Table of contents
Rohan rohan-molloy
rohan-molloy
/ Using CloudNS to host LAN DNS.md
Last active
September 30, 2018 07:12
Using CloudNS to host LAN DNS
rohan-molloy
/ generate-ipset.sh
Created
March 30, 2018 19:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| primary="badnets" | |
| ipset create $primary hash:net &>/dev/null | |
| if [[ -z "$sets" ]]; then | |
| sets=( firehol_level3 firehol_level2 firehol_level1 firehol_webclient ); | |
| fi | |
| for s in "${sets[@]}"; do |
rohan-molloy
/ Cisco-NAT.md
Last active
July 31, 2018 14:45
Allows a single globally routable address to be shared between multiple hosts on a network
This is one of the most frequently encountered type of NAT and is probably implemented on your home router.
When it sends out traffic, the router needs to change the source address from 192.168.1.x to whatever globally routable address is assigned on the "outside" interface. It needs to keep track of these egress translations so that it can direct the replies to the appropriate inside address.
1. Configure LAN interface
rohan-molloy
/ create-ipsets
Created
April 20, 2018 01:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| ipset create badnets hash:net &>/dev/null | |
| [[ -z "$sets" ]] && \ | |
| sets=( firehol_level3 firehol_level2 firehol_level1 firehol_webclient ); | |
| for s in "${sets[@]}"; do | |
| wget -qO- "https://iplists.firehol.org/files/"$s".netset" | grep -v "^#" |\ | |
| while read entry; do |
rohan-molloy
/ cert.md
Created
April 26, 2018 12:11
rohan-molloy
/ sshd_config
Last active
August 3, 2018 14:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Protocol options | |
| # | |
| Protocol 2 | |
| Port 22 | |
| AddressFamily inet | |
| ListenAddress 0.0.0.0 | |
| # | |
| # Host Keys | |
| # |
rohan-molloy
/ gist:686bff358f3427a1a79119371e521011
Created
June 14, 2018 12:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (for ip in $(grep -E 'sshd.*Invalid' /var/log/auth.log |awk '{print $NF}');do | |
| dig $(tac -s.<<<"$ip.")origin.asn.cymru.com +noedns +short txt|tr -d \";done)|sort -s -n -k 1,1 | |
rohan-molloy
/ gist:ee7cb959b20c173291731b7285dd70d1
Created
August 1, 2018 12:56
truncating line with sed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Remove the last nchars from each line | |
| truncateLines(){ | |
| d=`for ((i=1; i<=$nchars; i++)); do echo -n .; done` | |
| sed 's/'$d'$//' | |
| } |
rohan-molloy
/ sshd_config.md
Created
September 2, 2018 20:53
Port 22
AddressFamily inet
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
KexAlgorithms [email protected],diffie-hellman-group-exchange-sha256