- bug fix of eventchannel timestamp pull:<PullRequest (bug fix of eventchannel timestamp)> by jrossi
- Align eventchannel log format with eventlog, fixes #155 pull:<PullRequest (Align eventchannel log format with eventlog, fixes #155)> by gaelmuller
- fix active-response on mac os installation pull:<PullRequest (fix active-response on mac os installation)> by jknockaert
- os_net fixes pull:<PullRequest (os_net fixes)> by cgzones
- Fixes #194. Checks for both paths of openssl pull:<PullRequest (Fixes #194. Checks for both paths of openssl)> by harshilmathur
- os_regex review [pull:
Jeremy Rossi jrossi
jrossi
/ gist:8786003
Created
February 3, 2014 15:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- WordPress wp-login.php brute force --> | |
| <rule id="31509" level="3"> | |
| <if_sid>31108</if_sid> | |
| <url>wp-login.php</url> | |
| <regex>] "POST \S+wp-login.php</regex> | |
| <description>WordPress login attempt.</description> | |
| </rule> | |
| <!-- If we see frequent wp-login POST's, it is likely a bot. --> | |
| <rule id="31510" level="8" frequency="6" timeframe="30"> |
jrossi
/ gist:8808118
Created
February 4, 2014 17:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import zmq | |
| context = zmq.Context() | |
| s = context.socket(zmq.SUB) | |
| s.connect("tcp://localhost:11999") | |
| s.setsockopt(zmq.SUBSCRIBE, "") | |
| import pika | |
| connection = pika.BlockingConnection() | |
| channel = connection.channel() |
jrossi
/ gist:9528466
Created
March 13, 2014 13:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import zmq | |
| import smptlib | |
| import json | |
| context = zmq.Context() | |
| socket = context.socket(zmq.SUB) | |
| socket.connect("tcp://127.0.0.1:5000") | |
| socket.setsockopt(zmq.SUBSCRIBE, "ossec.alerts") | |
| ssmtp = smtplib.SMTP() | |
| ssmtp.connect(host="smpt.host.here") |
jrossi
/ holder.mdown
Created
May 27, 2014 01:17
jrossi
/ holder.mdown
Created
May 27, 2014 01:42
['_Resource__load', '_Resource__set_attrs', 'class', 'delattr', 'dict', 'doc', 'format', 'getattribute', 'hash', 'init',
jrossi
/ holder.mdown
Created
May 27, 2014 01:42
- bug fix of eventchannel timestamp pull:<PullRequest (bug fix of eventchannel timestamp)> by jrossi
- Align eventchannel log format with eventlog, fixes #155 pull:<PullRequest (Align eventchannel log format with eventlog, fixes #155)> by gaelmuller
- fix active-response on mac os installation pull:<PullRequest (fix active-response on mac os installation)> by jknockaert
- os_net fixes pull:<PullRequest (os_net fixes)> by cgzones
- Fixes #194. Checks for both paths of openssl pull:<PullRequest (Fixes #194. Checks for both paths of openssl)> by harshilmathur
- os_regex review [pull:
jrossi
/ holder.mdown
Created
May 27, 2014 01:44
- bug fix of eventchannel timestamp pull:<PullRequest (bug fix of eventchannel timestamp)> by jrossi
- Align eventchannel log format with eventlog, fixes #155 pull:<PullRequest (Align eventchannel log format with eventlog, fixes #155)> by gaelmuller
- fix active-response on mac os installation pull:<PullRequest (fix active-response on mac os installation)> by jknockaert
- os_net fixes pull:<PullRequest (os_net fixes)> by cgzones
- Fixes #194. Checks for both paths of openssl pull:<PullRequest (Fixes #194. Checks for both paths of openssl)> by harshilmathur
- os_regex review [pull:
jrossi
/ holder.mdown
Created
May 27, 2014 01:46
- bug fix of eventchannel timestamp pull:<PullRequest (bug fix of eventchannel timestamp)> by jrossi
- Align eventchannel log format with eventlog, fixes #155 pull:<PullRequest (Align eventchannel log format with eventlog, fixes #155)> by gaelmuller
- fix active-response on mac os installation pull:<PullRequest (fix active-response on mac os installation)> by jknockaert
- os_net fixes pull:<PullRequest (os_net fixes)> by cgzones
- Fixes #194. Checks for both paths of openssl pull:<PullRequest (Fixes #194. Checks for both paths of openssl)> by harshilmathur
- os_regex review [pull:
jrossi
/ release-notes.rst
Created
May 27, 2014 16:38
jrossi
/ release-notes.mdown
Created
June 6, 2014 17:29
- bug fix of eventchannel timestamp pull:<PullRequest (bug fix of eventchannel timestamp)> by jrossi
- Align eventchannel log format with eventlog, fixes #155 pull:<PullRequest (Align eventchannel log format with eventlog, fixes #155)> by gaelmuller
- fix active-response on mac os installation pull:<PullRequest (fix active-response on mac os installation)> by jknockaert
- os_net fixes pull:<PullRequest (os_net fixes)> by cgzones
- Fixes #194. Checks for both paths of openssl pull:<PullRequest (Fixes #194. Checks for both paths of openssl)> by harshilmathur
- os_regex review [pull:
OlderNewer