Skip to content

Instantly share code, notes, and snippets.

View jeffgeiger's full-sized avatar

Jeff Geiger jeffgeiger

39 followers · 5 following
View GitHub Profile
@dcode
dcode / snort_unified2_output.sh
Created January 19, 2016 21:10
Configure Snort w/ the RPM for unified2 output
sudo sed -i'' 's/^# output unified2/output unified2/' /etc/snort/snort.conf
sudo sed -i'' 's/ALERTMODE/#ALERTMODE/' /etc/sysconfig/snort
@drmalex07
drmalex07 / README-oneshot-systemd-service.md
Last active July 7, 2024 19:47
An example with an oneshot service on systemd. #systemd #systemd.service #oneshot

README

Services declared as oneshot are expected to take some action and exit immediatelly (thus, they are not really services, no running processes remain). A common pattern for these type of service is to be defined by a setup and a teardown action.

Let's create a example foo service that when started creates a file, and when stopped it deletes it.

Define setup/teardown actions

Create executable file /opt/foo/setup-foo.sh:

@dcode
dcode / kafka commands.md
Last active August 19, 2021 15:47
Some kafka operations

Commands to check various states of Kafka

NOTE: Code blocks indicate input on prompt with a '$'. Everything else is output

Create a new topic

$ /opt/kafka/bin/kafka-topics.sh --topic my_topic --zookeeper localhost:2181 --create --partitions 1 --replication-factor 1
Created topic "my_topic".
@dcode
dcode / install-bro-w_pfring_and_options.sh
Created October 22, 2015 14:02
Install bro packages that include PF_RING and optional performance enhancements on CentOS 7
# Install epel
sudo yum -y install epel-release
# Install kernel headers for current kernel
sudo yum install -y kernel-devel-$(uname -r) kernel-headers-$(uname -r)
# Install ntop repos
cat << EOF | sudo tee /etc/yum.repos.d/ntop.repo
[ntop]
name=ntop packages
@skout23
skout23 / GeoIP Product Id's
Created August 14, 2015 00:03
ProductID Database
106 GeoIP.dat
111 GeoIPOrg.dat
112/115 GeoIPRegion.dat
117 GeoIPASNum.dat
119 GeoIPUserType.dat
121/122 GeoIPISP.dat
132/133 GeoIPCity.dat
135 GeoIPAreaCode.dat
137 GeoIPDMACode.dat
@dcode
dcode / gist:21a3bdff757f81e9be95
Created March 23, 2015 20:02
Gource, fed from bro conn.log in real-time.
# See details in this blog entry:
# http://www.echothrust.com/blogs/monitoring-pf-logs-gource
ssh sensor01 "stdbuf -i0 -o0 -e0 tail -F -n +1 /var/opt/bro/logs/current/conn.log | stdbuf -i0 -o0 -e0 /opt/bro/bin/bro-cut -F\| ts id.orig_h id.resp_h id.resp_p proto" | stdbuf -i0 -o0 -e0 awk -F\| -vOFS=\| '{ gsub(/\..+/, "", $1); print $1, $2, "A", "/"$3"/"$2"/"$2":"$5"."$4,"#FF00ff"}' | ./gource --multi-sampling --no-vsync --title "bro conn activity" --key --realtime --highlight-users --highlight-dirs --user-friction 0.2 --user-scale 0.8 --log-format custom --disable-auto-rotate -i 0 -
@staringispolite
staringispolite / asciiputsonglasses
Last active January 20, 2025 07:52
Ascii art sunglasses meme
Puts on glasses:
(•_•)
( •_•)>⌐■-■
(⌐■_■)
Takes off glasses ("mother of god..."):
(⌐■_■)
( •_•)>⌐■-■
@ipedrazas
ipedrazas / knife cheat
Last active December 13, 2021 11:50
Hello!
# knife cheat
## Search Examples
knife search "name:ip*"
knife search "platform:ubuntu*"
knife search "platform:*" -a macaddress
knife search "platform:ubuntu*" -a uptime
knife search "platform:ubuntu*" -a virtualization.system
knife search "platform:ubuntu*" -a network.default_gateway
@andybarilla
andybarilla / hover.py
Last active August 5, 2023 06:21
DDNS Script for Hover (using their unofficial API)
#!/usr/bin/env python
"""hover.py: Provides dynamic DNS functionality for Hover.com using their unofficial API.
This script is based off one by Dan Krause: https://gist.github.com/dankrause/5585907"""
__author__ = "Andrew Barilla"
__credits__ = ["Andrew Barilla", "Dan Krause"]
__license__ = "GPL"
__version__ = "1.0"
__maintainer__ = "Andrew Barilla"
@dcode
dcode / build_bro_nightly.sh
Last active July 25, 2019 04:33
Build Bro nightly & bro-plugins on CentOS 7.x
# Build Bro from Source on CentOS 7
## Install EPEL
sudo yum -y install epel-release
## Install runtime dependencies - These will be needed once the RPM is built
sudo yum -y install libpcap openssl-libs bind-libs zlib bash python libcurl gawk GeoIP jemalloc
## Install the build dependencies
sudo yum -y install @development libpcap-devel openssl-devel bind-devel zlib-devel cmake git perl libcurl-devel GeoIP-devel python-devel jemalloc-devel swig rpmdevtools