Main public logs

From IT-Arts.net

Combined display of all available logs of IT-Arts.net. You can narrow down the view by selecting a log type, the username (case-sensitive), or the affected page (also case-sensitive).

Logs
(newest | oldest) View ( | ) (20 | 50 | 100 | 250 | 500)
  • 19:31, 5 January 2026 Admin talk contribs created page APPARMOR - Base Documentation (Created page with "Category:Wiki === Managing AppArmor Profiles === AppArmor uses profiles to define the access controls for programs. These profiles specify what resources (such as files, network ports, etc.) a program can access and what actions it can perform. Profiles are written in a human-readable format and can be customized to suit the needs of specific applications. ==== Viewing AppArmor Status ==== To check the status of AppArmor on your system, use the following command:...")
  • 19:29, 5 January 2026 Admin talk contribs created page JELLYFIN - APPARMOR - Base Documentation (Created page with "Category:Wiki APPARMOR_-_Base_Guide === Managing AppArmor Profiles === AppArmor uses profiles to define the access controls for programs. These profiles specify what resources (such as files, network ports, etc.) a program can access and what actions it can perform. Profiles are written in a human-readable format and can be customized to suit the needs of specific applications. ==== Viewing AppArmor Status ==== To check the status of AppArmor on your system, use...")
  • 19:22, 5 January 2026 Admin talk contribs created page JELLYFIN - Debug Mode And Troubleshooting (Created page with "Category:Wiki === Enabling Debug Mode === To enable debug mode in Jellyfin, you need to modify the configuration file or start the server with a specific environment variable. Debug mode provides additional logging and information that can help in diagnosing issues. ==== Modifying the Configuration File ==== To modify the configuration file: * Navigate to the Jellyfin configuration directory. The path will vary depending on your operating system: * Linux: `/et...")
  • 08:50, 22 December 2025 Admin talk contribs created page JELLYFIN - NFO Files (Created page with "Category:Wiki == Example of an NFO File for a Movie == The NFO file for a movie might look like this: <nowiki> <?xml version="1.0" encoding="utf-8"?> <movie> <title>Inception</title> <year>2010</year> <rating>8.8</rating> <plot>Dom Cobb is a thief with the rare ability to enter people's dreams and steal their secrets. He is offered a chance to have his criminal record erased in exchange for implanting an idea into a target's subconscious.</plot>...")
  • 08:00, 22 December 2025 Admin talk contribs created page JELLYFIN - IMDb and OMDb URL Whitelisting (Created page with "Category:Wiki == Necessary IMDb URLs to Whitelist == The following URLs must be whitelisted for Jellyfin to communicate with IMDb: * **IMDb API Base URL**: <nowiki>https://www.imdb.com</nowiki> * **IMDb Data API** (for programmatic access to movie metadata): <nowiki>https://www.imdbapi.com</nowiki> These URLs are crucial for Jellyfin to access IMDb's movie metadata, including titles, ratings, posters, and more. === Troubleshooting IMDb Whitelisting Issues ===...")
  • 07:25, 22 December 2025 Admin talk contribs created page PROXMOX - MTU (Created page with "Category:Wiki == MTU Configuration on Proxmox == MTU (Maximum Transmission Unit) defines the largest size of a packet that can be transmitted over a network. Configuring the correct MTU on Proxmox is crucial for optimizing network performance, preventing fragmentation, and ensuring network efficiency. == MTU on Proxmox NICs == Proxmox Virtual Environment (VE) relies on network interfaces for communication, and each NIC (Network Interface Card) has an MTU value that...")
  • 17:54, 21 December 2025 Admin talk contribs created page JELLYFIN - Documentation (Created page with "Category:Wiki == Installation Steps == === Prerequisites === Run the following command to update your package lists: <nowiki> sudo apt update sudo apt upgrade -y</nowiki> You will also need to install some required dependencies if they aren't already available on your system: <nowiki> sudo apt install -y apt-transport-https ca-certificates software-properties-common</nowiki> === Adding the Jellyfin Repository === Jellyfin provides an official repository for e...")
