geoff golder gdoteof

## detect-mokes.sh
#!/usr/bin/env bash
# Crude script to detect Backdoor.OSX.Mokes.a, as described in
# https://securelist.com/blog/research/75990/the-missing-piece-sophisticated-os-x-backdoor-discovered/
locations=(
  "$HOME/Library/App Store/storeuserd"
  "$HOME/Library/com.apple.spotlight/SpotlightHelper"
  "$HOME/Library/Dock/com.apple.dock.cache"
  "$HOME/Library/Skype/SkypeHelper"
  "$HOME/Library/Dropbox/DropboxCache"
  "$HOME/Library/Google/Chrome/nacld"

## cloud-config.yml
#cloud-config

coreos:
  etcd:
    # generate a new token for each unique cluster from https://discovery.etcd.io/new
    discovery: https://discovery.etcd.io/<token>
    # multi-region deployments, multi-cloud deployments, and droplets without
    # private networking need to use $public_ipv4
    addr: $private_ipv4:4001
    peer-addr: $private_ipv4:7001
	#!/usr/bin/env bash
	# Crude script to detect Backdoor.OSX.Mokes.a, as described in
	# https://securelist.com/blog/research/75990/the-missing-piece-sophisticated-os-x-backdoor-discovered/
	locations=(
	"$HOME/Library/App Store/storeuserd"
	"$HOME/Library/com.apple.spotlight/SpotlightHelper"
	"$HOME/Library/Dock/com.apple.dock.cache"
	"$HOME/Library/Skype/SkypeHelper"
	"$HOME/Library/Dropbox/DropboxCache"
	"$HOME/Library/Google/Chrome/nacld"
	#cloud-config

	coreos:
	etcd:
	# generate a new token for each unique cluster from https://discovery.etcd.io/new
	discovery: https://discovery.etcd.io/<token>
	# multi-region deployments, multi-cloud deployments, and droplets without
	# private networking need to use $public_ipv4
	addr: $private_ipv4:4001
	peer-addr: $private_ipv4:7001