Recent posteets

Sort by: Date / Title /

  1. 11 months ago by sox and saved by 1 other
    1. date -s "$(ssh user@server date -R)"
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2175"></script>
  2. 11 months ago by sox
    service ntp stop
    ntpd -gq -c /etc/ntp.conf
    service ntp start
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2174"></script>
  3. 1 year ago by spirit
    Dots denote echo request without echo reply. The more points you have the more the connection is unreliable
    ping –f –i 0.0001 –s 10000 192.168.0.1
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2173"></script>
  4. sponsorised links
  5. 1 year ago by spirit
    SI(SIERREUR(TROUVE("K";F107); 0); GAUCHE(F107;TROUVE("K";F107)-1)*1024;SI(SIERREUR(TROUVE("M";F107); 0); GAUCHE(F107;TROUVE("M";F107)-1)*1024*1024;SI(SIERREUR(TROUVE("G";F107); 0); GAUCHE(F107;TROUVE("G";F107)-1)*1024*1024*1024;F107)))
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2172"></script>
  6. 1 year ago by spirit
    1. #Adding/Modifying Rules
    2.  
    3. #    Watch for files
    4.  
    5. auditctl -w /etc/yum.conf -p wa  -k yum_watch
    6. auditctl -w /usr/bin/nmap -p x   -k nmap_watch
    7. auditctl -w /etc/shadow   -p rwa -k shadow_watch
    8.  
    9. #    Remove a rule using auditctl
    10.  
    11. auditctl -W /etc/shadow -p rwa -k shadow_watch
    12.  
    13. #    Watching for ptrace system call
    14.  
    15. auditctl -a entry,always -F arch=b64 -S ptrace -k info_scan
    16.  
    17. #    Suppress 32bit clock_gettime & fstat64 system calls
    18.  
    19. -a entry,never -F arch=b32 -S clock_gettime -k clock_gettime
    20. -a entry,never -F arch=b32 -S fstat64 -k fstat64
    21.  
    22. #    Audit files opened by a specific user
    23.  
    24. auditctl -a exit,always -S open -F auid=2010
    25. auditctl -a exit,always -F arch=b64 -F auid=2010  -F uid=2010 -F path=/etc/hosts -S open
    26.  
    27. #    Audit unsuccessful attempts for multiple system calls where user id is greater than or equal to 500
    28.  
    29. auditctl -a always,exit -F arch=b32 -S creat -S open -S openat -S truncate -S ftruncate -F exit=-EACCES -F auid>=500
    30. auditctl -a always,exit -F arch=b32 -S creat -S open -S openat -S truncate -S ftruncate -F exit=-EPERM -F auid>=500
    31.  
    32. #Reporting/Searching
    33.  
    34. #    List all rules
    35.  
    36. auditctl -l
    37.  
    38. #    List status
    39.  
    40. auditctl -s
    41.  
    42. #    Report on watched files. Date format is local to the server's date format.
    43.  
    44. aureport -f
    45. aureport -f --start 02/18/10 17:42:00
    46. aureport -f --start 02/18/10 17:00:00 --end 02/18/10 17:10:00
    47. aureport -f -ts this-week
    48. aureport -f -ts today
    49.  
    50. #    Search by system call
    51.  
    52. ausearch -sc ptrace -i
    53.  
    54. #    Search for user id or effective user id
    55.  
    56. ausearch -ui 2010
    57. ausearch -ue 2010
    58.  
    59. #    Lists all auth attempts and their result
    60.  
    61. aureport -au
    62.  
    63. #    List just logins
    64.  
    65. aureport -l
    66.  
    67. #    List account modification attempts.
    68.  
    69. aureport -m
    70.  
    71. #    Search events where success value is no, User id is 500 and key is nmap_watch
    72.  
    73. ausearch -sv no -ua 500 -k nmap_watch
    74.  
    75. #    Search by executable
    76.  
    77. ausearch -x /usr/bin/nmap
    78.  
    79. #    Search by terminal
    80.  
    81. ausearch -tm pts/0
    82.  
    83. #    Search by daemon. Stuff like cron log terminal as the daemon name
    84.  
    85. ausearch -tm cron
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2171"></script>
  7. 1 year ago by spirit
    1. ssh root@remote.host "rpm -qa" | xargs yum -y install
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2170"></script>
  8. 1 year ago by spirit and saved by 1 other
    1. dateset="$(sshuser@server date)"
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2169"></script>
  9. 1 year ago by spirit
    shell, remote, ssh, command
    1. ssh host -l user $(<cmd.txt)
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2168"></script>
  10. 1 year ago by spirit
    1. mysqldump –add-drop-table –extended-insert –force –log-error=error.log -uUSER -pPASS OLD_DB_NAME | ssh -C user@newhost "mysql -uUSER -pPASS NEW_DB_NAME"
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2167"></script>
  11. 1 year ago by xarkam
    1. echo '<?php phpinfo(); ?>' | php 2>&1 |grep -i ssl
    Paste this in your website: <script type="text/javascript" src="http://www.posteet.com/embed/2166"></script>

First / Previous / Next / Last / Page 1 of 82 (816 posteets)