  • 17:10, 20 December 2025 Admin talk contribs created page MIKROTIK - Base Commands (Created page with "Category:Wiki == Identity, Time and System Management == === System Identity === Set a unique router name for management and logging clarity. <nowiki> /system identity set name=CORE-RTR-01</nowiki> === System Clock and Timezone === Correct time is essential for logs, certificates, and security auditing. <nowiki> /system clock set time-zone-name=Europe/Paris</nowiki> Enable NTP client: <nowiki> /system ntp client set enabled=yes servers=pool.ntp.org</nowiki> =...")
  • 17:06, 20 December 2025 Admin talk contribs created page CISCO-IOS - FEX Commands (Created page with "Category:Wiki == FEX Discovery and Status Commands == === Show FEX Inventory === Displays detected FEX units and their operational state. <nowiki> show fex</nowiki> Example output fields: * FEX number * Description * State (Online, Offline, Configured) * Model * Serial number === Show Detailed FEX Information === <nowiki> show fex detail</nowiki> Includes: * Pinning status * Fabric interfaces * Power state * Host interface count === Show FEX Hardware Invent...")
  • 17:01, 20 December 2025 Admin talk contribs created page BASH - sync-snort2c-tables.sh (Created page with "Category:Wiki == sync-snort2c-tables.sh == <pre> #!/usr/bin/env bash # ============================== # User-defined variables # ============================== # Space-separated list of source pfSense IPs IP_SOURCE_PFSENSE="1.2.3.4 5.6.7.8" # Destination pfSense IP IP_DESTINATION_PFSENSE="10.11.12.13" # SSH user (usually root on pfSense) SSH_USER="root" # Name of the PF table created/managed by snort2c PF_TABLE_NAME="snort2c_blacklist" # Temporary working di...")
  • 16:54, 20 December 2025 Admin talk contribs created page DALORADIUS - Documentation (Created page with "Category:Wiki == System Architecture and Data Flow == daloradius operates as a management abstraction layer above FreeRADIUS, relying entirely on SQL-backed authorization and accounting. === Request Lifecycle === # NAS sends Access-Request # FreeRADIUS preprocesses packet # SQL authorization module queries radcheck and radreply # Group resolution via radusergroup # radgroupcheck and radgroupreply merged by priority # Reply attributes returned to NAS # Accounting p...")
  • 16:47, 20 December 2025 Admin talk contribs created page UBUNTU - Hardening (Created page with "Category:Wiki == Scope and Threat Model == This hardening post-install script is designed to reduce the attack surface of a freshly installed Ubuntu system (server or workstation) by enforcing secure defaults, disabling unnecessary components, and applying defense-in-depth controls. The threat model assumes: * Remote network-based attacks * Local privilege escalation attempts * Misconfiguration exploitation * Persistence via services, cron jobs, or kernel paramete...")
  • 16:44, 20 December 2025 Admin talk contribs created page DEBIAN - Hardening (Created page with "Category:Wiki == Scope and Assumptions == This documentation describes a post-installation hardening script targeting Debian GNU/Linux (stable or LTS). The script is assumed to be executed with root privileges in a controlled environment and adapted to the system’s role (server, VM, workstation, appliance). Assumptions: * System is freshly installed or recently provisioned * Administrator has console or out-of-band access * System role is clearly defined before a...")
  • 16:33, 20 December 2025 Admin talk contribs created page PACKETFENCE - Administration Documentation (Created page with "Category:Wiki == Internal Architecture and Core Components == === Service-Oriented Architecture === PacketFence is composed of multiple specialized services communicating locally and via RADIUS, HTTP(S), and database backends. Key services include: * '''pfconfig''' – Centralized configuration daemon * '''pf::radius''' – Authentication, authorization, and accounting * '''pf::snmp''' – Network device interaction * '''pfqueue''' – Asynchronous task processing...")
  • 15:29, 20 December 2025 Admin talk contribs created page APT-CACHER-NG - Advanced Config (Created page with "Category:Wiki == Architecture and Internal Design == APT-Cacher-NG (ACNG) acts as a specialized HTTP proxy optimized for package managers such as APT. Unlike generic proxies, it understands repository layouts and package metadata patterns. === Request Flow === # Client sends HTTP request for a package or index file # ACNG checks its local cache directory # If present and valid, the cached object is served # If missing or expired, ACNG fetches it from the upstrea...")
