EC2 ELB Godaddy Cert

Adding Godaddy Cert to EC2 ELB Setup AWS Command Line Interface

Setup instructions are found here:

Define your files and run these commands: # define these crtdomain=”” crtchain=”gd_bundle.crt” echo “converting to pem format” openssl rsa -in ${crtdomain}.key -out aws-${crtdomain}.key openssl x509 -in ${crtdomain}.crt -out aws-${crtdomain}.crt -outform PEM echo “uploading certificate ${crtdomain} to Amazon” aws . . . → Read More: EC2 ELB Godaddy Cert

logstash filters for ssh attempts


Logstash filters for ssh brute for, sudo auth failures, or failed login attempts

Filters grok { type => “syslog” patterns_dir => [“/opt/logstash/patterns”] pattern => [ “%{SYSLOGLINE}” ] } grep { type => “syslog” drop => false match => [ “@message”, “([fF]ailed|[fF]ailure).*password|authentication.*failure|incorrect.password” ] add_tag => [ “auth_failure” ] } grep { type => “syslog” drop . . . → Read More: logstash filters for ssh attempts

logstash ec2 instanceid

How to get Logstash to read your ec2 instance id !/bin/bash EC2_INSTANCE_ID=$(curl -s export EC2_INSTANCE_ID conf=/opt/logstash/simple.conf lsjar=/opt/logstash/logstash.jar myjava=$(which java) if [ -z $myjava ]; then echo “java is required; please install openjdk or jre” exit 1 fi # spawn logstash $myjava -jar $lsjar agent -f $conf config file /opt/logstash/simple.conf input { exec { . . . → Read More: logstash ec2 instanceid

Ubuntu Set Timezone to UTC

Objective: Set Timezone to UTC on Ubuntu 12.04 LTS Howto

You will be using tzdata and ntpdate

Setting the timezone

After running this select “etc” (hit enter) then select “UTC” (hit enter)

pkg-reconfigure tzdata Syncing the clock apt-get -y install ntpdate ntpdate Updating crontab to sync clock daily crontab -l > tmp.cron echo “@daily . . . → Read More: Ubuntu Set Timezone to UTC

Howto Convert a ESXv5 to ESXv4 VM

Howto Convert a ESXv5 to ESXv4 VM

This details the steps needed to convert a machine from ESXv5 to ESXv4

Convert OVA to VMX On ESXv5 Machine, Export the VMWare ESX5 Machine to OVF (File -> Export -> Export OVF Template) Download ovftool

Convert ova to vmx (ignoring manifest errors)

ovftool sourefile.ova destfile.vmx (make sure . . . → Read More: Howto Convert a ESXv5 to ESXv4 VM

nohup example

here’s a nohup example:

nohup nice -n -19 /bin/bash all_countries.txt 2>&1 >/root/cidr_to_ipset_output.log </dev/null &

nohup is a POSIX command to ignore the HUP (hangup) signal. The HUP signal is, by convention, the way a terminal warns dependent processes of logout.

Output that would normally go to the terminal goes to a file called nohup.out . . . → Read More: nohup example

Apache ProxyPass with dynamic hostname

To use Apache ProxyPass directives with dynamic hostnames you will need to also use ModRewrite.


All requests to the virtualhost will ProxyPass and ProxyPassReverse (also known as an “Apache Gateway”) to the %{HTTP_HOST}

The only reason this would make sense to do is if you have localhost entries on the apache server for specfic . . . → Read More: Apache ProxyPass with dynamic hostname

curl: (35) error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)


When running curl you get this response:

curl: (35) error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112) Solution curl -ssl3

Ensure Beaver Log Shipping is Running

I have a love hate relationship with the beaver log shipper and ensuring that it is in fact running on all of my machines (and not in a defunct or partially running state)

I have finally whipped up a script to take care of this issue and thought i’d share it for anyone that cares.

. . . → Read More: Ensure Beaver Log Shipping is Running

shred files on Centos

Here’s a handy alias for shredding files on CentOS

alias shred=’shred -v -n 1 -z -u’