Skip to content

Instantly share code, notes, and snippets.

View jrossi's full-sized avatar

Jeremy Rossi jrossi

80 followers · 19 following
View GitHub Profile
@jrossi
jrossi / gist:314999
Created February 25, 2010 20:29
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="description" content="" />
<meta name="keywords"content="" />
<title>HYFBT: Loading...</title>
<link rel="stylesheet" href="/view.css" type="text/css" />
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.js">
</script>
@jrossi
jrossi / gist:345562
Created March 27, 2010 00:05
def indent(elem, level=0):
i = "\n" + level*" "
if len(elem):
if not elem.text or not elem.text.strip():
elem.text = i + " "
if not elem.tail or not elem.tail.strip():
elem.tail = i
for elem in elem:
indent(elem, level+1)
if not elem.tail or not elem.tail.strip():
@jrossi
jrossi / gist:388124
Created May 3, 2010 14:05
<ossec_config>
<rules>
<decoder>decoders/decoder.xml</decoder>
<rule>rules/rules_config.xml</rule>
<lists_dir>lists/</lists_dir>
<decoders_dir>decoders/<decoders_dir>
<rules_dir>rules/</rules_dir>
</rules>
@jrossi
jrossi / gist:389453
Created May 4, 2010 14:15
etected bug in an extension! Hook ReCaptcha::confirmEdit failed to return a value; should return true to continue hook processing or false to abort.
Backtrace:
#0 /srv/www/03/ossec.net/public_html/wiki/includes/EditPage.php(791): wfRunHooks('EditFilter', Array)
#1 /srv/www/03/ossec.net/public_html/wiki/includes/EditPage.php(2483): EditPage->internalAttemptSave(false, false)
#2 /srv/www/03/ossec.net/public_html/wiki/includes/EditPage.php(449): EditPage->attemptSave()
#3 /srv/www/03/ossec.net/public_html/wiki/includes/EditPage.php(340): EditPage->edit()
#4 /srv/www/03/ossec.net/public_html/wiki/includes/Wiki.php(510): EditPage->submit()
#5 /srv/www/03/ossec.net/public_html/wiki/includes/Wiki.php(63): MediaWiki->performAction(Object(OutputPage), Object(Article), Object(Title), Object(User), Object(WebRequest))
#6 /srv/www/03/ossec.net/public_html/wiki/index.php(116): MediaWiki->initialize(Object(Title), Object(Article), Object(OutputPage), Object(User), Object(WebRequest))
#7 {main}
@jrossi
jrossi / gist:392144
Created May 6, 2010 13:52
Others and I have started Wiki clean up and organization at ossec.net/wiki you can see a fair amount of changes already. Mostly around look and feel and being able to find things.
Some simple ways to help right now.
* Watch for spam and/or defacement
* Categories
=== Watch for spam and or defacement. ===
@jrossi
jrossi / gist:414915
Created May 26, 2010 19:17
==> logs/alerts/alerts.log <==
** Alert 1274901407.0: mail - syslog,jeremy,
2010 May 26 15:16:47 queen->/var/log/system.log
Rule: 995702 (level 10) -> 'List match on srcip in addresses.cdb'
Src IP: 9.23.42.1
User: (none)
May 29 21:12:18 queen telnetd[6474]: refused connect from 9.23.42.1
@jrossi
jrossi / gist:508555
Created August 4, 2010 18:21
>>> import cdb
>>> f = open("rfc1918-privateaddresses.cdb", "r")
>>> db = cdb.init(f.fileno())
>>> db.keys()
['192.179.', '10.', '172.16.', '172.17.', '172.18.', '172.19.', '172.20.', '172.21.', '172.22.', '172.23.', '172.24.', '172.25.', '172.26.', '172.27.', '172.28.', '172.29.', '172.30.', '172.31.', '172.32.']
@jrossi
jrossi / gist:509083
Created August 5, 2010 01:33
#!/usr/bin/env python
#from waflib.Configure import conf
def build(ctx):
for i in ctx.path.ant_glob("*.c"):
@jrossi
jrossi / gist:521038
Created August 12, 2010 14:22
<ossec_config>
<rules>
<rule>rules/00_rules_config.xml</rule>
<rule_dir>rules/</rule_dir>
<rule_dir>rules/silent/</rule_dir>
<rules>
</ossec_config>
@jrossi
jrossi / gist:553962
Created August 27, 2010 18:56
ossec = {
rules = (
{
comment = "This is just some data about this section";
type = "rule_file";
path = "rules/rules/00_ossec_rules.xml";
},
{
type = "rule_dir";
path = "rules/rules/";