  • 15:28, 20 December 2025 Admin talk contribs created page APT-CACHER-NG - Base Config (Created page with "Category:Wiki == Installation == === Debian / Ubuntu === Install the package from the official repositories: <nowiki> sudo apt update sudo apt install apt-cacher-ng</nowiki> The service is automatically started after installation. Check service status: <nowiki> systemctl status apt-cacher-ng</nowiki> Enable it at boot: <nowiki> sudo systemctl enable apt-cacher-ng</nowiki> === RHEL / Rocky / AlmaLinux === Enable EPEL and install: <nowiki> sudo dnf inst...")
  • 17:27, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-netbox (Created page with "Category:Wiki = Filter.d = <nowiki> # /etc/fail2ban/filter.d/http-netbox.conf # Fail2Ban filter for NetBox Web Interface behind Nginx [Definition] # Match failed login attempts in Nginx access log failregex = ^<HOST> - .* "POST /accounts/login/ HTTP/.*" 401 ^<HOST> - .* "POST /auth/login/ HTTP/.*" 401 # Match potential brute force login attempts ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-netbox] enabled = true banaction = %(banaction_a...")
  • 17:24, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-graylog (Created page with "Category:Wiki = Filter.d = <nowiki> # /etc/fail2ban/filter.d/http-graylog.conf # Fail2Ban filter for Graylog Web interface behind Nginx [Definition] # Match failed login attempts in Nginx access log failregex = ^<HOST> - .* "POST /api/login HTTP/.*" 401 ^<HOST> - .* "POST /login HTTP/.*" 401 # Optionally match basic auth failures (if enabled) # failregex = ^<HOST> - .* "GET /.*" 401 ignoreregex = </nowiki> = Jail.conf = <nowiki> [http-graylog]...")
  • 17:09, 16 December 2025 Admin talk contribs created page QUAGGA - Documentation (Created page with "Category:Wiki === Starting the OSPF Daemon === The OSPF daemon (ospfd) is used to configure Open Shortest Path First (OSPF) routing. <nowiki> sudo systemctl start ospfd</nowiki> === Starting the BGP Daemon === The BGP daemon (bgpd) configures Border Gateway Protocol (BGP) routing. <nowiki> sudo systemctl start bgpd</nowiki> == Configuring OSPF == To configure OSPF, the `ospfd.conf` file needs to be modified. This file is usually located in `/etc/quagga/ospfd.c...")
  • 17:03, 16 December 2025 Admin talk contribs deleted page SNORT - crtl-snort2c-fail2ban.sh (content was: "Category:Wiki == crtl-snort2c-fail2ban.sh == <nowiki> #!/bin/bash # Define the IP addresses at the top for easy customization IP_PFSENSE_SOURCE_01="1.2.3.4" IP_PFSENSE_SOURCE_02="1.2.3.5" IP_FAIL2BAN="1.2.3.6" IP_PFSENSE_DEST="1.2.3.7" SSH_KEY="/path/to/your/ssh/key" # Specify your SSH private key location SNORT_TABLE="snort2c" # Define the pfSense Snort table na...", and the only contributor was "Admin" (talk))
  • 17:02, 16 December 2025 Admin talk contribs created page BASH - crtl-snort2c-fail2ban.sh (Created page with "Category:Wiki == crtl-snort2c-fail2ban.sh == <nowiki> #!/bin/bash # Define the IP addresses at the top for easy customization IP_PFSENSE_SOURCE_01="1.2.3.4" IP_PFSENSE_SOURCE_02="1.2.3.5" IP_FAIL2BAN="1.2.3.6" IP_PFSENSE_DEST="1.2.3.7" SSH_KEY="/path/to/your/ssh/key" # Specify your SSH private key location SNORT_TABLE="snort2c" # Define the pfSense Snort table name # Function to fetch banned IPs from the remote pfSense Snort2c table via SSH fetch_pfs...")
  • 16:45, 16 December 2025 Admin talk contribs created page SPLUNK - Filters Documentation (Created page with "Category:Wiki == Understanding Splunk Log Filtering == Splunk log filtering works primarily through the following features: * **Search Processing Language (SPL)**: This is the language used to filter, analyze, and transform data in Splunk. * **Event Types**: Classifying logs into different event types helps in simplifying complex log data into easy-to-analyze categories. * **Field Extraction**: Fields are used to create searchable and filterable data from the raw l...")
