Category: CyberSec / ITSec / Sicherheit / Security / SPAM

Stromausfall – Dank All-IP (VoIP) und DECT kein Notruf mehr möglich
15.04.2018

Effizienz ist nicht alles – weiß Bernard Lietaer – wer sich auf eine Monokultur verlässt – ist verlassen. Nach einem Stromausfall oder Hacker-Angriff können Internet basierte Kommunikationsdienste lahmgelegt sein. Aus eigener Erfahrung: An Weihnachten 2017 wurde ein Baum vom Biber […]

Monitoring your Network
04.04.2018

so i guess „monitoring“ is about two things: availability and performance: detect performance bottlenecks get informed if parts (harddisks) / servers have failed / are about to fail security: detect, report and (if possible) automatically fence off „unusual“ network activity […]

NMAP basic network scanning – overview over LAN
27.02.2018

What computers are online? What services/ports in what versions are online/open? over poorly or not so poorly documented LANs you can get an overview by using nmap. yum install nmap; # centos/redhat apt-get install nmap; # debian/ubuntu # get a […]

LANCOM Erklärung zur Vertrauenswürdigkeit
31.01.2018

Erklärung der LANCOM Systems GmbH Produkte von LANCOM sind frei von versteckten Zugangsmöglichkeiten und sonstigen unerwünschten Funktionen zur Ein- und Ausleitung oder Manipulation von Daten LANCOM Systems weiß um die Bedeutung vertrauenswürdiger Infrastrukturen für die erfolgreiche Digitalisierung von Wirtschaft und […]

Docker
29.01.2018

who is who? concepts: docker is written in Google Go by Docker Inc, SanFrancisco because it does not emulate any hardware – it is a linux container / sandbox or jail like Free BSD Jail or Solaris Zones. For example […]

gpg verify downloaded software – no public key
27.01.2018

if you download software, you should verify that what you downloaded is not a altered file of a hacked server distributing trojan horses and keyloggers (malware). it seems for the gpg verification it is a 3 step process. 1. download […]

Bugs in Hardware – intel microcode updates
12.01.2018

update 2018-03-15: from C’t: new micro codes for intel iCPUs (2011 and onwoards) seem to fix Spectre v2 (CVE-2017-5715) 60minutes: https://www.heise.de/security/meldung/Spectre-Luecke-Intels-Microcode-Updates-fuer-Linux-und-Windows-3994347.html As Einstein already knew energy = matter = energy. great comparison: bugs in hardware – only solution: change / […]

amd arm intel cpus all got problems – Meltdown and Spectre – JavaScript could steal your Firefoxs Passwords
04.01.2018

update 2018-03-15: from C’t: new micro codes for intel iCPUs (2011 and onwoards) seem to fix Spectre v2 (CVE-2017-5715) 60minutes: https://www.heise.de/security/meldung/Spectre-Luecke-Intels-Microcode-Updates-fuer-Linux-und-Windows-3994347.html update: good overview and explanation of the situation: ARM also affected. The Meltdown + Spectre Vulnerabilities The Project Zero […]

06.08.2017

ome observers might well believe that the kernel has accumulated plenty of special-purpose virtual filesystems. Even so, 2.6.14 will include yet another one: securityfs. This filesystem is meant to be used by security modules, some of which were otherwise creating […]

06.08.2017

the mail system is a very broken and corrupted system. sending-addresses can be forged – spam from all over the world is flooding the mailboxes – viruses get attached… nobody trusts attachments anymore. it’s a completely newly C++ developed mailserver […]

Howto install and setup File Sharing Server with GNU Linux
04.08.2017

ext3+gnu_linux+samba = fast and reliable fileserver. WARNING! Security problems Versions from Version 3.5.0 to 4.6.4 (recent in May 2017 ) are affected and need to be patched! patches are available from: https://www.samba.org/samba/patches/ Unfortunately EVEN Debian9 (!!!! GUYS FIX THAT FAST […]

CentOS7 replaced firewall iptables with firewalld
27.07.2017

no iptables no more – some things change faster than you can say „beneune„… check if it is up and running: systemctl list-unit-files|grep firewall firewalld.service enabled open a port, permanently: firewall-cmd –zone=public –add-port=80/tcp –permanent firewall-cmd –reload „The former firewall model […]

CentOS7 Security Profiles and Software Security Flaws TopList
25.07.2017

exploits in software toplist: 2017: https://www.cvedetails.com/top-50-products.php?year=2017 All time: https://www.cvedetails.com/top-50-products.php That is why the Unix Philosophy of small, modular and beautiful matters … maybe that’s why Mr Stallmann prefers Microkernels… but well let’s be happy there is an alternative kernel to […]

07.07.2017

Atomkraft ist nicht nur im laufenden Betrieb gefährlich. KEIN DEUTSCHES Atomkraftwerk HÄLT EINEN FLUGZEUGABSTURZ STAND! Allein daran kann man schon erkennen wie kurzsichtig und Macht-Geld-getrieben diese ganze Branche funktioniert – sammt ihren politischen Kollaborateuren. FBI in Sorge: Hacking-Kampagne gegen Atomkraftwerke […]