Category: Sicherheit / Security / SPAM / Privacy / convenience vs surveillance


ome observers might well believe that the kernel has accumulated plenty of special-purpose virtual filesystems. Even so, 2.6.14 will include yet another one: securityfs. This filesystem is meant to be used by security modules, some of which were otherwise creating […]


the mail system is a very broken and corrupted system. sending-addresses can be forged – spam from all over the world is flooding the mailboxes – viruses get attached… nobody trusts attachments anymore. it’s a completely newly C++ developed mailserver […]


exim is one of the most used MTAs on mail-enabled servers on the internet and default on Debian/Ubuntu(?). Original author(s) Philip Hazel (started 1995) Developer(s) The Exim Maintainers Thus you can expect hackers, crackers and NSA to target it. Exim […]

Howto install and setup File Sharing Server with GNU Linux

ext3+gnu_linux+samba = fast and reliable fileserver. WARNING! Security problems Versions from Version 3.5.0 to 4.6.4 (recent in May 2017 ) are affected and need to be patched! patches are available from: Unfortunately EVEN Debian9 (!!!! GUYS FIX THAT FAST […]

CentOS7 replaced firewall iptables with firewalld

no iptables no more – some things change faster than you can say „beneune„… check if it is up and running: systemctl list-unit-files|grep firewall firewalld.service enabled open a port, permanently: firewall-cmd –zone=public –add-port=80/tcp –permanent firewall-cmd –reload „The former firewall model […]

CentOS7 Security Profiles and Software Security Flaws TopList

exploits in software toplist: 2017: All time: That is why the Unix Philosophy of small, modular and beautiful matters … maybe that’s why Mr Stallmann prefers Microkernels… but well let’s be happy there is an alternative kernel to […]


Atomkraft ist nicht nur im laufenden Betrieb gefährlich. KEIN DEUTSCHES Atomkraftwerk HÄLT EINEN FLUGZEUGABSTURZ STAND! Allein daran kann man schon erkennen wie kurzsichtig und Macht-Geld-getrieben diese ganze Branche funktioniert – sammt ihren politischen Kollaborateuren. FBI in Sorge: Hacking-Kampagne gegen Atomkraftwerke […]

Linux Kernel – Security Updates

latest kernel related security problems can be found here… -> newsletter subsribe: also

akamai state of the internet quarterly report
23.06.2017 security Q1 2017: connectivity: Q4 2016


AES is often used in conjunction with IPSec-VPNs. K.U. Leuven, Belgium; Microsoft Research Redmond, USA; ENS Paris and Chaire France Telecom, France Abstract. Since Rijndael was chosen as the Advanced Encryption Standard, improving upon 7-round attacks on the 128-bit key […]


in general programs = processes = tasks = job less is more (security) run as little software as you absolutely need – uninstall/disable all services you don’t need. less software = less lines of mistaken code = less security flaws. […]


client /etc/ssh/ssh_config is for client side config – here you can for example enable StrictHostKeyChecking yes /etc/ssh/ssh_known_hosts similar to ~/.ssh/known_hosts it contains the system-wide-accepted public keys of other hosts. So if you have „StrictHostKeyChecking yes“ enabled, you could manually accept […]

gpg cheat sheed – encrypting files with gpg

Warning! while gpg is very likely sound and solid encryption – what is far more likely to be compromised is YOUR HARDWARE – every network card – wifi card – usb UMTS G3 modem – PCI-Card – contains enough RAM […]

cool stuff you can do with ssh

i assume you have setup public-private-key-authentication and tested its workings. run local scripts remotely You can run local scripts remotely by executing bash on the remote system and feeding it your script ssh user@host ‚bash -s‘ < script.s sftp kick […]


whenever you have a linux desktop (KDE, Gnome2-3) you use the x-server and a client (window-manager like lightdm) to connect to it. They communicate via network thus allowing to redirect the grafical output of remotely-run programs to the local display. […]

password protect encrypt files with vim and vi

it’s amazing… try this: open up a text file Hit ESC (command mode) :X now vim / vi will ask you for a password if you know save and quit and reopen the file it detects that the file was […]

installing lilo boot loader on debian8 – just because you can

uname -a; # tested with Linux debian 3.16.0-4-686-pae #1 SMP Debian 3.16.43-2 (2017-04-30) i686 GNU/Linux su; # become root apt-get update; apt-get install lilo; # install the thing liloconfig; # generate config file /sbin/lilo; # install lilo to mbr enjoy […]


„Trump-Modus“: 1Password entfernt Passwörter temporär für GrenzkontrollenNutzer können in dem Passwort-Manager hinterlegte Zugangsdaten nun leicht von all ihren Geräten entfernen – und später wieder hinzufügen. Dies soll verhindern, dass Grenzbeamte bei Kontrollen Einblick in die Daten erlangen. › Artikel lesen     […]


this article might be largely incomplete… kernel ringbuffer boot messages messages from the kernel during first stages of boot. # all distros dmesg; # show kernel ring buffer boot messages log # Centos7 only (debian8 has the file but it […]


Ransomware hitting a new dimension – with the NSA-backdoors pre-installed in a lot of soft and hardware (check out Intel AMT/ME disaster) – hackers/attackers are trying to find and exploit those in order to make some profit. Millions of € […]