  • 16:31, 16 December 2025 Admin talk contribs created page VIRSH - Documentation (Created page with "Category:Wiki == Basic Usage == === Connect to a Hypervisor === You can connect to a local or remote hypervisor with the following command: <nowiki> virsh connect qemu:///system</nowiki> This connects to the local system's hypervisor. For remote systems, replace `qemu:///system` with a URI of the remote host, such as `qemu+ssh://user@hostname/system`. === List Virtual Machines === To list all virtual machines on the system, including running, paused, and shut o...")
  • 16:28, 16 December 2025 Admin talk contribs created page QEMU - Documentation (Created page with "Category:Wiki == QEMU Basics == === Architecture Emulation === QEMU can emulate different hardware architectures. For example, if you want to run a PowerPC-based system on an x86 host, you can use QEMU to emulate PowerPC hardware. <nowiki> qemu-system-ppc -cdrom install.iso -m 1024</nowiki> This command starts a virtual machine emulating a PowerPC architecture with 1024 MB of RAM and an installation ISO image mounted as a CD-ROM. === Virtualization vs. Emulatio...")
  • 16:23, 16 December 2025 Admin talk contribs created page PWGEN - Manpage (Created page with "Category:Wiki == pwgen Manpage == <nowiki> PWGEN(1) General Commands Manual PWGEN(1) NAME pwgen - generate pronounceable passwords SYNOPSIS pwgen [ OPTION ] [ pw_length ] [ num_pw ] DESCRIPTION The pwgen program generates passwords which are designed to be easily memorized by hum...")
  • 14:56, 16 December 2025 Admin talk contribs deleted page FAIL2BAN - Filter.d - Nextcloud (content was: "Category:Wiki = Definition = <nowiki> [Definition] # /etc/fail2ban/filter.d/http-nextcloud.conf # Nextcloud-specific abuse patterns failregex = ^<HOST>.*( # Login related attacks (brute-forcing, password guessing, and login attempts) /index.php.*action=login.*| # Login attempts /index.php.*user.*| # User login page /index.php.*password.*| # Password reset or login-related parameters /index.php.*auth.*|...")
  • 14:55, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-nextcloud (Created page with "Category:Wiki = Definition = <nowiki> [Definition] # /etc/fail2ban/filter.d/http-nextcloud.conf # Nextcloud-specific abuse patterns failregex = ^<HOST>.*( # Login related attacks (brute-forcing, password guessing, and login attempts) /index.php.*action=login.*| # Login attempts /index.php.*user.*| # User login page /index.php.*password.*| # Password reset or login-related parameters /index.php.*a...")
  • 14:54, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-dolibarr (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # Dolibarr specific attack patterns failregex = ^<HOST>.*( # Login-related attacks (Brute-forcing, password guessing) /index.php.*action=login.*| # Login page (login attempt) /index.php.*login.*| # Generic login attempt /index.php.*password.*| # Password reset or login with parameter /index.php.*user.*| # User login attempt...")
  • 14:43, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-wordpress (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # /etc/fail2ban/filter.d/http-wordpress.conf # WordPress specific attack patterns failregex = ^<HOST>.*( # WordPress Core and Admin /wp-admin/install.php.*| # WordPress install script /wp-admin/.*/| # Wildcard to catch all wp-admin paths /wp-login.php.*| # Login page /wp-activate.php.*| # Account activation /wp-config.php...")
