This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Configuration file for a typical Tor user | |
## Last updated 2 September 2014 for Tor 0.2.6.1-alpha. | |
## (may or may not work for much older or much newer versions of Tor.) | |
## | |
## Lines that begin with "## " try to explain what's going on. Lines | |
## that begin with just "#" are disabled commands: you can enable them | |
## by removing the "#" symbol. | |
## | |
## See 'man tor', or https://www.torproject.org/docs/tor-manual.html, | |
## for more options you can use in this file. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
############################################## | |
# Sample client-side OpenVPN 2.0 config file # | |
# for connecting to multi-client server. # | |
# # | |
# This configuration can be used by multiple # | |
# clients, however each client should have # | |
# its own cert and key files. # | |
# # | |
# On Windows, you might want to rename this # | |
# file so it has a .ovpn extension # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
################################################# | |
# Sample OpenVPN 2.0 config file for # | |
# multi-client server. # | |
# # | |
# This file is for the server side # | |
# of a many-clients <-> one-server # | |
# OpenVPN configuration. # | |
# # | |
# OpenVPN also supports # | |
# single-machine <-> single-machine # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Configuration file for a typical Tor user | |
## Last updated 9 October 2013 for Tor 0.2.5.2-alpha. | |
## (may or may not work for much older or much newer versions of Tor.) | |
## | |
## Lines that begin with "## " try to explain what's going on. Lines | |
## that begin with just "#" are disabled commands: you can enable them | |
## by removing the "#" symbol. | |
## | |
## See 'man tor', or https://www.torproject.org/docs/tor-manual.html, | |
## for more options you can use in this file. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# rules.before | |
# | |
# Rules that should be run before the ufw command line added rules. Custom | |
# rules should be added to one of these chains: | |
# ufw-before-input | |
# ufw-before-output | |
# ufw-before-forward | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2016-03-28 22:19:58 SIGUSR1[soft,init_instance] received, process restarting | |
2016-03-28 22:19:58 MANAGEMENT: >STATE:1459217998,RECONNECTING,init_instance,, | |
2016-03-28 22:20:00 *Tunnelblick: No 'reconnecting.sh' script to execute | |
2016-03-28 22:20:00 MANAGEMENT: CMD 'hold release' | |
2016-03-28 22:20:00 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts | |
2016-03-28 22:20:00 Socket Buffers: R=[131072->65536] S=[131072->65536] | |
2016-03-28 22:20:00 Attempting to establish TCP connection with [AF_INET]XXX.XXX.XXX.XXX:9040 [nonblock] | |
2016-03-28 22:20:00 MANAGEMENT: >STATE:1459218000,TCP_CONNECT,,, | |
2016-03-28 22:20:00 TCP: connect to [AF_INET]XXX.XXX.XXX.XXX:9040 failed, will try again in 5 seconds: Can't assign requested address | |
2016-03-28 22:20:00 SIGUSR1[soft,init_instance] received, process restarting |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pi@raspberrypi:/var/log/maltrail $ tail 2016-05-18.log 2016-05-19.log 2016-05-20.log 2016-05-21.log 2016-05-22.log 2016-05-23.log 2016-05-24.log 2016-05-25.log | |
==> 2016-05-18.log <== | |
"2016-05-18 23:47:51.125602" raspberrypi 192.168.1.5 35579 128.208.2.233 9001 TCP IP 128.208.2.233 "tor exit node (suspicious)" blutmagie.de | |
"2016-05-18 23:49:59.424015" raspberrypi 192.168.1.5 - 136.161.101.53 - ICMP IP 136.161.101.53 "sinkhole conficker (malware)" (static) | |
==> 2016-05-19.log <== | |
"2016-05-19 10:26:19.485956" raspberrypi 192.168.1.5 39074 178.63.9.165 443 TCP IP 178.63.9.165 "tor exit node (suspicious)" blutmagie.de | |
"2016-05-19 11:59:51.032876" raspberrypi 192.168.1.5 39075 178.63.9.165 443 TCP IP 178.63.9.165 "tor exit node (suspicious)" blutmagie.de | |
"2016-05-19 13:25:15.583751" raspberrypi 192.168.1.5 39076 178.63.9.165 443 TCP IP 178.63.9.165 "tor exit node (suspicious)" blutmagie.de | |
"2016-05-19 15:10:59.114896" raspberrypi 192.168.1.5 39077 178.63.9.165 443 TCP IP 178.63.9.165 "tor exit node (suspicious)" bl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
options: | |
docker: true | |
pipelines: | |
branches: | |
master: | |
- step: | |
script: | |
# Installing gcloud |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
agent.type | ||
---|---|---|
as.number | ||
as.organization.name | ||
client.as.number | ||
client.as.organization.name | ||
client.nat.ip | ||
client.nat.port | ||
client.user.domain | ||
cloud.machine.type | ||
destination.as.number |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server log [16:05:30.489] [error][plugins][plugins][siem][siem] [-] nextSearchAfter threw an error [security_exception] missing authentication credentials for REST request [/apm-*-transaction*%2Cauditbeat-*%2Cendgame-*%2Cfilebeat-*%2Cpacketbeat-*%2Cwinlogbeat-*/_search?allow_no_indices=true&size=100&ignore_unavailable=true], with { header={ WWW-Authenticate={ 0="Bearer realm=\"security\"" & 1="ApiKey" & 2="Basic realm=\"security\" charset=\"UTF-8\"" } } } :: {"path":"/apm-*-transaction*%2Cauditbeat-*%2Cendgame-*%2Cfilebeat-*%2Cpacketbeat-*%2Cwinlogbeat-*/_search","query":{"allow_no_indices":true,"size":100,"ignore_unavailable":true},"body":"{\"query\":{\"bool\":{\"filter\":[{\"bool\":{\"must\":[],\"filter\":[{\"bool\":{\"should\":[{\"exists\":{\"field\":\"host.name\"}}],\"minimum_should_match\":1}}],\"should\":[],\"must_not\":[]}},{\"bool\":{\"filter\":[{\"bool\":{\"should\":[{\"range\":{\"@timestamp\":{\"gte\":\"now-6m\"}}}],\"minimum_should_match\":1}},{\"bool\":{\"should\":[{\"range\":{\"@timestamp\": |
OlderNewer