Jonny5 j0nny55555

data and scripting, with security, via python and other means. things i intend to share may eventually go here. ^_^

7 followers · 14 following

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

linuxmalaysia / sysctl-proxmox-tune.conf

Last active August 14, 2025 19:03 — forked from sergey-dryabzhinsky/sysctl-proxmox-tune.conf

Most popular speedup sysctl options for Proxmox. Put in /etc/sysctl.d/

	###
	# Proxmox or other server kernel params cheap tune and secure.
	# Try it if you have heavy load on server - network or memory / disk.
	# No harm assumed but keep your eyes open.
	#
	# @updated: 2020-02-06 - more params used, adjust some params values, more comments on params
	# Origin https://gist.github.com/sergey-dryabzhinsky/bcc1a15cb7d06f3d4606823fcc834824
	# @updated: 2023-12-21 - To test with proxmox v8
	# # update: https://gist.github.com/linuxmalaysia/7ba3ded2dd3ec7f2491e549e6dcd73ec

fox-srt / juniper-cve-2015-7755.rules

Last active August 23, 2016 15:52

Snort coverage for Juniper ScreenOS backdoor

	# Signatures to detect successful abuse of the Juniper backdoor password over telnet.
	# Additionally a signature for detecting world reachable ScreenOS devices over SSH.

	alert tcp $HOME_NET 23 -> any any (msg:"FOX-SRT - Flowbit - Juniper ScreenOS telnet (noalert)"; flow:established,to_client; content:"Remote Management Console\|0d0a\|"; offset:0; depth:27; flowbits:set,fox.juniper.screenos; flowbits:noalert; reference:cve,2015-7755; reference:url,http://kb.juniper.net/JSA10713; classtype:policy-violation; sid:21001729; rev:2;)
	alert tcp any any -> $HOME_NET 23 (msg:"FOX-SRT - Backdoor - Juniper ScreenOS telnet backdoor password attempt"; flow:established,to_server; flowbits:isset,fox.juniper.screenos; flowbits:set,fox.juniper.screenos.password; content:"\|3c3c3c20257328756e3d2725732729203d202575\|"; offset:0; fast_pattern; classtype:attempted-admin; reference:cve,2015-7755; reference:url,http://kb.juniper.net/JSA10713; sid:21001730; rev:2;)
	alert tcp $HOME_NET 23 -> any any (msg:"FOX-SRT - Backdoor - Juniper Scr

garlandkr / redis_es_ls.md

Created September 20, 2012 01:28

Installing Redis Elasticsearch and Logstash

This will be a copy/paste doc for installing redis, elasticsearch and logstash on ubuntu 12.04

Pre-Requisites

apt-get update
apt-get upgrade
apt-get install tcl8.5 tcl8.5-dev build-essential rubygems git \
htop python-dev openjdk-7-jre-headless libcurl4-openssl-dev \
bison ctags flex gperf libevent-dev libpcre3-dev libssl-dev libreadline6-dev \
libtokyocabinet-dev libncursesw5-dev libxml2-dev libxslt1-dev libsqlite3-dev \

ollyg / logstash.conf

Created June 20, 2012 13:29

logstash config and filter to fully parse a syslog message (PRI, timestamp, host)

	filter {
	# strip the syslog PRI part and create facility and severity fields.
	# the original syslog message is saved in field %{syslog_raw_message}.
	# the extracted PRI is available in the %{syslog_pri} field.
	#
	# You get %{syslog_facility_code} and %{syslog_severity_code} fields.
	# You also get %{syslog_facility} and %{syslog_severity} fields if the
	# use_labels option is set True (the default) on syslog_pri filter.
	grok {
	type => "syslog-relay"