This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
## SecurityCenter Backup Script | |
# | |
# This script is intended to create backups of all of the SecurityCenter data | |
# on a daily/weekly/monthly/etc. basis. This is intended to be run as a cronjob | |
# and expect the SysAdmin to have configured the root@localhost mail alias to | |
# route through their email system in-case of errors. An example of how to run | |
# this as a cronjob is below: | |
# | |
# 1 45 * * * root /opt/scripts/backups/sc-backup.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# Requires: | |
# awk | |
# fmt | |
# tput | |
# | |
colorMsg() { | |
[ $# -gt 1 ] || return 0 | |
tput -S <<< "$(printf '%s\n' 'sgr 0' ${1##*[0-7]} "setaf ${1%%[^0-7]*}")" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Determine the OS version across the various forks using %{dist} detail from the building machine's kernel release. | |
# Versions 6 & 7 started including including the architecture in the kernel **release** field. We have to deal with that stupidity too. | |
%define osVersion %(uname -r | awk -F '.' '{for (i=NF; i > 0; i--) if ($i !~ /^(x86_64|i[36]86)$/) { print gensub(/^[^0-9]+/, "", "", $i); exit; }}') | |
# I wish redhat-release provided the major number, but that only started with 7 from what I've found. Even after adding a number to the redhat-release provide, they started using 7.0, just to make things difficult. | |
# Add conflicts as appropriate for the various RedHat major versions. | |
%if 0%{?osVersion} == 5 | |
Conflicts: upstart, systemd | |
%endif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
hextostr() { | |
local i _hs="$*" | |
local _hsl="${#_hs}" | |
printf '%s\n' "$(for ((i=0; i < _hsl; i+=2)); do echo -ne "\x${_hs:i:2}"; done)" | |
unset -v _hsl _hs i | |
} | |
#hextostr '48656C6C6F20776F726C6421' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
host="${1:-127.0.0.1}" | |
port="${2:-443}" | |
ciphers='ALL:!eNULL' | |
printf 'Using openssl at: ' | |
command -v openssl | |
openssl version -a | |
printf '\nCiphers selected by server at %s using TCP port %s:\n' "$host" "$port" | |
while : ; do |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
sha256sumc () | |
{ | |
local err file hash out rc=0; | |
while IFS=' ' read -r hash file; do | |
file="${file#[*]}"; | |
out="$(openssl dgst -sha256 -r "$file" 2>/dev/null)" && cmp -s <(echo "$out") <(printf -- '%s *%s\n' "$hash" "$file") && printf -- '%s: OK\n' "$file" || { | |
printf -- '%s: FAILED' "$file"; | |
err="$(openssl dgst -sha256 -r "$file" 2>&1 >/dev/null)"; | |
if [[ "$err" =~ ': No such file or directory'$'\n' ]]; then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Inspiration from: http://askubuntu.com/questions/126817/how-to-disable-alt-f1-alt-f2-shortcuts | |
unset -v _key _value _schema | |
_schema='org.gnome.desktop.wm.keybindings' | |
while IFS= read -r _key; do | |
_value="$(gsettings get "$_schema" "$_key")" | |
while [[ "$_value" =~ \''<Alt>F'[1-9]\' ]] || [[ "$_value" =~ \''<Alt>F1'[0-2]\' ]]; do | |
#_value="$(sed -e "s/\(, \)\?${BASH_REMATCH[0]}\(, \)\?//;s/''/', '/;" <<<"$_value")" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
if [ -s ~/.bashrc ]; then | |
. ~/.bashrc | |
fi | |
# Additions to fix the lack of confirmation when keys are added from the Keychain | |
if [ -s ~/.ssh/ssh-agent.pid ]; then | |
. ~/.ssh/ssh-agent.pid | |
if [ -n "$SSH_AGENT_PID" ] && ! kill -0 "$SSH_AGENT_PID" &>/dev/null; then | |
rm -f ~/.ssh/ssh-agent.pid | |
unset -v SSH_AGENT_PID |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import io, os, sys | |
from argparse import ArgumentParser | |
from calendar import timegm | |
from time import gmtime, localtime, mktime, strftime, strptime | |
def touchUTCString(t): | |
return timegm(strptime(t, '%a, %d %b %Y %H:%M:%S %Z')) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
iptables -F SSH_PORT_LIMIT || iptables -N SSH_PORT_LIMIT | |
iptables -A SSH_PORT_LIMIT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT | |
iptables -A SSH_PORT_LIMIT -p tcp -m state --state NEW -m hashlimit --hashlimit-mode srcip --hashlimit-upto 10/hour --hashlimit-burst 15 --hashlimit-name ssh -j ACCEPT | |
iptables -A SSH_PORT_LIMIT -j LOG --log-level info --log-prefix 'ssh-port-limit: ' | |
iptables -A SSH_PORT_LIMIT -p tcp -j REJECT --reject-with tcp-reset | |
iptables -A SSH_PORT_LIMIT -j DROP |
OlderNewer