Script to Backup Alienvault OSSIM Master Server

Script to backup AlienVault OSSIM master server . . . → Read More: Script to Backup Alienvault OSSIM Master Server

Return AlienVault OSSIM Current Version from Command Line

If you want to return the current AlienVault OSSIM version you are running from a command line try this:

version=$(dpkg -l | grep ossim-cd-tools | awk ‘{print $3}’ | awk -F’-‘ ‘{ print $1 }’) echo $version

tmux horizontal window splitting

To split terminal in to four horizontal tmux windows you can run the following code:

#!/bin/bash tmux new-window -a -n WinSplit tmux new-session -d -s WinSplit tmux selectp -t WinSplit tmux split-window -v tmux set-window-option -g window-status-current-bg blue tmux split-window -v tmux split-window -v tmux select-layout even-vertical tmux attach -t WinSplit

The result is something . . . → Read More: tmux horizontal window splitting

Compare two Files and Print Lines that Match

The proper way to compare two files and print lines that match:

awk ‘NR==FNR{arr[$0];next} $0 in arr’ file1.txt file2.txt

Here is a shell script you can run:

#!/bin/bash # Filename: showdupes.sh # source: http://brakertech.com/compare-two-files-and-print-lines-that-match/ # this file takes two text files as input # sorts them and outputs lines from # file 2 that match . . . → Read More: Compare two Files and Print Lines that Match

Manually Install Kali Linux 2018.4 x64 with VM Fusion 10

Problem

Kali Linux 2018.4 x64 fails to install manually when using VM Fusion 10.1.5 (hangs during “copying data to disk” portion of the install).

Solution Create a new Custom VM Select the iso you downloaded When prompted for the OS of ISO select “Debian 8.x 64 bit” Name the VM ‘kali-linux-2018.4-vm-amd64’ (not required) Set the . . . → Read More: Manually Install Kali Linux 2018.4 x64 with VM Fusion 10

Use ngrep to capture syslog traffic

Instead of using wireshark on Linux to capture traffic try ngrep

# sudo ngrep -d <interface> ‘<search string>’ ‘port 514’

source: http://ngrep.sourceforge.net/usage.html

How to Install nginx and PHP on CentOS7

Install nginx and PHP on CentOS7

These are some notes from installing nginx on CentOS7

Install some prerequisites sudo yum -y groupinstall “Development tools” sudo yum -y install mlocate sudo yum -y install iptables-services sudo yum -y install php-mysql php-dom sudo yum -y install wget sudo service php-fpm restart Install GeoIP cd /tmp wget http://geolite.maxmind.com/download/geoip/api/c/GeoIP.tar.gz . . . → Read More: How to Install nginx and PHP on CentOS7

diff two files and output lines not seen in file 2

Problem

You need two diff two files and only output what is unique to file one.

text file 1 contains:

1 2 3 4 5

text file 2 contains:

6 7 1 2 3 4 Solution $ awk ‘FNR==NR{a[$0]++;next}!a[$0]’ file1 file2 6 7

Explanation of how the code works:

If we’re working on file1, track . . . → Read More: diff two files and output lines not seen in file 2

Block Countries Behind ELB

To block countries behind an ELB (Elastic Load Balancer) you should use Maxmind’s GeoIP Country Database.

Problem

You are unable to use iptables or ipset to block countries because of your Amazon Elastic Load Balancer

Solution

Use Maxmind’s GeoIP Country Database in conjunction with Apache or NGINX

Example

This example is for Ubuntu 12.04 (Precise)

. . . → Read More: Block Countries Behind ELB

logstash ec2 instanceid

How to get Logstash to read your ec2 instance id logstash.sh !/bin/bash EC2_INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id) export EC2_INSTANCE_ID conf=/opt/logstash/simple.conf lsjar=/opt/logstash/logstash.jar myjava=$(which java) if [ -z $myjava ]; then echo “java is required; please install openjdk or jre” exit 1 fi # spawn logstash $myjava -jar $lsjar agent -f $conf config file /opt/logstash/simple.conf input { exec { . . . → Read More: logstash ec2 instanceid