List all Public IP Addresses Across All of your AWS Accounts

Steve Stonebraker posted this in AWS, bash, Linux on May 18th, 2020

Gathering all EC2 Public IPs

Recently I needed to automate pulling all public IP addresses across all of the EC2 accounts I have access to. I wrote the following script to deal with that problem.

Note: Thank you to Daniel Miessler for the script to pull the IPs. My Script makes that work across . . . → Read More: List all Public IP Addresses Across All of your AWS Accounts

Leave a comment   AWS, bash, Linux

Ingesting Okta logs in to Graylog

Steve Stonebraker posted this in Blue Team, Security on March 10th, 2020

After many failed attempts to import Okta logs in to Graylog (using some PowerShell scripts I found online) I decided to take a different approach. Here is what my final Dashboard and view ended up looking like:

Prerequisites

To ingest Okta logs in to Graylog you will need the following:

. . . → Read More: Ingesting Okta logs in to Graylog

Leave a comment   Blue Team, Security

Bulk Lookup Owner of IP Address

Steve Stonebraker posted this in bash on September 18th, 2019

To perform a bulk whois lookup of a list of IP addresses use the following script:

Bulk whois lookup while read ip; do if [ ! -z “$ip” ]; then echo -n “$ip – ” && whois $ip 2>/dev/null grep “Organization” -m 1; fi; done < ip_list.txt Example input (ip_list.txt) 172.217.8.206 172.217.8.203 172.217.8.266 151.101.65.67 Output . . . → Read More: Bulk Lookup Owner of IP Address

One comment   bash

Querying McAfee ePo on End User Machines

Steve Stonebraker posted this in Uncategorized on March 22nd, 2019

Code loop through a range of IPs and query McAfee epo on client machines # Loop through IP address 10.0.0.10 – 10.0.0.20 and print out # the computer name and the agent version echo “” > output; for ((i=10;i<=20;i++)) do # -s Silent Curl # -m 1 Wait no longer than 1 second per host . . . → Read More: Querying McAfee ePo on End User Machines

Leave a comment   Uncategorized

Script to Backup Alienvault OSSIM Master Server

Steve Stonebraker posted this in Linux on February 8th, 2019

Script to backup AlienVault OSSIM master server . . . → Read More: Script to Backup Alienvault OSSIM Master Server

2 comments   Linux

diff two files and output lines not seen in file 2

Steve Stonebraker posted this in Linux on March 11th, 2015

Problem

You need two diff two files and only output what is unique to file one.

text file 1 contains:

1 2 3 4 5

text file 2 contains:

6 7 1 2 3 4 Solution $ awk ‘FNR==NR{a[$0]++;next}!a[$0]’ file1 file2 6 7

Explanation of how the code works:

If we’re working on file1, track . . . → Read More: diff two files and output lines not seen in file 2

Leave a comment   Linux

kill orphaned httpd processes

Steve Stonebraker posted this in bash, FreeBSD, Linux, Redhat Centos, Scripts, Ubuntu on December 5th, 2011

to kill orphaned httpd processes create a script called killhttpd.sh with the following code

#!/bin/bash for pid in `ps -C httpd|sed -e ‘s/^\ \+//g’ | grep httpd|awk ‘{print $1}’` do kill $pid done

Leave a comment   bash, FreeBSD, Linux, Redhat Centos, Scripts, Ubuntu