# check banned ip address
iptables -L
# check banned ip addresses and rules
iptables -L -n
# check for specific ip address on ban list
iptables -L -n | grep IPADDRESSHERE
Greg Elin gregelin
gregelin
/ IoT-and-Regulation.md
Last active
March 12, 2017 22:09
Interesting reads regarding government regulation of the Internet of Things
Optional readings. Feel free to attach other suggestions.
- Page 117 starts to discuss IoT's 4 problems (paraphrased): (1) unexpected inferences leading to discrimination; (2) difficulty of de-identifying IoT generated data; (3) hacking and security breaches; and (4) privacy policy, notice and choice in small screenless devices generating data.
- p 148 Peppet does not think much federal regulation or a new agency is currently possible but suggests "four messy and imperfect first steps toward regulating the Internet of Things: (1) broadening
gregelin
/ service-checklist.md
Created
November 6, 2016 13:12
— forked from marktheunissen/service-checklist.md
Internet Scale Services Checklist
A checklist for designing and developing internet scale services, inspired by James Hamilton's 2007 paper "On Desgining and Deploying Internet-Scale Services."
- Does the design expect failures to happen regularly and handle them gracefully?
- Have we kept things as simple as possible?
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| BEGIN:VCALENDAR | |
| VERSION:2.0 | |
| CALSCALE:GREGORIAN | |
| BEGIN:VEVENT | |
| TRANSP:TRANSPARENT | |
| DTEND;VALUE=DATE:20161021 | |
| UID:1D6F8E2E-F907-4185-BEBD-F0C36434FA87 | |
| DTSTAMP:20160922T192555Z | |
| LOCATION:2011 Wilson Blvd\nArlington VA 22201\nUnited States | |
| DESCRIPTION:HOLD FOR OPENCONTROL EVENT.\n\nSocial Gathering/Symposium on |
We are group of technologists, government staff, contractors and others in regulated fields committed to Compliance-as-Code. We are developing a community and tools at http://open-control.org necessary to align security assessments and authorizations with modern, continuous software development and delivery.
Below are upcoming webinars introducing our current work: OpenControl and Compliance-Masonry.
This webinar will introduce you to OpenControl as a community, data schema and tools to support Compliance-as-Code.
gregelin
/ ssg-rhel6-stig-ks.cfg
Created
June 12, 2016 22:25
SCAP Security Guide DoD STIG profile kickstart for Red Hat Enterprise Linux 6 Server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SCAP Security Guide DoD STIG profile kickstart for Red Hat Enterprise Linux 6 Server | |
| # Version: 0.0.1 | |
| # Date: 2015-04-08 | |
| # Url: http://people.redhat.com/swells/ssg-rhel6-stig-ks.cfg | |
| # | |
| # Based on: | |
| # http://fedoraproject.org/wiki/Anaconda/Kickstart | |
| # https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Installation_Guide/s1-kickstart2-options.html | |
| # http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg | |
| # |
gregelin
/ SCAP-CentOS-NotApplicable.md
Last active
February 22, 2022 21:50
Explanation of SCAP, CentOS and tests Not Applicable
This note explains the common issue of "notapplicable" results when running openSCAP and SCAP-Security-Guide on CentOS.
SCAP seems like it should be easy because it is "just XML". Then you dig into looking for a test and it gets confusing fast. So it is good to have some background.
SCAP (Security Content Automation Protocol) is actually a set of multiple standards and specifications that are used together to enable automatically testing hundreds of nerd settings. Let me emphasize that: SCAP is not a single XML specification -- SCAP is multiple standards and specs. Whenever you give "SCAP Content" to a scanner to check a system configurations you are giving the scanner multiple XML files representing multiple standards.
gregelin
/ getstatusoutput.py
Created
October 31, 2015 10:27
Python return (status, output) of executing cmd in a shell.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def getstatusoutput(cmd): | |
| """Return (status, output) of executing cmd in a shell.""" | |
| """This new implementation should work on all platforms.""" | |
| import subprocess | |
| pipe = subprocess.Popen(cmd, shell=True, universal_newlines=True, | |
| stdout=subprocess.PIPE, stderr=subprocess.STDOUT) | |
| output = str.join("", pipe.stdout.readlines()) | |
| sts = pipe.wait() | |
| if sts is None: | |
| sts = 0 |
gregelin
/ control_masonry_compliancelib.gliffy
Created
October 13, 2015 17:17
Control Masonry plan with assets available from compliancelib after packaging some code from GovReady/800-53-server prototypes Raw
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"contentType":"application/gliffy+json", | |
| "version":"1.3", | |
| "stage":{"background":"#FFFFFF", | |
| "width":1518, | |
| "height":975, | |
| "nodeIndex":193, | |
| "autoFit":true, | |
| "exportBorder":false, | |
| "gridOn":true, | |
| "snapToGrid":true, |