| global ext_map: table[string] of string = { | |
| ["application/x-dosexec"] = "exe", | |
| ["application/zip"] = "zip", | |
| ["application/x-gtar"] = "gzip", | |
| ["application/x-rar-compressed"] = "rar", | |
| ["application/x-apple-diskimage"] = "dmg", | |
| ["application/x-7z-compressed"] = "tz", | |
| ["application/x-gzip"] = "gz", | |
| ["application/x-bzip2"] = "bz", | |
| ["application/x-lzma"] = "lzma", |
| #!/bin/bash | |
| LINES=$(wc -l /nsm/bro/logs/current/intel.log | awk '{print $1}') | |
| if [[ $LINES -gt 8 ]]; then | |
| echo -e "<font face='monospace, monospace' size='1'>\n<pre>\n $(cat /nsm/bro/logs/current/intel.log | while read line; do echo "$line </br>"; done) \n</pre>\n</font>" | mail -a "Content-Type: text/html" -s "Bro Intel Hits - $(date)" [email protected] | |
| fi | |
| exit 0 |
| #!/usr/bin/env ruby | |
| # Parse nginx logs with ruby | |
| # http://rubular.com/r/2wVbwiZPMS | |
| # (?<ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) - .{0}- \[(?<day>[\d]{2})\/(?<mon>[\w]+)\/(?<yr>[\d]{4})\:(?<hr>[\d]{2})\:(?<min>[\d]{2})\:(?<sec>[\d]{2}) [^$]+\] "(?<method>GET|POST|PUT|DELETE) (?<uri>[^\s]+?) HTTP\/1\.1" (?<response>[\d]+) [\d]+ "(?<referrer>[^\s]+?)" "(?<agent>[^\"]+?)" | |
| require 'sqlite3' | |
| dbfile = ARGV[0] |
| # Author: Darren Martyn, Xiphos Research Ltd. | |
| # Version: 20150309.1 | |
| # Licence: WTFPL - wtfpl.net | |
| import json | |
| import requests | |
| import sys | |
| import readline | |
| readline.parse_and_bind('tab: complete') | |
| readline.parse_and_bind('set editing-mode vi') | |
| __version__ = "20150309.1" |
| #!/usr/bin/env ruby | |
| =begin | |
| USAGE: | |
| cat example.log | ruby grokparse.rb | |
| =end | |
| require 'rubygems' | |
| require 'grok-pure' | |
| require 'pp' |
Install the source RPM for nginx and move it to you RPM build environment.
cd SOURCES/
tar xvzf nginx-1.6.3.tar.gz
cd nginx-1.6.3
git clone https://github.com/stnoonan/spnego-http-auth-nginx-module.git
cd ..
mv nginx-1.6.3 nginx-spnego-1.6.3
tar cvzf nginx-spnego-1.6.3.tar.gz nginx-spnego-1.6.3/
| #!/bin/bash | |
| /usr/sbin/aide --check 2>&1 | tee /tmp/aide-daily.out | /bin/grep "Looks okay" > /dev/null | |
| if [[ $? -ne 0 ]]; then | |
| LOGDATE=$(date +%s) | |
| cat /tmp/aide-daily.out > /tmp/aide_mail.$LOGDATE | |
| echo -e "\n\n=============\nLOGIN INFO\n=============\n" >> /tmp/aide_mail.$LOGDATE | |
| /bin/last -ax -n 25 >> /tmp/aide_mail.$LOGDATE | |
| cat /tmp/aide_mail.$LOGDATE | mail -s "[ALERT] $(hostname -f) AIDE report" [email protected] |
| */5 * * * * /usr/local/bin/ipupdate.sh >> /var/log/ipupdate.log 2>&1 |
| ping_check() { while :; do PINGRESULT=$(ping -c1 $1 | grep "bytes from"); if [[ $? -eq 0 ]]; then RTT=$(echo $PINGRESULT | awk -F= '{print $NF}'); echo "👍 $RTT"; else echo "💩 NO CONNECTION"; fi; sleep 5; done; } |
| #Silliness abounds | |
| nocolor() { echo -en "\033[0;39m"; } | |
| dots() { clear; while :; do let "first = $RANDOM % 2"; let "second = $RANDOM % 6 +1"; let "PAUSE = $RANDOM % 9 +1"; echo -en "\033[${first};3${second}m⬤ "; sleep .${second}; if [[ $RANDOM -gt 22000 ]]; then echo -en "\b\b\b\b \b\b\b\b"; fi; done; } | |
| arrows() { clear; ARROWS=(⬅ ⬆ ⬇); while :; do let "arrval = $RANDOM % 3"; let "first = $RANDOM % 2"; let "second = $RANDOM % 6 +1"; let "PAUSE = $RANDOM % 9 +1"; echo -en "\033[${first};3${second}m${ARROWS[$arrval]} "; sleep .${second}; if [[ $RANDOM -gt 22000 ]]; then echo -en "\b\b\b\b \b\b\b\b"; fi; done; } |