Skip to content

Instantly share code, notes, and snippets.

View hilt86's full-sized avatar

Hilton hilt86

15 followers · 74 following
View GitHub Profile
@hilt86
hilt86 / keybase.md
Created May 12, 2017 13:05

Keybase proof

I hereby claim:

  • I am hilt86 on github.
  • I am hdemeillon (https://keybase.io/hdemeillon) on keybase.
  • I have a public key ASCOOzKiDQT688lmmiH4CzgzwapzAO6b7Iyq1VdlDnzXlwo

To claim this, I am signing this object:

@hilt86
hilt86 / elasticsearch_failed_invalid_ssh.json
Created December 14, 2018 12:20
JSON for Elasticsearch failed ssh
{
"query": {
"terms":{"system.auth.ssh.event":["Failed","Invalid"],"boost":1}
}
}
@hilt86
hilt86 / ssh-watcher.json
Created December 14, 2018 13:13
Watcher alert to notify on failed SSH logins
{
"trigger": {
"schedule": {
"interval": "300s"
}
},
"input": {
"search": {
"request": {
"search_type": "query_then_fetch",
@hilt86
hilt86 / gist:71681e5f03eb93fc16b0119beee9dcd8
Created February 18, 2019 04:20
Command to run Hashicorp Vault
docker run -d --cap-add=IPC_LOCK -p 127.0.0.1:8200:8200 -v vault:/vault -e 'VAULT_LOCAL_CONFIG={"backend": {"file": {"path": "/vault/file"}}, "default_lease_ttl": "168h", "listener":{"tcp":{"address":"0.0.0.0:8200","tls_disable":1}}}", max_lease_ttl": "720h"}' -e 'VAULT_UI=TRUE' vault server
@hilt86
hilt86 / helmins
Created October 3, 2019 06:11
kubectl -n kube-system create serviceaccount tiller
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account=tiller
@hilt86
hilt86 / ssh-tips-tricks.md
Created October 21, 2019 05:57
ssh-tips-tricks

SSH tips and tricks

port forward port 3389 on remote network to localhost:3389

ssh -L 3389:10.10.10.1:3389 sshServer

@hilt86
hilt86 / sstp-on-macos.md
Last active October 21, 2019 05:58
sstp-on-macos

"noauth" argument prevents the client expecting the server to provide a password to authenticate itself

/usr/local/sbin/sstpc --log-stderr --cert-warn --user username --password "badass" vpn.example.com:port usepeerdns require-mschap-v2 noauth noipdefault defaultroute refuse-eap noccp

@hilt86
hilt86 / ansible-tips-tricks.md
Created October 23, 2019 03:52
ansible-tips-tricks

Restart services using Ansible ad-hoc commands

ansible -m systemd -a "name=metricbeat state=stopped" webservers --become

@hilt86
hilt86 / openssl-tips-tricks.md
Last active November 1, 2019 10:45
openssl-tips-tricks

Useful security related commands

Prints the SHA fingerprint of a certificate

openssl x509 -noout -fingerprint -sha256 -inform pem -in cert.crt

@hilt86
hilt86 / routeros-tips-tricks.md
Created November 19, 2019 01:00
routeros-tips-tricks.md

Find which port a MAC address is on

First find out what the MAC address is (CRS109)

/ip dhcp-server lease print

Then match MAC to port (CRS-328)

/interface ethernet switch host print