firewall & pinguin: iptables where do thou go? it is said that when using “ip-sets” iptables and nftables achieve almost same performance (amounts of ips possible to block, without server becoming slow/unresponsive) Redhat and nftables on DDoS “so the only […]
firewall & pinguin: iptables where do thou go? it is said that when using “ip-sets” iptables and nftables achieve almost same performance (amounts of ips possible to block, without server becoming slow/unresponsive) Redhat and nftables on DDoS “so the only […]
DDoS attacks are nasty stuff. Even such simple programs as – autobench – Automates the benchmarking of web servers using httperf – can sufficiently choke a webserver by spawning hundreds and thousands of mysql processes – exhausting all resources of […]
second take on trying to get a xmpp server (OpenFire, Java) client (Pidgin, C (C#, Perl, Python, Tcl are used for plugins)) up and running. at least this time with partial luck (was able to login via pidgin) but it […]
firewall & the GNU-Linux Pinguin: firewalls: where do thy go? and does thee protect from DDoS? as always in software development and as always in GNU Linux, there is not “one” firewall system, no, there are many and it is […]
# tested on yum install inxi inxi -b System: Host: hp.centos Kernel: 5.1.15 x86_64 bits: 64 Desktop: MATE 1.16.2 Distro: CentOS Linux release 7.6.1810 (Core) Machine: Type: Server System: HP product: ProLiant DL360 G6 v: N/A serial: XXXXXXXXX Mobo: N/A […]
firewall & pinguin: iptables where do thou go? it is said that when using “ip-sets” iptables and nftables achieve almost same performance (amounts of ips possible to block, without server becoming slow/unresponsive) Redhat and nftables on DDoS “so the only […]
lately this blog gets bombarded with queries like these: which decoded are Korean SPAM? which translates as: iptables / firewalld seem not to work and have to really really figure out why. until then this is a little workaround, it […]
FTP->SFTP now! first things first: ABANDON FTP IT IS INSECURE AND WILL TRANSFER YOUR PASSWORDS AND FILES IN CLEAR TEXT OVER THE INTERNET! MOVE TO SFTP (FTP OVER SSH) with strong passwords! if you run your own server – disable […]
firewall & pinguin: iptables where do thou go? it is said that when using “ip-sets” iptables and nftables achieve almost same performance (amounts of ips possible to block, without server becoming slow/unresponsive) Redhat and nftables on DDoS “so the only […]
update: 2024-04: can the PI be trusted? while many cool projects are made with Raspberry PIs, including camera surveillance projects, the PI’s design requires a GPU binary blob driver to be loaded BEFORE the OS is loaded… this is Open […]
who is who? concepts: docker is written in Google Go by Docker Inc, SanFrancisco because it does not emulate any hardware – it is a linux container / sandbox or jail like Free BSD Jail or Solaris Zones or OpenVZ so […]
warning! this howto is very old (2017) rhel7 and CentOS7, while both distros are kind of EOL (End Of Life = no more updates) they are still widely in use. this howto is UNTESTED! in general: social skills social competence […]
CentOS7 [cc lang=”bash” escaped=”true” width=”600″] yum install psmisc # install pstree [root@centos user]# pstree systemd─┬─NetworkManager─┬─dhclient │ └─2*[{NetworkManager}] ├─agetty ├─auditd───{auditd} ├─chronyd ├─crond ├─dbus-daemon───{dbus-daemon} ├─firewalld───{firewalld} ├─irqbalance ├─lvmetad ├─polkitd───5*[{polkitd}] ├─rsyslogd───2*[{rsyslogd}] ├─sshd─┬─sshd───sshd───bash───su───bash───pstree │ └─sshd───sshd───sftp-server ├─systemd-journal ├─systemd-logind ├─systemd-udevd ├─tuned───4*[{tuned}] └─xinetd [/cc] debian8 [cc lang=”bash” escaped=”true” […]
if fail2ban fails to ban: have a look here: https://configserver.com/cp/csf.html tcp wrapper (tcpd) tcpd.man.txt Centos5 documentation (Centos7 does not have it installed per default can be installed like this: yum install xinetd*) To control access to Internet services, use xinetd, […]
firewall & pinguin: iptables where do thou go? it is said that when using “ip-sets” iptables and nftables achieve almost same performance (amounts of ips possible to block, without server becoming slow/unresponsive) Redhat and nftables on DDoS “so the only […]
if fail2ban fails to ban: https://dwaves.de/2017/07/27/centos7-replaced-firewall-iptables-with-firewalld-iptables-vs-nftables-benchmark-performance-comparison-scalability-when-facing-ddos-scenarios vim /etc/fail2ban/jail.conf; # open up the config file that defines all the defaults # find those lins: # # Destination email address used solely for the interpolations in # jail.{conf,local} configuration files. destemail = […]
if fail2ban fails to ban: https://dwaves.de/2017/07/27/centos7-replaced-firewall-iptables-with-firewalld-iptables-vs-nftables-benchmark-performance-comparison-scalability-when-facing-ddos-scenarios/ but also whole companies from israel are offering tools to nuke off your webserver with “rented” DDoS attacks vim /etc/fail2ban/jail.local; # add those lines: [apache] enabled = true port = http,https filter = apache-auth […]
if fail2ban fails to ban: https://dwaves.de/2017/07/27/centos7-replaced-firewall-iptables-with-firewalld-iptables-vs-nftables-benchmark-performance-comparison-scalability-when-facing-ddos-scenarios Update! “Within hours of that story running, the two alleged owners — 18-year-old Israeli men identified in the original report — were arrested in Israel in connection with an FBI investigation into the shady […]
if fail2ban fails to ban: https://dwaves.de/2017/07/27/centos7-replaced-firewall-iptables-with-firewalld-iptables-vs-nftables-benchmark-performance-comparison-scalability-when-facing-ddos-scenarios KEEP IN MIND: OVERLOAD OF WEBSERVER MIGHT BE FROM BRUTEFORCE OR DDoS!!! (512MB RAM was “enogh RAM” for a webserver in those days X-D) sudden spikes of (botnet) traffic might deplete your RAM via […]
question: http://answers.microsoft.com/en-us/windows/forum/windows_8-networking/how-to-disable-network-discovery-by-registry-or/b38c3c5f-5214-44a2-ac65-3186949adbab?tm=1418243446272 same question: http://www.experts-exchange.com/Networking/Protocols/Q_28507535.html windows disable network discovery Browser search term: windows disable network discovery iphlpsvc konkret geht es hierum: exact same question: http://blogs.technet.com/b/networking/archive/2010/12/06/disabling-network-discovery-network-resources.aspx in theory it could work like this, but simply firng the command netsh advfirewall […]