Category: Administration / Server

firewall & the GNU-Linux Pinguin: firewalls: where do thy go? and does thee protect from DDoS? as always in software development and as always in GNU Linux, there is not “one” firewall system, no, there are many and it is […]

situation: one is userA but wants to ssh login to server with ipv4: 123.123.123.123 via userB (dedicated user for that server/task). so what one does is: make sure one can login as userB than as userA: userA: ssh -v -i […]

very very nice actually. visit the site: https://www.wieistmeineip.de/ 1) setup an ssh server 2) make sure u can login with the given user ssh -N -D 9090 -p22 user@yourserver.com now config firefox proxy like this: click “ok” then visit the […]

what do you think about the CNBC documentary? 2012: Aalto Talk with Linus Torvalds: 1,5 Million Views! contains the famous “Fuck You NVIDIA” https://www.youtube.com/watch?v=MShbP3OpASA Linus Torvalds writes software since his early childhood ages and just loves programming. Without this love […]

list all current ips that are connected to port 587 netstat -anp | grep :587 | grep ESTABLISHED

i really like virtualbox and i think it has great potential, what i do not like SOOO much is the CIA’s involvement with Oracle. “Larry Ellison Is A Billionaire Today Thanks To The CIA” (src) VirtualBox is mostly GPL 2.0 […]

Mozilla Firefox, Firefox Browser, or simply Firefox, is a free and open–source (src: Wikipedia) web browser developed by the Mozilla Foundation and its subsidiary, Mozilla Corporation. even when mozilla is (financially) having a tough time, security should be everyone’s top […]

Pwn2Own 2020: opening a pdf can be enough to compromise system! https://youtu.be/u1udr7j9MQA?t=359 90% of companies DO NOT NEED JavaScript or macros to run in PDF but still it is there… and Adobe knows about it: “JavaScripts in PDFs as a […]

new Russian IT Security updates: thanks to https://www.securitylab.ru/ and https://translate.yandex.com/   SecurityLab, [06.11.19 16:12] The Libarchive compression library, which is included by default in Debian, Ubuntu, Gentoo, Arch Linux, FreeBSD, and NetBSD distributions, contains a vulnerability that allows an attacker […]

about MAC address(es) not every switch has an IP assigned (if it has no web management interface, it does not need to) but it will have a MAC address. MAC address are per vendor and per device unique identifiers that […]

while loop: One way to do it is: while read p; do echo “$p” done <peptides.txt As pointed out in the comments, this has the side effects of trimming leading whitespace, interpretting backslash sequences, and skipping the trailing line if […]

“In the popular series of wireless keyboards Fujitsu LX390 found two dangerous vulnerabilities. According to researchers from the company SySS, exploitation of vulnerabilities allows nearby attackers to “spy” passwords entered on the keyboard, or even to seize control of the […]

in addition to select “IDE emulate” in VM Settings one should also restart 1) client 2) server 3) vm  

  EDIMAX EW-7612UAn V2 THE ONLY (?) GNU Linux WIFI WLAN Adapter that works OUT OF THE BOX on all GNU Linux systems (ODROID RASPBERRY AND Desktop GNU Linux)   ONLY BUY FROM HARDWARE VENDORS THAT SUPPORT FREE & OPEN […]

what IT can learn from nature: (src) mostly US users affected. Big Business: Big Companies and Big Money can afford Big Staff to maintain and secure their products, but they also provide Big Infrastructure (AWS, Office) and thus a single […]

Phone in the cloud: “telephone system in the cloud” or “telephne system as software” is the “latest shit”. SipGate Basic (in English: https://www.sipgatebasic.co.uk/ / in German:  https://www.sipgatebasic.de/) gives one a local VoIP land line number. One can have: a virtual […]

updated:2020-08: it is not easier than ever to find the correct public key. (thanks god! why so complicated f-droid?) md5 signatures could be forged, sha512sums imho not yet, but checking those crc checksums is straight forward, all one needs is […]

spoiler alert: this is work in progress… was told by Adaptec support to upgrade firmware. did not do that yet – because firmware upgrades on production systems are sometimes very risky endeavors. one of the most important features of a […]

look at this superb piece of Open Source software: … that is actually USED BY PEOPLE (like this one to write this article). unlike windows it comes with: life-time FREE UPDATES (!!!!!!!!!) a simple no f*****ing tiles design it comes […]

terminal/bash/no gui version: hostnamectl; # tested on Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 4.15.9 Architecture: x86-64 # with software installed yum list installed|grep cups cups.x86_64 1:1.6.3-35.el7 @base cups-client.x86_64 1:1.6.3-35.el7 @base cups-filesystem.noarch 1:1.6.3-35.el7 @base cups-filters.x86_64 […]

for whatever reason, it is not enough to allow udp traffic on port 5900, one also needs to allow tcp traffic. /sbin/iptables -A INPUT -p tcp -m tcp –dport 5900 -j ACCEPT /sbin/iptables -A INPUT -p udp -m udp –dport […]

linux administrators should really run the almighty monitor script once and a while. while lnav is a great log viewer, it (right now) does not do a good job in catching all logs under /var/log/ and all errors. so one […]

yum install ascii # or apt install ascii ascii Usage: ascii [-dxohv] [-t] [char-alias…] -t = one-line output -d = Decimal table -o = octal table -x = hex table -h = This help screen -v = version information Prints […]

for good overview it makes sense to label the harddisk partitions according to functionality (what is their purpose?) GNU Linux bash – how to label partitions tune2fs (xfs & ext4) … because maybe one wants to read their smart status. […]

monitoring the integrity of a RAID is critical for fast replacement of failed harddisks (ideally one has at least one spare drive already in the machine) if not – it would be great if hard- and software-raid would send a […]

Mail Server (MTA) Market share: Server Type Number of Servers Percent Exim 507,200 57.13% Postfix 308,036 34.70% Sendmail 34,948 3.94% MailEnable 18,921 2.13% MDaemon 7,464 0.84% Microsoft 4,706 0.53% IMail 1,375 0.15% CommuniGate Pro 1,263 0.14% XMail 783 0.09% Qmail […]

# tested on yum install inxi inxi -b System: Host: hp.centos Kernel: 5.1.15 x86_64 bits: 64 Desktop: MATE 1.16.2 Distro: CentOS Linux release 7.6.1810 (Core) Machine: Type: Server System: HP product: ProLiant DL360 G6 v: N/A serial: XXXXXXXXX Mobo: N/A […]

sometimes one wants to restart a windows vm every x days – to clean up RAM and Co. run task scheduler “Aufgabenplanung” %windir%\system32\taskschd.msc /s File/Datei -> New/Neu -> Basic Task/Einfache Aufgabe select or copy paste: %SystemRoot%\System32\shutdown.exe one has to scroll […]

bc is a nice calculator that one can use under linux terminal. a good exercise: count from 0 to 255 and convert it to binary # install # debian/ubuntu apt install bc # fedora/redhat/centos yum install bc # run bc […]

TLS v1.1 is labeled insecure, TLS v1.2 is current, TLS v1.3 is about to become current. the (e)mail system from 1972 (slightly modified) is still the #1 communication channel, if one believes one’s surveys. The current approved version of TLS […]