Evented TCP server using eventmachine.
TCP server:
require 'eventmachine'
PORT = 4545
puts "Listening on #{PORT}...\n"
Christopher cleesmith
cleesmith
/ evented_tcp_server.md
Last active
January 1, 2016 18:39
Evented TCP server in 50 lines of ruby code
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # $Id$ | |
| # GENERATORS -> msg map | |
| # Format: generatorid || alertid || MSG | |
| 1 || 1 || snort general alert | |
| 2 || 1 || tag: Tagged Packet | |
| 3 || 1 || snort dynamic alert | |
| 100 || 1 || spp_portscan: Portscan Detected | |
| 100 || 2 || spp_portscan: Portscan Status | |
| 100 || 3 || spp_portscan: Portscan Ended |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2005 Sourcefire, Inc. All Rights Reserved. | |
| # This file is licensed under the GNU General Public License. | |
| # Please see the file LICENSE in this directory for more details. | |
| # Id SID -> MSG map | |
| 100000100 || COMMUNITY EXPLOIT Windows Acrobat Reader Activex Overflow Flowbit || cve,2004-0629 || bugtraq,10947 | |
| 100000101 || COMMUNITY EXPLOIT Windows Acrobat Reader Activex Overflow Exploit || cve,2004-0629 || bugtraq,10947 | |
| 100000102 || COMMUNITY GAME Halocon Denial of Service Empty UDP Packet || bugtraq,12281 | |
| 100000103 || COMMUNITY GAME Breed Game Server Denial of Service Empty UDP Packet || bugtraq,12262 | |
| 100000104 || COMMUNITY GAME Amp II 3D Game Server Denial of Service Empty UDP Packet || bugtraq,12192 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Install Snort and Barnyard2 virtualbox ubuntu 12.04 and 14.04 | |
| Aug 2014: | |
| Snort: | |
| ... in virtualbox set Network + Advanced 'Promiscuous Mode' to 'Allow All' | |
| sudo apt-get install snort | |
| ps aux | grep -i snort | |
| sudo service snort stop | |
| sudo nano /etc/snort/snort.conf |
cleesmith
/ Security Onion installation
Last active
October 11, 2025 22:59
Security Onion installation in a virtualbox
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Security Onion | |
| Aug 2014: | |
| ... my purpose for installing this was to: | |
| - learn more about security stuff | |
| - steal the packet captures (pcap) provided so I can replay them using tcpreplay for snort testing, | |
| as it's not so sexy to just test using ICMP ping data or local rules that match anything | |
| see: | |
| http://blog.securityonion.net/ |
cleesmith
/ detect_motion.py
Created
September 15, 2014 06:46
simple motion detection using picamera
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import signal | |
| import numpy as np | |
| import picamera | |
| import picamera.array | |
| import datetime | |
| import logging | |
| logging.basicConfig(level=logging.INFO, format="%(message)s") | |
| LOG = logging.getLogger("capture_motion") |
cleesmith
/ detect_motion_socket_send.py
Created
September 15, 2014 09:53
Client to run on RPi and send motion detected jpg images to server.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import signal | |
| import io | |
| import socket | |
| import numpy as np | |
| import picamera | |
| import picamera.array | |
| import datetime | |
| import logging |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import datetime | |
| HOST = '192.168.0.2' | |
| PORT = 9876 | |
| ADDR = (HOST,PORT) | |
| BUFSIZE = 4096 | |
| serv = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| serv.bind(ADDR) | |
| serv.listen(5) |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
cleesmith
/ suricata2install
Last active
September 23, 2018 21:31
install/test Suricata on a virtualbox with Ubuntu 14.04 installed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Suricata | |
| Nov 2, 2014: | |
| ... don't waste time installing it on osx :( | |
| instead, try it on ubuntu 14.04 using virtualbox, much better, and more like a real server: | |
| sudo apt-get install build-essential automake libtool bison subversion pkg-config | |
| sudo apt-get install libxml2-dev libxslt-dev autoconf libc6-dev ncurses-dev libpcre3 libpcre3-dev | |
| sudo apt-get install openssl libreadline6 libreadline6-dev curl git-core zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 | |
| sudo apt-get install libnet1 libnet1-dev | |
| sudo apt-get install libpcap-dev libpcap0.8 libpcap0.8-dev | |
| sudo apt-get install libcap-ng-dev |
OlderNewer