I hereby claim:
- I am netscylla on github.
- I am netscylla (https://keybase.io/netscylla) on keybase.
- I have a public key whose fingerprint is 5224 94C5 C060 4472 8AAE C269 CBF2 E5EF 52FF DF91
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCigItCboOO9fp4ZLDkXKo+bGqvv9nJV/ZghmWRbY9FMRaMatDBfgPenIQSOX3uAoyfl2JFObiaZBJ3V/cNvIlkjFDZJUa/ttg28fHo8a3kRL45wTud4WRVNcpP1JBTUnDtRPInsvlWm5w0Yde1YVi1wxWPs85l9Kn4Wqro5ckFQmLmY+G9XKlHiXrKmOwCeYBI/yCFWrAKXAl2c3T0Ab6jFXUGuSdAWWUWqw+nWp+K3B6TDH8Q30YKIcAYYl5G8zoMbfgjGDH6p1tboG6psX9HCeI1GG+uqrlEfBfR1QaMAFlbHP+TPor9j/XKgShIo3fDWlV07dq9kEOzbCpGmByL |
#!/bin/sh | |
echo "postfix postfix/mailname string smtp.example.com" | debconf-set-selections | |
echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections | |
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::='--force-confdef' -o Dpkg::Options::='--force-confold' -f -q -y install postfix postfix-mysql dovecot-core dovecot-imapd dovecot-lmtpd dovecot-mysql |
#!/usr/bin/python | |
# Copyright 2014 Amazon.com, Inc. or its affiliates. All Rights Reserved. | |
# | |
# Licensed under the Amazon Software License (the "License"). You may not use | |
# this file except in compliance with the License. A copy of the License is | |
# located at http://aws.amazon.com/asl/ or in the "license" file accompanying | |
# this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR | |
# CONDITIONS OF ANY KIND, either express or implied. See the License for the specific | |
# language governing permissions and limitations under the License. |
#!/bin/sh | |
PORT=1521; | |
if [ $# != 2 ] && [ $# != 3 ]; then | |
echo Sets Oracle TNS Listener log file to a new value using tnscmd.pl | |
echo | |
echo Usage: $0 new-log-file-name host [port] | |
echo | |
echo port default to $PORT |
#!/usr/bin/env bash | |
yum install -y pcre.x86_64 pcre-devel.x86_64 openssl-devel.x86_64 unzip make \ | |
gperftools-devel.x86_64 gperftools.x86_64 jq.x86_64 | |
mkdir /tmp/ngxbuild | |
cd /tmp/ngxbuild | |
latestNginx=$(curl -s http://hg.nginx.org/nginx/tags | | |
grep "^ *release-" | head -1 | cut -c 9-) | |
latestNaxsi=$(curl -s https://api.github.com/repos/nbs-system/naxsi/releases | | |
jq -r .[].tag_name | grep -v rc | head -1) |
#!/bin/sh | |
ROLENAME=$(curl http://169.254.169.254/latest/meta-data/iam/security-credentials/ -s) | |
KeyURL="http://169.254.169.254/latest/meta-data/iam/security-credentials/"$ROLENAME"/" | |
wget $KeyURL -q -O Iam.json | |
KEYID=$(grep -Po '.*"AccessKeyId".*' Iam.json | sed 's/ //g' | sed 's/"//g' | sed 's/,//g' | sed 's/AccessKeyId://g') | |
SECRETKEY=$(grep -Po '.*"SecretAccessKey".*' Iam.json | sed 's/ //g' | sed 's/"//g' | sed 's/,//g' | sed 's/SecretAccessKey://g') | |
SECURITYTOKEN=$(grep -Po '.*"Token".*' Iam.json | sed 's/ //g' | sed 's/"//g' | sed 's/,//g' | sed 's/Token://g') | |
rm Iam.json -f |
input { | |
beats { | |
port => 5001 | |
codec => "json_lines" | |
} | |
} | |
filter { | |
#Let's get rid of those header lines; they begin with a hash |
#/usr/bin/env python3 | |
# | |
# Quick hack to anonymise pcap for distribution to 3rd parties for vendor debugging | |
# (c)2019 Andy @ Netscylla | |
# | |
from scapy.all import * | |
from scapy.utils import rdpcap,wrpcap | |
my_mac1="00:0c:29:fc:25:be" | |
my_mac2="00:0c:29:25:24:17" |
{ | |
"template": "brologs*", | |
"mappings": { | |
"capture_loss": { | |
"properties": { | |
"ts_delta": { | |
"type": "double" | |
}, | |
"peer": { | |
"type": "keyword" |