Name: libnss-ato
Version: 1.0
Release: 1%{?dist}
Summary: NSS catchall module
Group: System Environment/Libraries
License: GPL 2.0
NOTE: below is an attempt to build a container that can be used as as OS-container instead of an application-container. Like OpenVZ, but by using Docker. Currently this requires running the containers in privileged more, which doesn't really seperate the containers in a secure fashion
It does result in a container with a public IP address, running systemd, that you can also SSH to
Prerequisites: enable the rhel-7-server-extras-rpms
yum repository
Arachni could not be found in your system path.
OpenVAS was unable to execute Arachni and to perform the scan you
requested.
Please make sure that Arachni is installed and that arachni is
available in the PATH variable defined for your environment.
Creates a log file for each connecting syslog client, based on IP address. Also takes care of rotating the files, limiting the archive to 5 log files of 100M This config is meant to allow a Splunk Universal Forwarder to collect the syslog files, using the following inputs.conf:
[monitor://c:/log/192.168.1.1/*.log]
[Unit]
After=network.target
Wants=network.target
Description=Splunk Enterprise
[Service]
Type=forking
RemainAfterExit=False
pam_python.so is not readily available on RHEL systems. Here's how to create an RPM from Russell's tar.gz:
- download pam-python.1.0.4.tar.gz to ~/rpmbuild/SOURCES
- copy/paste pam-python.spec from below in ~/rpmbuild/SPECS/
- copy/paste pam-python-1.0.4-fix-compile-rhel.patch from below in ~/rpmbuild/SOURCES
- rpmbuild -bb ~/rpmbuild/SPECS/pam-python.spec
MITRE have just published the JSON results of their EDR evalutions simulating APT29. However also this time their structure makes it difficult to Splunk. Use this Python script for easier Splunking.
$ python transpose_mitre_eval_apt29.py file.json > file_for_splunk.json