suricata | selks | some basic alert rules

Test for domain (https): Test for domain (http): alert http $HOME_NET any -> $EXTERNAL_NET any (msg:”TEST HOST”; flow:established,to_server; http.method; content:”GET”;; content:””; classtype:unknown; sid:107500113; rev:3; metadata: created_at 2022_02_18, updated_at 2022_02_18;) Test for IP: Test for uri:

nginx | redirect https://domain to different https://domain without browser cert errors

Standard nginx redirect: server { listen 80; listen 443 ssl; server_name http://www.domain-a.tld; return 301 https://www.domain-b.tld; } Produces browser ssl errors (wrong cert) cs before executing the redirecting order the https connection is established between your browser and the orig domain. Solution: Run certbot on the orig domain you redirect from: The bot inserts this […]

SAMBA 4.5 // Gentoo Linux Domain Member // File Server

krb5 pidSources: Strategy This machine file server (domain member server). It will serve domain users profiles, homes and other file stuff. ADDC’s IP is This machines IP is, host name is F4 Principles Users on a domain member will be authenticated by the domain controller. This process uses […]

BASH | Shalla | Squid acl import error | blacklist import // deduplicate shalla blacklists

# SLOW function dedup () { declare -a A_IN=(“${!1}”) declare -a A_OUT=(“${!1}”) for A_IN_ELEM in “${A_IN[@]}”; do II=-1 for A_OUT_ELEM in “${A_OUT[@]}”; do II=$(( $II + 1 )) [[ “x$A_OUT_ELEM” == “x$A_IN_ELEM” ]] && continue [[ “x$A_OUT_ELEM” == “x” ]] && continue echo “$A_OUT_ELEM” | grep -w “$A_IN_ELEM” > /dev/null if [ $? -eq 0 […]