Category: CyberSec / ITSec / Sicherheit / Security / SPAM

06.06.2018

sometimes if you know how to r-click… you are allready a HACKER! „Last month’s story about organizations exposing passwords and other sensitive data via collaborative online spaces at Trello.com only scratched the surface of the problem. A deeper dive suggests […]

znet – estimates 2018 Corporate IT Budgets
30.04.2018

70% of decision makers increase tech budget in 2018, slightly higher than 2017. top technologies: CyberSecurity (53%) Hardware upgrades (47%) cloud services (43%) software (40%) BigData Analytics (20%) Internet of Things (18%) 35% training employees 29% want to hire new […]

Stromausfall – Dank All-IP (VoIP) und DECT kein Notruf mehr möglich
15.04.2018

Effizienz ist nicht alles – weiß Bernard Lietaer – wer sich auf eine Monokultur verlässt – ist verlassen. Nach einem Stromausfall oder Hacker-Angriff können Internet basierte Kommunikationsdienste lahmgelegt sein. Aus eigener Erfahrung: An Weihnachten 2017 wurde ein Baum vom Biber […]

Monitoring your Network
04.04.2018

so i guess „monitoring“ is about two things: availability and performance: detect performance bottlenecks get informed if parts (harddisks) / servers have failed / are about to fail security: detect, report and (if possible) automatically fence off „unusual“ network activity […]

NMAP basic network scanning – overview over LAN
27.02.2018

What computers are online? What services/ports in what versions are online/open? over poorly or not so poorly documented LANs you can get an overview by using nmap. yum install nmap; # centos/redhat apt-get install nmap; # debian/ubuntu # get a […]

LANCOM Erklärung zur Vertrauenswürdigkeit
31.01.2018

Erklärung der LANCOM Systems GmbH Produkte von LANCOM sind frei von versteckten Zugangsmöglichkeiten und sonstigen unerwünschten Funktionen zur Ein- und Ausleitung oder Manipulation von Daten LANCOM Systems weiß um die Bedeutung vertrauenswürdiger Infrastrukturen für die erfolgreiche Digitalisierung von Wirtschaft und […]

Docker
29.01.2018

who is who? concepts: docker is written in Google Go by Docker Inc, SanFrancisco because it does not emulate any hardware – it is a linux container / sandbox or jail like Free BSD Jail or Solaris Zones. For example […]

gpg verify downloaded software – no public key
27.01.2018

if you download software, you should verify that what you downloaded is not a altered file of a hacked server distributing trojan horses and keyloggers (malware). it seems for the gpg verification it is a 3 step process. 1. download […]

Bugs in Hardware – intel microcode updates
12.01.2018

update 2018-03-15: from C’t: new micro codes for intel iCPUs (2011 and onwoards) seem to fix Spectre v2 (CVE-2017-5715) 60minutes: https://www.heise.de/security/meldung/Spectre-Luecke-Intels-Microcode-Updates-fuer-Linux-und-Windows-3994347.html As Einstein already knew energy = matter = energy. great comparison: bugs in hardware – only solution: change / […]

amd arm intel cpus all got problems – Meltdown and Spectre – JavaScript could steal your Firefoxs Passwords
04.01.2018

update 2018-03-15: from C’t: new micro codes for intel iCPUs (2011 and onwoards) seem to fix Spectre v2 (CVE-2017-5715) 60minutes: https://www.heise.de/security/meldung/Spectre-Luecke-Intels-Microcode-Updates-fuer-Linux-und-Windows-3994347.html update: good overview and explanation of the situation: ARM also affected. The Meltdown + Spectre Vulnerabilities The Project Zero […]

06.08.2017

ome observers might well believe that the kernel has accumulated plenty of special-purpose virtual filesystems. Even so, 2.6.14 will include yet another one: securityfs. This filesystem is meant to be used by security modules, some of which were otherwise creating […]

06.08.2017

the mail system is a very broken and corrupted system. sending-addresses can be forged – spam from all over the world is flooding the mailboxes – viruses get attached… nobody trusts attachments anymore. it’s a completely newly C++ developed mailserver […]

Howto install and setup File Sharing Server with GNU Linux
04.08.2017

ext3+gnu_linux+samba = fast and reliable fileserver. WARNING! Security problems Versions from Version 3.5.0 to 4.6.4 (recent in May 2017 ) are affected and need to be patched! patches are available from: https://www.samba.org/samba/patches/ Unfortunately EVEN Debian9 (!!!! GUYS FIX THAT FAST […]