Skip to content

Instantly share code, notes, and snippets.

View dcode's full-sized avatar
💭
Hack the 🌎!

Derek Ditch dcode

💭
Hack the 🌎!
141 followers · 15 following
View GitHub Profile
@dcode
dcode / cobbler-pi.md
Created November 20, 2015 18:06
Cobbler Pi - Instructions for setting up cobbler on a Raspberry Pi

Requirements:

  • Raspberry Pi (I used the B+ model)
  • Enough hard drive space for install media (I mounted a 16 GB USB3 drive at /var/www/cobbler/)

Installation

The problem with installing cobbler on a Raspberry Pi, is that it depends on the syslinux package, which is not available for ARM architectures. More importantly, we specifically need the x86 version of syslinux anyway, because it provides the files that will be used to PXE boot systems (which in my case is x86_64 arch).

@dcode
dcode / colorize
Last active February 3, 2022 20:48
Will truncate each field to a maximum value (set via $1) and colorize output. Useful to tabulate data. Also included the original colorize that doesn't truncate.
#!/bin/bash
cat - | sed 's/^#[a-z]*s[^a-z]//' | gawk -vOFS='\t' -vT_LEN="$T_LEN" 'BEGIN {FS="\t" }; {for(i=1;i<=NF;i++) { printf("\x1b[%sm%s\t\x1b[0m",(i%7)+31,$i) } ;print ""}'
@dcode
dcode / extract_smtp_stream.bro
Created November 4, 2015 17:59
Extracts SMTP stream going both directions using Bro. Similar to "Follow TCP Stream" in Wireshark.
event protocol_confirmation (c: connection, atype: Analyzer::Tag, aid: count)
{
if ( atype == Analyzer::ANALYZER_SMTP )
{
local both_file = generate_extraction_filename(Conn::extraction_prefix, c, "both.dat");
local both_f = open(both_file);
set_contents_file(c$id, CONTENTS_BOTH, both_f);
}
}
@dcode
dcode / 0_reuse_code.js
Created November 4, 2015 13:20
Here are some things you can do with Gists in GistBox.
// Use Gists to store code you would like to remember later on
console.log(window); // log the "window" object to the console
@dcode
dcode / change_kernel_el7.md
Created October 29, 2015 15:13

Change Default Kernel in EL7

Following command can be used to list the kernels in centos 7

# egrep ^menuentry /etc/grub2.cfg | cut -f 2 -d \'
Linux Server, with Linux 3.10.0-123.el7.x86_64
Linux Server, with Linux 3.10.0-123.4.4.el7.x86_64
Linux Server, with Unbreakable Enterprise Kernel 3.8.13-35.3.2.el7uek.x86_64
Linux Server, with Unbreakable Enterprise Kernel 3.8.13-35.3.1.el7uek.x86_64
@dcode
dcode / emergency_stop.sh
Created October 27, 2015 14:37
Emergency stop for bro when it tries to bully you out of the system.
ps -ef | grep bin/bro | awk '{ print $2 }' | xargs -n1 kill -9
@dcode
dcode / install-bro-w_pfring_and_options.sh
Created October 22, 2015 14:02
Install bro packages that include PF_RING and optional performance enhancements on CentOS 7
# Install epel
sudo yum -y install epel-release
# Install kernel headers for current kernel
sudo yum install -y kernel-devel-$(uname -r) kernel-headers-$(uname -r)
# Install ntop repos
cat << EOF | sudo tee /etc/yum.repos.d/ntop.repo
[ntop]
name=ntop packages
@dcode
dcode / 90-interfaces.conf
Last active November 5, 2015 17:16
Setup interfaces for monitoring
# Put this into /etc/sysctl.d/90-interfaces.conf for each interface (below is for interface 'eno3')
net.ipv6.conf.eno3.disable_ipv6=1
net.ipv6.conf.eno3.autoconf=0
@dcode
dcode / System Info
Created October 21, 2015 13:49
PF_RING 6.0.3 Crash dump on CentOS 7, kernel 3.10.0-229.el7.x86_64
This GDB was configured as "x86_64-unknown-linux-gnu"...
KERNEL: /usr/lib/debug/lib/modules/3.10.0-229.el7.x86_64/vmlinux
DUMPFILE: /var/crash/127.0.0.1-2015.10.20-22:22:58/vmcore [PARTIAL DUMP]
CPUS: 24
DATE: Tue Oct 20 22:22:51 2015
UPTIME: 00:16:49
LOAD AVERAGE: 0.00, 0.01, 0.04
TASKS: 355
NODENAME: reciever2
@dcode
dcode / pop3-main.bro
Created October 14, 2015 12:15
basic pop3 analyzer for bro
##! Basic POP3 analyzer
# From here: https://github.com/albert-magyar/bro/blob/topic/pop3/scripts/base/protocols/pop3/main.bro
@load base/utils/numbers
@load base/utils/files
module POP3;
export {
redef enum Log::ID += { LOG };