elasticsearch reference

Tools– head for Chrome (ElasticSearch Head – Chrome Web Store)– Postman (link)– Insomenia (link)– elasticdump – nodejs (link) Monitoring– ps_mem.py – monitor real memory utilization (github link)– ps -eo size,pid,user,command –sort -size | awk ‘{ hr=$1/1024 ; printf(“%13.2f Mb “,hr) } { for ( x=4 ; x< =NF ; x++ ) { printf(“%s “,$x) } […]

Web server tuning (apache and nginx)

Key points enable http2 & change mpm prefork to event php-fpm   Enable http2 On apache + prefork to event –¬†https://techwombat.com/enable-http2-apache-ubuntu-16-04/ sudo add-apt-repository ppa:ondrej/apache2 sudo apt update sudo apt upgrade sudo apt install php7.0-fpm sudo a2enmod proxy_fcgi setenvif sudo a2enconf php7.0-fpm sudo a2dismod php7.0 sudo a2dismod mpm_prefork sudo a2enmod mpm_event sudo service apache2 restart sudo […]

Elasticsearch notes

Useful links Elasticdump – http://blog.ruanbekker.com/blog/2017/11/22/using-elasticdump-to-backup-elasticsearch-indexes-to-json/ sudo npm install n -g sudo n stable   https://www.digitalocean.com/community/tutorials/how-to-interact-with-data-in-elasticsearch-using-crud-operations Delete by time https://hobo.house/2016/02/18/how-to-manually-clean-indexes-from-elasticsearch/  

Installing cuckoo sandbox on Mac OS

Cuckoo sandbox is an automated malware analysis system. Its does utilize virtualization engine to isolate malware execution and analysis. You will be given a web-interface, as well as CLI tools to communicate with cuckoo, such to upload, and reviewing all reports. I’ve found a complete tutorial on this. http://advancedmalwareprotection.blogspot.com/2012/03/installing-cuckoo-on-max-os-x-lion.html Hope this would help anyone to […]

wp-login.php brute force

Lately my server is receiving many request for wordpress brute-force attempts. Some of them do slow us down. The server resources were just wasted for the request. So, some searches got me to this site, which provide a good mod_security config to block this attack for a short period. http://www.frameloss.org/2011/07/29/stopping-brute-force-logins-against-wordpress/ This is just a snippet, […]

flow duplicator

Nowadays I able to play around with flow data. Flow provide detail information on network traffic, for various purpose such as network monitoring, bandwidth monitor, traffic accounting archive and for security purpose. We have configured a layer 2/3 switch to send sflow data to my monitoring server. Some visualization were done by nfsen, but, its […]