  • 14:34, 16 December 2025 Admin talk contribs deleted page FAIL2BAN - Common-Web-Vulnerabilities (content was: "Category:Wiki == Jail.conf == <nowiki> [web-vulnerabilities] enabled = true action = iptables-multiport[name=web_vulns, port="http,https"] logpath = /var/log/nginx/access.log # Or adjust based on your web server log path maxretry = 3 bantime = 3600 # 1 hour ban findtime = 600 # 10 minutes to check for repeated offenses</nowiki> == web-vulnerabilities.conf == <nowik...", and the only contributor was "Admin" (talk))
  • 14:34, 16 December 2025 Admin talk contribs deleted page FAIL2BAN - Unban IP (content was: "Category:Wiki <nowiki> fail2ban-client set <JAILNAME> unbanip <IP></nowiki>", and the only contributor was "Admin" (talk))
  • 14:30, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-kevins (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # Script-kiddies and Kevins patterns failregex = ^<HOST>.*/wp-content/plugins/hellopress/wp_filemanager.php.* ^<HOST>.*/wp-includes/rest-api/alfa-rex.php7.* ^<HOST>.*/widgets.php.* ^<HOST>.*/b.php.* ^<HOST>.*/admin.php.* ^<HOST>.*/autoload_classmap.php.* ^<HOST>.*/wp-activate.php.* ^<HOST>.*/db.php.* ^<HOST>.*/bless.php.* ^<HOST>.*/blurbs.php.* ^<HOST>.*/cord.php.* ^<HOST>.*/axx.php...")
  • 14:28, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-xss (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-xss.conf # Cross-Site Scripting (XSS) # Matches typical XSS attack vectors where input is reflected on the web page failregex = ^<HOST>.*(<script.*>.*</script>|<.*javascript:.*|<.*onerror=.*|<.*onload=.*|<.*alert\(.*\)).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-xss] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -...")
  • 14:27, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-suspicious (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-suspicious.conf # General Suspicious URL Patterns (including bad characters like `\`, `;`, `&`, etc.) failregex = ^<HOST>.*(\/\.\.\/|\.\.\/|\.\.\\|\\|%%3b|%%26|%%2f|%%2e%%2e).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-suspicious] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</now...")
  • 14:26, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-sql-like (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-sql-like.conf # SQL-like SELECT Statements that could indicate SQL Injection Attempts # This also tries to capture long SELECT/INSERT/UPDATE queries with SQL injection techniques failregex = ^<HOST>.*(select.*from.*|insert.*into.*|update.*set.*|delete.*from.*).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-sql-like] enabled = true banaction = %(banaction_allports)s logpath = /var/lo...")
  • 14:25, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-sql-inj (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-sql-inj.conf # SQL Injection Attempts # Matches common SQL injection patterns such as ' or 1=1 --, ; DROP TABLE, etc. failregex = ^<HOST>.*(select.*from.*where.*union.*select.*from.*information_schema.tables|insert.*into.*values.*select.*from.*information_schema.tables|union.*select.*null.*from.*information_schema.tables|or.*1=1).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-sql-inj] enabled =...")
  • 14:23, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-shell-command (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-shell-command.conf # Attempted Shell Command Execution in URLs (e.g., using ?cmd=) # This could indicate an attempt to execute system commands via web apps. failregex = ^<HOST>.*(\?cmd=|system\(|exec\().*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-shell-command] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findt...")
  • 14:22, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-rfi (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-rfi.conf # Remote File Inclusion (RFI) # Matches attempts to include remote files (e.g. http://example.com/malicious_file.php) failregex = ^<HOST>.*(?:https?|ftp):\/\/(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,6}\/.*\.(?:php|jsp|asp|cgi|pl|txt|xml|json|html?).*$` ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-rfi] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access....")
  • 14:21, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-php-code-inj (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-php-code-inj.conf # PHP Code Injection # Matches PHP-based code injection attempts such as `<?php eval($_POST[cmd]); ?>` failregex = ^<HOST>.*(\<\?php.*eval.*\$_POST.*\;\?\>).* ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-php-code-inj] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</no...")
  • 14:20, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-path-t (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-path-t.conf # Path Traversal Attacks # Matches attempts to traverse the directory structure (e.g., ../../etc/passwd or .\..\etc\passwd) failregex = ^<HOST>.*(\.\./|\.\.\\|%%2e%%2e%%2f|%%2e%%2e%%5c).*\/etc\/passwd.*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-path-t] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 fi...")
  • 14:19, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-non-exist (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-non-exist.conf # Requesting non-existent files like backup, .git, or config files # These are often targeted by attackers to find hidden sensitive files. # THIS FILE NEED TO BE CUSTOMIZED REGARDING YOUR NEEDS # failregex = ^<HOST>.*(\.git\/|\.env|\.bak|\.tar.gz|\.sql|\.sh|config\.php).*$ failregex = ^<HOST>.*(\.git\/|\.env|\.bak|\.tar.gz|\.sql|config\.php).*$ ignoreregex =</nowiki> =...")
