Jeff Geiger jeffgeiger

## snort_unified2_output.sh
sudo sed -i'' 's/^# output unified2/output unified2/'  /etc/snort/snort.conf
sudo sed -i'' 's/ALERTMODE/#ALERTMODE/' /etc/sysconfig/snort

## http_gauss_browse.py
#!/usr/bin/env python2
from multiprocessing import Pool
from time import sleep
from random import randint, gauss
import os, sys
import requests

## TODO
# . recursively download linked resources:
#   . images

## elasticsearch@.service
[Unit]
Description=Elasticsearch
Documentation=http://www.elastic.co
Wants=network-online.target
After=network-online.target

[Service]
Environment=ES_HOME=/usr/share/elasticsearch
Environment=CONF_DIR=/etc/elasticsearch
Environment=DATA_DIR=/var/lib/elasticsearch

## group_cpuinfo_by_socket-core-ids.sh
egrep -e "processor" -e "core id" -e ^physical /proc/cpuinfo | \
  xargs -l3 echo | \
  awk -vOFS='\t' '{ print "{\"socket\": "$7", \"core\": " $11 ", \"proc\":" $3 "}" }' | \
  jq -sc '
    [.[] | {sock_core:"\(.socket)-\(.core)", proc, core, socket } ]
    | group_by(.sock_core) | .[] | .[0] ' | \
  sort -V

## 01-migrate-bro-data.sh
# Move index names from bro-YYYY.MM.DD to bro-v1-YYYY.MM.DD
for item in $(curl -s -n  -XGET localhost:9200/_cat/indices | awk '/bro-/ { split($3,a,"-"); print a[2] }'); do
cat <<EOF | curl -s -n -XPOST localhost:9200/_reindex -d @- >/dev/null
{ "source": {"index": "bro-${item}"}, "dest": {"index": "bro.v1-${item}"} }
EOF
echo -e "\nCloned data from bro-${item} to bro.v1-${item}"
done

## ROCKNSM-BETA0.adoc

      
              1 file
            
          
              2 forks
            
          
              0 comments
            
          
              1 star
            
          
                dcode
                / ROCKNSM-BETA0.adoc
            
            
              Created
              December 14, 2016 05:32
            
          
    ROCK NSM Beta 0 Notes


## rpi3-wireless-drivers.sh
#!/bin/bash

curl --location https://github.com/raspberrypi/firmware/raw/master/boot/bcm2710-rpi-3-b.dtb > /boot/bcm2710-rpi-3-b.dtb
curl --location https://github.com/RPi-Distro/firmware-nonfree/raw/54bab3d6a6d43239c71d26464e6e10e5067ffea7/brcm80211/brcm/brcmfmac43430-sdio.bin > /usr/lib/firmware/brcm/brcmfmac43430-sdio.bin
curl --location https://github.com/RPi-Distro/firmware-nonfree/raw/54bab3d6a6d43239c71d26464e6e10e5067ffea7/brcm80211/brcm/brcmfmac43430-sdio.txt > /usr/lib/firmware/brcm/brcmfmac43430-sdio.txt

echo "Reboot to ensure the dtb is initialized and kernel knows about the hardware in place."
echo

## install-bro-w_pfring_and_options.sh
# Install epel
sudo yum -y install epel-release

# Install kernel headers for current kernel
sudo yum install -y kernel-devel-$(uname -r) kernel-headers-$(uname -r)

# Install ntop repos
cat << EOF | sudo tee /etc/yum.repos.d/ntop.repo
[ntop]
name=ntop packages

## create_users.ps1
Import-Module ActiveDirectory

$password = (Read-Host  -AsSecureString "AccountPassword")
$users = import-csv ".\users.csv"

foreach ($user in $users){
    New-ADUser `
    -SamAccountName ($user.GivenName + "." + $user.Surname).ToLower() `
    -UserPrincipalName (($user.GivenName + "." + $user.Surname).ToLower() + "@" + $env:USERDNSDOMAIN) `
    -DisplayName ($user.GivenName + " " + $user.Surname) `

