RSS Blog OpenKod

  • How to push Snort, Bro, YAF log to Metron 20th June 2017
    Install the Metron Bro plugin into your Bro install. This will push the Bro output into Kafka so that Metron can consume it. https://github.com/apache/metron/tree/master/metron-sensors/bro-plugin-kafka You can use the Ansible deployment steps as instructions for one, simple way to pipe YAF and Snort output into Kafka. This is only suitable for small scale testing. https://github.com/apache/metron/tree/master/metron-deployment/roles/yaf https://github.com/apache/metron/tree/master/metron-deployment/roles/snort […]
    hasan
  • Squid and Squid 5th April 2017
    It’s all about squid Problem : [email protected]:/etc# tail -f /var/log/syslogSep 23 23:33:16 proxy kernel: [14772.979413] TCP: too many of orphaned sockets Solution : http://blog.tsunanet.net/2011/03/out-of-socket-memory.html Tunning settings in sysctl.conf http://www.frozentux.net/ipsysctl-tutorial/ipsysctl-tutorial.html#AEN412 TCP Tunning http://web.archive.org/web/20111225052722/http://fasterdata.es.net/fasterdata/host-tuning/linux/ Reload file /etc/sysctl.conf after editing without restart the server [email protected]:/etc# sysctl -p http://xmodulo.com/2012/04/how-to-reload-sysctlconf.html      
    hasan
  • Multiple Vulnerabilities in Drupal Could Allow for Remote Code Execution 20th March 2017
    MS-ISAC ADVISORY NUMBER:2017-028 DATE(S) ISSUED:03/16/2017 SUBJECT:Multiple Vulnerabilities in Drupal Could Allow for Remote Code Execution OVERVIEW: Multiple vulnerabilities have been discovered in Drupal core module, the most severe of which could allow for remote code execution. Drupal is an open source content management system (CMS) written in PHP. Successful exploitation of the most severe of […]
    hasan
  • Microsoft Security Advisory 4010983 15th March 2017
    Vulnerability in ASP.NET Core MVC 1.1.0 Could Allow Denial of Service   Published: January 27, 2017 Version: 1.0 Executive Summary   Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.1.0. This advisory also provides guidance on what developers can do to update their applications […]
    hasan
  • Cisco IOS for Catalyst 2960X and 3750X Switches Denial of Service Vulnerability 14th March 2017
    Cisco IOS for Catalyst 2960X and 3750X Switches Denial of Service Vulnerability Medium Advisory ID:  cisco-sa-20170118-catalyst First Published:  2017 January 18 16:00  GMT Last Updated:   2017 March 3 14:08  GMT Version 1.1:  Final Workarounds:  Yes Cisco Bug IDs: CSCva72252 CVSS Score: Base 4.7, Temporal 4.7 CVE-2017-3803 CWE-399    Download CVRF    Download PDF    Email   Summary A vulnerability in the Cisco IOS Software forwarding queue of […]
    hasan
  • Setting up IPv6 in OpenWRT Barrier Breaker for TM Unifi 19th May 2016
    Create new interface for IPv6Network-Interface-Add New Interface..Match below setting   https://advanxer.com/blog/2015/11/setting-up-ipv6-in-openwrt-barrier-bre...
    hasan
  • How to Configure Proxy Settings Using Group Policy Management 24th March 2016
      This snap-in is not available by default; you must download it from Microsoft or use the Active Directory Users and Computers method. Using the Microsoft Group Policy Management Tool Create a New Group Policy Object (GPO) In the Group Policy Management window, under Domains, right-click the domain name. Select Create and Link a GPO Here. The New GPO window appears. […]
    hasan
  • Powering on a virtual machine from the command line when the host cannot be managed using vSphere Client 23rd March 2016
    ESXi 4.x, 5.x and 6.0 To power on a virtual machine from the command line: List the inventory ID of the virtual machine with the command:vim-cmd vmsvc/getallvms |grep Note: The first column of the output shows the vmid.  Check the power state of the virtual machine with the command:vim-cmd vmsvc/power.getstate   Power-on the virtual machine with […]
    hasan
  • CVE-2015-7755: Juniper ScreenOS Authentication Backdoor 22nd December 2015
    On December 18th, 2015 Juniper issued an advisory indicating that they had discovered unauthorized code in the ScreenOS software that powers their Netscreen firewalls. This advisory covered two distinct issues; a backdoor in the VPN implementation that allows a passive eavesdropper to decrypt traffic and a second backdoor that allows an attacker to bypass authentication in the […]
    hasan
  • How to prepare configure.ac 16th December 2015
    I got it to create the configure script using the following tools:   libtoolize --force aclocal autoheader automake --force-missing --add-missing autoconf ./configure  
    hasan