Steve Stonebraker posted this in bash, Defense, Linux, Redhat Centos, Security, Server Setup, Ubuntu on June 24th, 2013 Goal: Whitelist an Entire Country with ipset For this article i’ll be referencing the github repository I set up at
https://github.com/ssstonebraker/braker-scripts/tree/master/working-scripts/ipset We have a few files there, specifically: * cidr_to_ipset.sh (a script to create an ipset ruleset) * Some example CIDR blocks for Italy (IT.txt), Spain (ES.txt), Great Britian (GB.txt), USA (US.TXT) * sample_firewall.txt (example . . . → Read More: Whitelist Entire Country with ipset
Steve Stonebraker posted this in Defense, IDS, Linux, Redhat Centos, Server Setup, Ubuntu on June 4th, 2013 What to do when barnyard2 won’t log to the database….
Are you seeing something like this?
[SignatureReferencePullDataStore()]: No Reference found in database …
Full text:
# /usr/local/bin/barnyard2 -c /etc/barnyard2.conf -d /var/log/snort -f snort.log -w /var/log/barnyard2/barnyard2.waldo Running in Continuous mode –== Initializing Barnyard2 ==– Initializing Input Plugins! Initializing Output Plugins! Parsing config file “/etc/barnyard2.conf” +[ Signature . . . → Read More: barnyard2 won’t log to database – how to fix it
Steve Stonebraker posted this in Linux, Server Setup, Ubuntu on May 31st, 2013 Objective Add two network interface in ubuntu 12.04 in aws and route traffic properly to either ip Scope: Amazon EC2 Attach Elastic Network Interface (VPC) Related Documentation https://github.com/ssstonebraker/braker-scripts/blob/master/working-scripts/aws_fix_dual_nic_routing.sh http://aws.amazon.com/about-aws/whats-new/2011/12/21/Multiple-Network-Interfaces/ http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html http://aws.typepad.com/aws/2012/07/multiple-ip-addresses-for-ec2-instances-in-a-virtual-private-cloud.html http://www.syscrunch.com/blog/amazon-ec2-attach-an-elastic-network-interface/ Process Start AMI in VPC After boot attach secondary nic Ensure both nic’s have an external IP associated with it configure new /etc/network/interfaces . . . → Read More: AWS add two network interfaces in ubuntu 12.04 precise
Steve Stonebraker posted this in Linux, Redhat Centos, Server Setup, Ubuntu on May 20th, 2013 Example to egrep valid ip address
To egrep all valid ip addresses in current directory:
egrep -r ‘[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}’ .
An Alternative:
/bin/egrep ‘\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b’
Steve Stonebraker posted this in Linux, Redhat Centos, Server Setup, Ubuntu on May 2nd, 2013 Getting SSL to work with neo4j can be very frustrating. The crux of the problem is that their documentation isn’t very robust.
Here’s what they don’t tell you:
Both the cert and the key MUST be in DER format!
example to convert a PEM formatted crt key to a der formatted crt key openssl x509 . . . → Read More: neo4j SSL howto
Steve Stonebraker posted this in Linux, Redhat Centos, Server Setup, Tomcat, Ubuntu on April 30th, 2013 I spend hours trying to figure this out and here are the fruits of my labor
Problem
You are unable to create a valid Tomcat Keystore using a GoDaddy crt and key file
Curl output may look like this:
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify . . . → Read More: convert valid godaddy cert key to java keystore for tomcat
Steve Stonebraker posted this in nginx, Redhat Centos, Server Setup, Ubuntu on January 30th, 2013 Objective
Remove the index.php prefix from your nginx code igniter instance.
Assumptions In your main nginx conf file you define how php is called (unix socket or ip:port) You will replace foo.example.com with whatever your domain name is The proper logging path will be defined per your system as opposed to the location i have . . . → Read More: nginx code igniter remove index.php prefix
Steve Stonebraker posted this in bash, FreeBSD, Linux, O/S, perl, Redhat Centos, Scripts, Server Setup on January 18th, 2013 Recently I tried passing a bash variable to perl command in bash script, it didn’t end well.
Troy Engel from http://tacticalvim.wordpress.com/ was nice enough to point out the issue:
use sed instead of perl for what you need; it’s simpler, faster and uses the bash variables easily.
I set up a test script /home/someuser/test.sh to . . . → Read More: passing bash variable to perl command in bash script
Steve Stonebraker posted this in Linux, Server Setup, Ubuntu on November 12th, 2012 Disk Space Usage Visual Tools
Some great tools for viewing disk space usage are: pydf (essential df with colors) Philesight (Web-based implementation of Filelight) ncdu (awesome text-only GUI!)
Philesight
Philesight is a tool to browse your filesystem and see where the diskspace is being used at a glance. Philesight is implemented as a simple command . . . → Read More: linux view disk space usage
Steve Stonebraker posted this in Linux, Redhat Centos, Server Setup on November 8th, 2012 To install Django on Centos or Redhat
echo “Installing httpd and httpd-devel” yum -q -y –enablerepo=ius install httpd httpd-devel > /dev/null 2>&1 chkconfig httpd on sed -i ‘s/Listen 80/Listen 8080/g’ /etc/httpd/conf/httpd.conf service varnish start service httpd start To Install Python 2.7.2 on redhat or centos echo “Install Python 2.7.2” mkdir -p /usr/local/src/python.2.7.2.install cd /usr/local/src/python.2.7.2.install wget . . . → Read More: Install Django centos redhat
|
|