Skip to content

Instantly share code, notes, and snippets.

View zukko78's full-sized avatar

zukko78

5 followers · 44 following
View GitHub Profile
@zukko78
zukko78 / gist:71f7cb79727d11237363bd2978e6c4ad
Created February 10, 2023 02:23 — forked from ipedrazas/gist:2c93f6e74737d1f8a791
List Docker Container Names and IPs
function drips(){
docker ps -q | xargs -n 1 docker inspect --format '{{ .NetworkSettings.IPAddress }} {{ .Name }}' | sed 's/ \// /'
}
@zukko78
zukko78 / quick-ref-etcd
Created May 24, 2023 21:02 — forked from hexfusion/quick-ref-etcd
# sniff hypervisor
dmesg | grep Hypervisor
[ 0.000000] Hypervisor detected: KVM
# get key in bytes
etcdctl get $key -w fields | grep -oP "(?<=Value\" : \").*" | wc -c
# defrag status in MB
cat etcd_info/endpoint_status.json | jq '(.[0].Status.dbSize - .[0].Status.dbSizeInUse)/1000/1000'
@zukko78
zukko78 / mysql-tcpdump.sh
Created June 19, 2023 19:54 — forked from bom-d-van/mysql-tcpdump.sh
tcpdump advanced filters
# https://www.percona.com/blog/2008/11/07/poor-mans-query-logging/
tcpdump -i eth0 -s 0 -l -w - dst port 3306 | strings | perl -e '
while(<>) { chomp; next if /^[^ ]+[ ]*$/;
if(/^(SELECT|UPDATE|DELETE|INSERT|SET|COMMIT|ROLLBACK|CREATE|DROP|ALTER)/i) {
if (defined $q) { print "$q\n"; }
$q=$_;
} else {
$_ =~ s/^[ \t]+//; $q.=" $_";
}
@zukko78
zukko78 / systemd_service_hardening.md
Created January 24, 2024 05:31 — forked from ageis/systemd_service_hardening.md
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict