(default I/O Scheduler in *nix) is inefficient for SSD, however, since there are no spinning platters involved. Instead,deadlineornoopshould be used instead. The deadline scheduler optimizes based on how long writes have been pending, while noop is just a simple FIFO queue.
cyhook
/ Jenkinsfile.groovy
Created
November 21, 2022 12:36
— forked from Faheetah/Jenkinsfile.groovy
Jenkinsfile idiosynchrasies with escaping and quotes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| node { | |
| echo 'Results included as an inline comment exactly how they are returned as of Jenkins 2.121, with $BUILD_NUMBER = 1' | |
| echo 'No quotes, pipeline command in single quotes' | |
| sh 'echo $BUILD_NUMBER' // 1 | |
| echo 'Double quotes are silently dropped' | |
| sh 'echo "$BUILD_NUMBER"' // 1 | |
| echo 'Even escaped with a single backslash they are dropped' | |
| sh 'echo \"$BUILD_NUMBER\"' // 1 | |
| echo 'Using two backslashes, the quotes are preserved' | |
| sh 'echo \\"$BUILD_NUMBER\\"' // "1" |
cyhook
/ Security_Onion_MIME_Types.list
Last active
March 3, 2020 07:30
— forked from adamfisher/MIME Extension Mappings.xml
Maps file extensions to MIME types.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ["application/x-dosexec"] = "exe", | |
| ["text/x-python"] = "py", | |
| ["application/x-tar"] = "tar", | |
| ["text/plain"] = "txt", | |
| ["application/zip"] = "zip", | |
| ["multipart/x-zip"] = "zip", | |
| ["multipart/x-gzip"] = "gzip", | |
| ["text/x-script.python"] = "py", | |
| ["application/x-bytecode.python"] = "pyc", | |
| ["audio/x-mpeg"] = "mp3", |
cyhook
/ configure_bro_json-logs.sh
Created
August 3, 2019 10:42
— forked from dcode/configure_bro_json-logs.sh
This snippet configures bro to write logs out in JSON instead of the tab-delimited format. It also configures it to use ISO8601 timestamps instead of unix epoch time.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Configure bro to write JSON logs | |
| mkdir -p /opt/bro/share/bro/site/scripts | |
| sudo tee /opt/bro/share/bro/site/scripts/json-logs.bro << EOF | |
| @load tuning/json-logs | |
| redef LogAscii::json_timestamps = JSON::TS_ISO8601; | |
| redef LogAscii::use_json = T; | |
| EOF | |
| sudo tee -a /opt/bro/share/bro/site/local.bro << EOF |
cyhook
/ nginx.conf
Created
September 3, 2018 06:35
— forked from plentz/nginx.conf
Best nginx configuration for improved security(and performance). Complete blog post here http://tautt.com/best-nginx-configuration-for-security/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |
cyhook
/ api_client.php
Created
June 27, 2018 17:09
— forked from nuxsmin/api_client.php
Basic (very) CURL client to connect to sysPass API
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $data = [ | |
| 'jsonrpc' => '2.0', | |
| 'method' => 'backup', | |
| 'params' => [ | |
| 'authToken' => 'PUT_YOUR_TOKEN_HERE', | |
| // 'id' => '11', | |
| // 'userPass' => 'debian', | |
| // 'text' => 'Keepass', |
cyhook
/ create-mysql.bash
Created
June 27, 2018 07:15
— forked from omeinusch/create-mysql.bash
Simple bash script to create mysql db, user with generated password
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| PASS=`pwgen -s 40 1` | |
| mysql -uroot <<MYSQL_SCRIPT | |
| CREATE DATABASE $1; | |
| CREATE USER '$1'@'localhost' IDENTIFIED BY '$PASS'; | |
| GRANT ALL PRIVILEGES ON $1.* TO '$1'@'localhost'; | |
| FLUSH PRIVILEGES; | |
| MYSQL_SCRIPT |
cyhook
/ grafana-backup.sh
Created
June 13, 2018 09:54
— forked from sithu/grafana-backup.sh
Grafana sqlite backup script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat /usr/share/grafana/grafana-backup.sh | |
| #!/bin/bash | |
| DB="/var/lib/grafana/grafana.db" | |
| BACKUP="/data/backup/grafana/grafana.db-$(date +%Y%m%d).bck" | |
| SQLITE=/usr/bin/sqlite3 | |
| ZIP=/bin/gzip | |
| ${SQLITE} ${DB} ".backup ${BACKUP}" | |
| ${ZIP} ${BACKUP} |
cyhook
/ wmic-install
Last active
May 3, 2018 17:27
— forked from rickheil/wmic-install
installing wmic for linux
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # compiles WMIC for linux | |
| apt-get install autoconf | |
| cd /usr/src | |
| wget http://www.openvas.org/download/wmi/wmi-1.3.14.tar.bz2 | |
| bzip2 -cd wmi-1.3.14.tar.bz2 | tar xf - | |
| cd wmi-1.3.14/ |
cyhook
/ ELK_stack.md
Created
January 27, 2018 15:52
— forked from rahulwa/ELK_stack.md
TODO in production for ELK stack
cyhook
/ gist:f9ed660c7ac50e8e0ca353c6e6cf19b5
Last active
September 28, 2017 12:31
— forked from alokjani/gist:d9eda34a1b5ab70a50e8
Howto - Ubuntu 14.04 with Request Tracker and RT for Incident Response
NewerOlder