Category: Sicherheit / Security / SPAM / Privacy / convenience vs surveillance

06.08.2017

ome observers might well believe that the kernel has accumulated plenty of special-purpose virtual filesystems. Even so, 2.6.14 will include yet another one: securityfs. This filesystem is meant to be used by security modules, some of which were otherwise creating […]

06.08.2017

the mail system is a very broken and corrupted system. sending-addresses can be forged – spam from all over the world is flooding the mailboxes – viruses get attached… nobody trusts attachments anymore. it’s a completely newly C++ developed mailserver […]

06.08.2017

exim is one of the most used MTAs on mail-enabled servers on the internet and default on Debian/Ubuntu(?). Original author(s) Philip Hazel (started 1995) Developer(s) The Exim Maintainers Thus you can expect hackers, crackers and NSA to target it. Exim […]

Howto install and setup File Sharing Server with GNU Linux
04.08.2017

ext3+gnu_linux+samba = fast and reliable fileserver. WARNING! Security problems Versions from Version 3.5.0 to 4.6.4 (recent in May 2017 ) are affected and need to be patched! patches are available from: https://www.samba.org/samba/patches/ Unfortunately EVEN Debian9 (!!!! GUYS FIX THAT FAST […]

CentOS7 replaced firewall iptables with firewalld
27.07.2017

no iptables no more – some things change faster than you can say „beneune„… check if it is up and running: systemctl list-unit-files|grep firewall firewalld.service enabled open a port, permanently: firewall-cmd –zone=public –add-port=80/tcp –permanent firewall-cmd –reload „The former firewall model […]

CentOS7 Security Profiles and Software Security Flaws TopList
25.07.2017

exploits in software toplist: 2017: https://www.cvedetails.com/top-50-products.php?year=2017 All time: https://www.cvedetails.com/top-50-products.php That is why the Unix Philosophy of small, modular and beautiful matters … maybe that’s why Mr Stallmann prefers Microkernels… but well let’s be happy there is an alternative kernel to […]

07.07.2017

Atomkraft ist nicht nur im laufenden Betrieb gefährlich. KEIN DEUTSCHES Atomkraftwerk HÄLT EINEN FLUGZEUGABSTURZ STAND! Allein daran kann man schon erkennen wie kurzsichtig und Macht-Geld-getrieben diese ganze Branche funktioniert – sammt ihren politischen Kollaborateuren. FBI in Sorge: Hacking-Kampagne gegen Atomkraftwerke […]

Linux Kernel – Security Updates
27.06.2017

latest kernel related security problems can be found here… -> https://tracker.debian.org/pkg/linux newsletter subsribe: https://tracker.debian.org/accounts/login/ also https://anonscm.debian.org/cgit/kernel/linux.git http://www.securityfocus.com/ http://www.securityfocus.com/cgi-bin/index.cgi?c=11&op=display_threads&ListID=1&limit=30&offset=0&date=2017-06-20&mode=threaded https://cve.mitre.org/index.html https://twitter.com/CVEnew/ https://wiki.debian.org/DebianKernel

akamai state of the internet quarterly report
23.06.2017

https://www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/ https://www.akamai.com/us/en/about/news/press/2017-press/akamai-releases-first-quarter-2017-state-of-the-internet-connectivity-report.jsp security Q1 2017: https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q1-2017-state-of-the-internet-security-report.pdf connectivity: Q4 2016 https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q4-2016-state-of-the-internet-connectivity-report.pdf https://www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/state-of-the-internet-connectivity-visualization.jsp

20.06.2017

AES is often used in conjunction with IPSec-VPNs. K.U. Leuven, Belgium; Microsoft Research Redmond, USA; ENS Paris and Chaire France Telecom, France Abstract. Since Rijndael was chosen as the Advanced Encryption Standard, improving upon 7-round attacks on the 128-bit key […]

09.06.2017

in general programs = processes = tasks = job less is more (security) run as little software as you absolutely need – uninstall/disable all services you don’t need. less software = less lines of mistaken code = less security flaws. […]

08.06.2017

client /etc/ssh/ssh_config is for client side config – here you can for example enable StrictHostKeyChecking yes /etc/ssh/ssh_known_hosts similar to ~/.ssh/known_hosts it contains the system-wide-accepted public keys of other hosts. So if you have „StrictHostKeyChecking yes“ enabled, you could manually accept […]

gpg cheat sheed – encrypting files with gpg
08.06.2017

Warning! while gpg is very likely sound and solid encryption – what is far more likely to be compromised is YOUR HARDWARE – every network card – wifi card – usb UMTS G3 modem – PCI-Card – contains enough RAM […]

cool stuff you can do with ssh
07.06.2017

i assume you have setup public-private-key-authentication and tested its workings. run local scripts remotely You can run local scripts remotely by executing bash on the remote system and feeding it your script ssh user@host ‚bash -s‘ < script.s sftp kick […]

02.06.2017

whenever you have a linux desktop (KDE, Gnome2-3) you use the x-server and a client (window-manager like lightdm) to connect to it. They communicate via network thus allowing to redirect the grafical output of remotely-run programs to the local display. […]

password protect encrypt files with vim and vi
02.06.2017

it’s amazing… try this: open up a text file Hit ESC (command mode) :X now vim / vi will ask you for a password if you know save and quit and reopen the file it detects that the file was […]

installing lilo boot loader on debian8 – just because you can
30.05.2017

uname -a; # tested with Linux debian 3.16.0-4-686-pae #1 SMP Debian 3.16.43-2 (2017-04-30) i686 GNU/Linux su; # become root apt-get update; apt-get install lilo; # install the thing liloconfig; # generate config file /sbin/lilo; # install lilo to mbr enjoy […]

25.05.2017

„Trump-Modus“: 1Password entfernt Passwörter temporär für GrenzkontrollenNutzer können in dem Passwort-Manager hinterlegte Zugangsdaten nun leicht von all ihren Geräten entfernen – und später wieder hinzufügen. Dies soll verhindern, dass Grenzbeamte bei Kontrollen Einblick in die Daten erlangen. › Artikel lesen     […]

16.05.2017

this article might be largely incomplete… kernel ringbuffer boot messages messages from the kernel during first stages of boot. # all distros dmesg; # show kernel ring buffer boot messages log # Centos7 only (debian8 has the file but it […]

13.05.2017

Ransomware hitting a new dimension – with the NSA-backdoors pre-installed in a lot of soft and hardware (check out Intel AMT/ME disaster) – hackers/attackers are trying to find and exploit those in order to make some profit. Millions of € […]