## json2csv.jq
#!/usr/local/bin/jq -s -r -f
( map(keys) | add | unique ) as $cols |
map(. as $row | $cols | map($row[.])) as $rows |
$cols, $rows[] | @csv
	sudo sed -i'' 's/^# output unified2/output unified2/' /etc/snort/snort.conf
	sudo sed -i'' 's/ALERTMODE/#ALERTMODE/' /etc/sysconfig/snort
	#!/usr/bin/env python2
	from multiprocessing import Pool
	from time import sleep
	from random import randint, gauss
	import os, sys
	import requests

	## TODO
	# . recursively download linked resources:
	# . images
	[Unit]
	Description=Elasticsearch
	Documentation=http://www.elastic.co
	Wants=network-online.target
	After=network-online.target

	[Service]
	Environment=ES_HOME=/usr/share/elasticsearch
	Environment=CONF_DIR=/etc/elasticsearch
	Environment=DATA_DIR=/var/lib/elasticsearch
	egrep -e "processor" -e "core id" -e ^physical /proc/cpuinfo \| \
	xargs -l3 echo \| \
	awk -vOFS='\t' '{ print "{\"socket\": "$7", \"core\": " $11 ", \"proc\":" $3 "}" }' \| \
	jq -sc '
	[.[] \| {sock_core:"\(.socket)-\(.core)", proc, core, socket } ]
	\| group_by(.sock_core) \| .[] \| .[0] ' \| \
	sort -V
	# Move index names from bro-YYYY.MM.DD to bro-v1-YYYY.MM.DD
	for item in $(curl -s -n -XGET localhost:9200/_cat/indices \| awk '/bro-/ { split($3,a,"-"); print a[2] }'); do
	cat <<EOF \| curl -s -n -XPOST localhost:9200/_reindex -d @- >/dev/null
	{ "source": {"index": "bro-${item}"}, "dest": {"index": "bro.v1-${item}"} }
	EOF
	echo -e "\nCloned data from bro-${item} to bro.v1-${item}"
	done
	#!/bin/bash

	curl --location https://github.com/raspberrypi/firmware/raw/master/boot/bcm2710-rpi-3-b.dtb > /boot/bcm2710-rpi-3-b.dtb
	curl --location https://github.com/RPi-Distro/firmware-nonfree/raw/54bab3d6a6d43239c71d26464e6e10e5067ffea7/brcm80211/brcm/brcmfmac43430-sdio.bin > /usr/lib/firmware/brcm/brcmfmac43430-sdio.bin
	curl --location https://github.com/RPi-Distro/firmware-nonfree/raw/54bab3d6a6d43239c71d26464e6e10e5067ffea7/brcm80211/brcm/brcmfmac43430-sdio.txt > /usr/lib/firmware/brcm/brcmfmac43430-sdio.txt

	echo "Reboot to ensure the dtb is initialized and kernel knows about the hardware in place."
	echo
	# Install epel
	sudo yum -y install epel-release

	# Install kernel headers for current kernel
	sudo yum install -y kernel-devel-$(uname -r) kernel-headers-$(uname -r)

	# Install ntop repos
	cat << EOF \| sudo tee /etc/yum.repos.d/ntop.repo
	[ntop]
	name=ntop packages
	Import-Module ActiveDirectory

	$password = (Read-Host -AsSecureString "AccountPassword")
	$users = import-csv ".\users.csv"

	foreach ($user in $users){
	New-ADUser `
	-SamAccountName ($user.GivenName + "." + $user.Surname).ToLower() `
	-UserPrincipalName (($user.GivenName + "." + $user.Surname).ToLower() + "@" + $env:USERDNSDOMAIN) `
	-DisplayName ($user.GivenName + " " + $user.Surname) `
	#!/usr/local/bin/jq -s -r -f
	( map(keys) \| add \| unique ) as $cols \|
	map(. as $row \| $cols \| map($row[.])) as $rows \|
	$cols, $rows[] \| @csv