  • 14:16, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-malicious (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-malicious.conf # Malicious HTTP Methods # Matches attempts to use HTTP methods that are often abused (e.g., TRACE, DELETE, PATCH) failregex = ^<HOST>.*(TRACE|DELETE|PATCH).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-malicious] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</nowiki>")
  • 14:15, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-lfi (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-lfi.conf # Local File Inclusion (LFI) # Matches patterns that indicate an attempt to include local files (e.g. ../../etc/passwd) failregex = ^<HOST>.*(\.\./|\.\.\\).*\/etc\/passwd.*$</nowiki> = Jail.conf = <nowiki> [http-lfi] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</nowiki>")
  • 14:14, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-dir-trav (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-dir-trav.conf # Directory Traversal Attempts # Matches the occurrence of '../' which is often used for directory traversal failregex = ^<HOST>.*\.\.\/.*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-dir-trav] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</nowiki>")
  • 14:13, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-crlf (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-crlf.conf # HTTP Response Splitting (CRLF Injection) # Matches attempts to inject headers or CRLF sequences into the response failregex = ^<HOST>.*(\r\n|\n\r|\r|\n).*Host:.*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-crlf] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend = polling</nowiki>")
  • 14:07, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-command-inj (Created page with "Category:Wiki = Filter.d = <nowiki> [Definition] # http-command-inj.conf # Command Injection # Matches typical command injection patterns like 'cat /etc/passwd', or 'ls; rm -rf' failregex = ^<HOST>.*(cat.*\/etc\/passwd|ls;.*rm.*-rf|\/bin\/bash).*$ ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-command-inj] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*.access.log maxretry = 1 bantime = -1 findtime = 3d backend...")
  • 13:44, 16 December 2025 Admin talk contribs created page FAIL2BAN - Filter.d - http-502-503 (Created page with "Category:Wiki = Filter.d = <nowiki> # /etc/fail2ban/filter.d/http-502-503.conf [Definition] failregex = ^<HOST> -.*"(GET|POST|HEAD).*HTTP.*" 502 = ^<HOST> -.*"(GET|POST|HEAD).*HTTP.*" 503 ignoreregex =</nowiki> = Jail.conf = <nowiki> [http-502-503] enabled = true banaction = %(banaction_allports)s logpath = /var/log/nginx/*error*.log /var/log/nginx/*access*.log maxretry = 20 findtime = 20 backend = polling</nowiki>")
  • 07:54, 16 December 2025 Admin talk contribs created page PROXMOX - Troubleshoot Cluster (Created page with "Category:Wiki When managing a Proxmox cluster, various issues may arise that can affect cluster functionality, node communication, virtual machine performance, or storage. This guide outlines common troubleshooting steps and tools for resolving issues in a Proxmox cluster. == Cluster Communication Issues == Cluster communication issues often occur when nodes are unable to properly sync with each other. These issues can prevent quorum, affect high availability, or...")
  • 07:43, 16 December 2025 Admin talk contribs created page PROXMOX - Clustering (Created page with "Category:Wiki == Proxmox Cluster Configuration with 4 Nodes == Before starting, ensure that: * All nodes have Proxmox installed and updated. * The nodes are on the same network. * SSH key-based authentication is set up between the nodes. * You have a consistent hostname and DNS setup across all nodes. * Ensure NTP (Network Time Protocol) is configured and synchronized across all nodes. === Cluster Configuration Overview === A Proxmox cluster uses the Corosync and...")
  • 06:41, 16 December 2025 Admin talk contribs deleted page ARISTA - BGP (content was: "Category:Wiki ==Introduction== BGP (Border Gateway Protocol) is a standardized exterior gateway protocol designed to exchange routing information between different autonomous systems (ASes) on the internet. Below is a complete guide to BGP commands on Arista EOS, covering configuration, monitoring, and troubleshooting. ==Basic BGP Configuration== * '''router bgp <AS-number>'''...", and the only contributor was "Admin" (talk))
(newest | oldest) View ( | ) (20 | 50 | 100 | 250 | 500)
Retrieved from "https://it-arts.net/index.php/Special:Log"