Category: Security

Linux: Perfect Secure Travel Laptop

If you want to Travel to other Countries (Border-Control), you should know some things: Buy a older Acer Laptop with Micro SSD Harddisk and SATA CDROM Slot Buy a SATA CDROM Adaptor for 10$, open the Laptop and remove the SATA Drive put it into the SATA Adaptor Don’t put Screws into the Laptop to the Adaptorslot so that you can pull out quick the SSD drive Install Ubuntu Linux with LUKS Disk full encryption! DOWNLOAD here Buy a privacy Shield-Sticker onto the TFT To extend security use USB-WIFI Dongle for WIFI Connections! (MAC Address Spoofing) Or: Buy a older […]

Linux: Raise Security Level by removing Software

If you use Linux you should monthly check which Software you haven’t used last weeks. Background: Every additional Software put Load on your PC Every additional Software uses libraries which can be affected by zero day exploits The Developers doesn’t know all bugs of their dependencies Third parity Software parts like “Github” or “PPA-Sources” they can be a security hole, by confusing Developers! If a Projekt is closed, remove unneeded Software to reduces the count of securitry holes! Run Cleanups after uninstall to purge changed Configs read here

Linux Security: create, mount, lock Luks Encrypted Container Files

Howto create encrypted Container Files for private Photos? REMARKS: EVERY unlocked and active mounted Luks Drive could be read out by attackers! Use long Passwords for Luks! dismount and LOCK unused luks drives/containers if NOT used! Create and mount Script: #!/bin/bash # Script creates 4GB Encrypted File Container, set Password # and mount it to /mnt/photos-private change your username!!! # # check free loop device set as variable loop=`losetup -f` # move existing container to old as BACKUP sudo mv container container.old # create container 4G sudo dd if=/dev/urandom of=container bs=1M count=4096 # bind raw container disk to free a […]

Apache2 evasive Problems with WordPress

If you use Apache2 / Apache24 and anti-hammering tools like the Modul evasive and security2 as addon fail2ban than you can fail blogging. Problems: Apache2 Module “evasive” must be fine tuned for WordPress go /etc/apache2/ if you use default enabled auto-safe drafts of posts can let you look like a Attacker so disable auto save by wp-config set “define(‘AUTOSAVE_INTERVAL’, 86400);” !! on small systems redis and other cache technics can generate too additional hidden “posts” traffic to the Apache2 & SQL checkout the system by disable all security addons and fine tune settings, if ok enable them again.. try wordpress […]

Apache2 evasive Problems with WordPress

If you use Apache2 / Apache24 and anti-hammering tools like the Modul evasive and security2 as addon fail2ban than you can fail blogging. Problems: Apache2 Module “evasive” must be fine tuned for WordPress go /etc/apache2/ if you use default enabled auto-safe drafts of posts can let you look like a Attacker so disable auto save by wp-config set “define(‘AUTOSAVE_INTERVAL’, 86400);” !! on small systems redis and other cache technics can generate too additional hidden “posts” traffic to the Apache2 & SQL checkout the system by disable all security addons and fine tune settings, if ok enable them again.. try wordpress […]

Major Tools for your IT Systems

A must “USE” in these insecure days: nmap Portscan Tool use nmap -PN IP-Address to check failed Firewall Settings! arp-scan  Network Scan to find active devices iftop to detect traffic and used Ports on a physical network Interface! ps aux  show active processes on a Linux System htop more human friendly Process Monitor iotop human friendly traffic monitor from CPU/RAM to Drives Daily check Error Logs! Use always Firewalls and Disk/File Encryption! Don’t trust Hardware Protection (TPM) Chips most do communicate by clean signals on copper which can be read out by hardware hacking or magnetic fields! NEVER leave Hardware […]

Ubuntu Bug NetworkManager openvpn plugin fails

If you setup Ubuntu 18.04 with openvpn you must install all Network Manager Plugins to run a stable VPN do: sudo apt-get install network-manager-openvpn network-manager-openvpn-gnome network-manager-pptp network-manager-pptp-gnome network-manager network-manager-gnome This fixes dependencies of Plugins to openvpn like pptp and more! The Syslog does not show any informations whats happening! only like this: vpn-connection[ID-XXXX-XXXX-XXXX-XXXX,”vpn”,34:(tun0)]: VPN plugin: failed: connect-failed (1) seen: 2019/10/31

