Sunday, December 28, 2014

Geekempire's BadIP List

I have automated a list of bad IP's.  These IP's have performed malicious activities against our servers. The list rotates daily. Feel free to download and use these IP's in your snort, bro, firewall, wallpaper, or any place you feel fit. We make no warranty to our list. Use at your own risk.

The list is available for download.
http://badiplist.geekempire.com/files/geekempire_badiplist.current

Sunday, December 21, 2014

Website Hosting Services Shutdown

After over 10 years in the Web Hosting Business, Geekempire Hosting is shutting down its web hosting services. All currently hosted sites will be able to use the hosting system until the end of its hosting plan. We are going to keep the domain business going, and have no plans of shutting down our reseller services. EmpireDNS (http://www.empiredns.com) is the new site for managing domain names, DNS, and ssl certificates.

Further news and communication will be posted on the Geekempire Hosting website: http://www.geekempirehosting.com

Sunday, September 14, 2014

OnionSalt Saltstack Cheat Sheet

I was asked by a couple of folks about some handy dandy salt commands that would help with a Security Onion deployment with Onionsalt at BSides Augusta and the Security Onion Conference. So being true to my word here are a few good things to know when writing your own salt scripts. Also feel free to fork and contribute to my repo on github HERE.

Let's start with some basics.

createadirectoy:
  file.directory:
    - name: /opt/somedir

Createdirectory is the name of the task we are performing. We are saying make sure you have the directory /opt/somedir

managedfile:
  file.manage:
    - name: /opt/somedir/somefile.sh
    - source: salt://files/somefile.sh

We are saying in that last example always make sure that /opt/somedir/somefile.sh matches the one we have on our salt file area.

manageddirectory:
  file.recurse:
    - name: /opt/somedir
    - source: salt://files/somedir

This says lets make sure that all the files in file/somedir are copied to /opt/somedir

runascriptatcheckin:
  cmd.script:
    - source: salt://scripts/somescript.sh
    - shell: /bin/bash
    - cwd: /root

Sometime you want to write a script that you run every time the minion checks in. I typically use this to check certain states on the box to make sure everything looks good. We are saying use bash to execute the script somescript.sh from the /root directory.

runsomecommand:
  cmd.run:
    - name: df -h

This one is if you just want to run some sort of command each time something checks in.

watchsomethingthendosomething:
  cmd.wait:
    - name: service httpd restart
    - watch:
      - file: /etc/httpd.conf
      - file: /etc/somedir

Here we are saying watch for anything changing in the httpd.conf or any file in /etc/somedir and if you see something run "service httpd restart"

These are a few easy things to use to get you started in writing your own salt scripts. Saltstack.com has a lot of documentation that can enable you to get much deeper than this.