Script DNS Blocker DNSMASQ

If you tested pihole, you perhaps look for a smaller Command Line version? Install dnsmasq by: sudo apt-get install dnsmasq Here DNS Rule Injector Script (copy & paste): blocker.sh # www.linuxonlinehelp.eu 2019 # DNS Blocker for Small Linux with dnsmasq # #!/bin/bash # goto tmp (tmpfs) cd /tmp/ # get URL-Blocklists wget -O blocklist.txt https://v.firebog.net/hosts/Kowabit.txt # get Templates #SET Variables txt='blocklist.txt' IP='0.0.0.0' # set to 0.0.0.0 or to a Webserver with "white Page" showing Text "URL-blocked!! #merge URLs and redirect to wanted IP – Rule creation n=1; while read line; do echo 'address=/'$line'/$IP '>> 02-blocked1.conf ; n=$((n+1)); done < $txt […]

Briar decentralized Peer to Peer Messenger

If you have used Whatsapp, Facebook Messenger, Telegram etc. last time and other Messenger, you perhaps now looking for a more secure Messenger, thats the point to Test Briar Messenger a Peer to Peer Messenger which uses NO SERVER as INTERFACE ! Source: briarproject.org Download-APK ..kick your old Messenger  from the Phone !!  

Pihole DNS Adblocker

If you have outdated PC’s you can give them a Second Life as DNS Adblocker!   You can get the free Software Package at pi-hole.net Don’t buy high priced preinstalled devices on NET cause a lot of the Resellers DONT DONATE the pi-hole Developers Group!!! Advantages: Less Homecalls of all Devices at your Home, like TV’s, Tablets, Phones and more Less Advertisement by Internet Browsing Less Fingerprints on Internet Faster Website Access Live Logview by “pihole -t” shows the Spy’s of your Network Reduce Network Load of all Wifi Routers an Repeaters (MESH LOAD) Reduce Heat and Power Consumption of […]

Android Cleanup NonRoot

If you use a Android Phone you should cleanup by Reset every 6 Month: Remove of Background Apps Remove blown up Updates Remove unused Apps Disable unused Apps preinstalled Raise Security Raise Privacy Reduce burned Bandwith from App Homecalls Use Siteload to reinstall LESS Apps Use Browser against Apps ! Reduce Backlinks of Apps to Cloud Remove Google Account Reset Advertisment-ID at Google Settings Reset Phone Settings, often useful! Disable Mobile Net+Wifi Access to unused preinstalled Apps! Control Homecalls by connect to a OpenWRT Router with iftop! Increase Battery runtime. Remove E-Mail, Social-Media Apps against Viruses over Chat and Mails […]

mj12bot hammer mediawiki

Here some IP’s of some Botnet Servers of mj12bot.com: the Botnet ignores robots.txt and hammers on Mediawiki’s! A sorted output of a Log done with :   cat /var/log/apache2/other*.log|grep MJ | awk '{ print $2 }' | sort | uniq -c | sort -n Output for ufw Firewalls: 162.210.196.97 144.76.3.131 148.251.195.14 5.9.158.195 173.208.157.186 176.31.255.65 178.63.34.189 69.30.198.186 144.76.60.198 40.121.210.108 5.189.152.91 5.9.66.153 69.30.198.242 69.30.205.218 81.109.126.245 192.99.10.47 If this doesn’t help the use “Apache AUTH Basic” to block unwanted access!! It’s easy to setup.

5G Mobile Network opens Pandora’s Box

5G will it make possible to attack mobile Devices and Cars 10 times faster Users will not recognize attacks or uploaded data the wider data bandwith will it make possible to attack much more efficient Remark: checkout if you really need this mobile network, cause slower is sometime safer against automated tools slower mobile network is cheaper disable mobile data if not neeeded to stay hidden and offline, calls option is still working

Firefox Stop Home Calls

During my last Network Monitoring found out that MANY of “free” Software calls home permanent Article: https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections .. if you want to be safe, block all OUTGOING Traffic by a Firewall or local DNS Server and use a Proxy with Auth Mechanism!

Major Bug: UFW stopped thru logrotate

On Debian Sid i have seen that ufw service is stopped on logrotate!! Its a bad known bug! Workaround: Set all Services like Dovecot, Postfix to listen on LOCALHOST (127.0.0.1) if not needed over Internet Enable ONLY encrypted AUTH (Login) to Postfix! (TLS 1.2) Disable unneeded Services ! like Samba, FTP… move config from /etc/logrotate.d/ufw to /root/ to disable ufw logrotate !! edit /etc/ufw/ufw.conf set LOGLEVEL to “off” restart the Server and check open Ports next Days from outside with: $sudo nmap -PN my.server.com

Impressum Datenschutz-DSGVO-GDPR

www.linuxonlinehelp.eu - Nonprofit Linux PC & Server Support since 2004 Tags: Linux Online Help, Linuxonlinehelp, Linux Support, Linux Hilfe