CheckPoint Security found security problems in OpenSource and closed source rdp clients/servers – the product vendors including MS have been informed and everybody except MS will update their products. X-D a hacked rdp server can “attack” the client – in […]
Short stoy: AltGr (HostKey) + C will quit “seamless (no menues) mode” really like the cross-os capabilties of virtualbox (possible to move vms between GNU Linux and Windows servers) and think it has great potential, what is not so great […]
CentOS8: ccze author not willing to maintain ccze. no ccze and not even lnav available. how to monitor all logs… https://dwaves.de/2017/06/15/linux-monitor-all-logs-in-real-time-d-follow-all-show-changes-to-log-files-under-varlog/ as i was wondering what combination of less -R with or without ccze would allow me to view log […]
this mail looks so convincing… i bet it gets a high “return” rate. mail is fundamentally broken system – that’s why Google keeps cranking up requirements to send mail to Google and one day it will probably deny ALL […]
FTP->SFTP now! first things first: ABANDON FTP IT IS INSECURE AND WILL TRANSFER YOUR PASSWORDS AND FILES IN CLEAR TEXT OVER THE INTERNET! MOVE TO SFTP (FTP OVER SSH) with strong passwords! if you run your own server – disable […]
firewall & pinguin: iptables where do thou go? it is said that when using “ip-sets” iptables and nftables achieve almost same performance (amounts of ips possible to block, without server becoming slow/unresponsive) Redhat and nftables on DDoS “so the only […]
with security there is no “done” it can be clearly seen that: the amounts of it-security problems is increasing of course there is no 100% security with state-actors playing “hot” “cold war” in cyberspace private-spy-companies developing exploits that then leak […]
da! schon wieder! es wird nur kurz “Angeklingelt” und gehofft dass das Opfer zurückruft. Anruf um 14:08 von +79 40 76 9 30 53 – allein das ANNEHMEN des ANRUFS oder das ZURÜCKRUFEN kann 100€ kosten! HIER wären die NSA […]
https://youtu.be/70Blz9hyAz8 https://devtube.dev-wiki.de/videos/watch/f979469f-5fd1-4c40-a8c4-706c20c001f7 While “backdoors” in hardware sound like a good idea… you don’t know how hackers are using it to sabotage infrastructure or extort bitcoins of another country’s companies… see “backdoor in cisco router“. IT IS F**** DANGEROUS! ESPECIALLY if […]
it kills the (probably not existing) virus scanner “An associated security bypass is done as well — it will scam for processes running in memory that are associated with Linux-based anti-virus products. If such are found they are going to […]
update: 2024-04: having problem connecting to camera with vlc? (rstp not well documented or not working at all? try this: easy camera stream identification with ONVIF: it is a DAMN hussle, because EVERY camera vendor does it’s own rstp://user:password:ip.ad.dr.ess:/some/url/stream and […]
2020-12: another reason why JavaScript SUCKS badly and websites NEED TO WORK without JS: it might “destroy” NAT security: NAT Slipstreaming allows an attacker to remotely access any TCP/UDP service bound to a victim machine, bypassing the victim’s NAT/firewall (arbitrary […]
WARNING! WARNING! WARNING! BACKUP BEFORE UPDATING ANYTHING! it is also recommended, to do extensive testing of updates on a 1:1 test-system before updating production! while security is important so is speed/availability/uptime/downtime. upgrades especially of kernel and virtualbox need to be […]
as always… you should tweak your /etc/ssh/sshd_config for security only allow password auth temporarily and only use public-key auth. it is easy to setup and no brute-force attack in this world can hack your server. when you start to edit: […]
checkout the space weather today 🙂 “Schwabe cycle, is a nearly periodic 11-year change in the Sun’s activity” (src) but the sun’s particles ALSO shield from even more outer space radiation BUT the sun is ALSO protecting Earth & Mars […]
please see: https://dwaves.de/2019/01/08/fail2ban-manually-ban-and-unban-ip/
Was in USA funktioniert ist bald auch bei uns. Kriminelle erbeuten/kaufen detailierte persönliche Informationen (Geburtsdatum, Mail-Passwörter, Kreditkartennummern) online und rufen das Opfer mit einer GEFÄLSCHTEN Telefonnummer an, die GENAU so aussieht wie die einer Bank und erzählen, “es hätte seltsame […]
2020-12: another reason why JavaScript SUCKS badly and websites NEED TO WORK without JS: it might “destroy” NAT security: NAT Slipstreaming allows an attacker to remotely access any TCP/UDP service bound to a victim machine, bypassing the victim’s NAT/firewall (arbitrary […]
WARNING! central VestaCP software vendor was hacked in 2018 not sure if they fixed the problem and continue VestaCP development (a shame, it was really a very very nice web based gui to admin web and mailsevers) CentOS7: # search […]
first of: A DRASTIC VIDEO: JM Porup reports for Ars Technica: The Linux kernel today faces an unprecedented safety crisis. Much like when Ralph Nader famously told the American public that their cars were “unsafe at any speed” back in […]
Update: 2019.10 Zombieload is back. “This time a new variant (v2) of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS […]
Elon Musk: 2018: “Ai is far more dangerous than nukes” and should be regulated. “We have to ensure that the advent of digital super intelligence is symbiotic with mankind” Update: Made in Israel killer Drone! killing people has never been […]
Bitcoin Gold hacked – 18 Million USD stolen https://www.heise.de/newsticker/meldung/Ende-der-Grafikkarten-Aera-8000-ASIC-Miner-fuer-Zcash-Bitcoin-Gold-Co-4091821.html https://www.heise.de/ct/ausgabe/2018-14-Wie-51-Prozent-Angriffe-Bitcoin-Co-bedrohen-4085333.html
“Thank you” i feel much safer now, that you know EVERYTHING about me, you, everybody. it is about influencing and directing the masses like a herd of cattle. https://en.wikipedia.org/wiki/Room_641A Room 641A is a telecommunication interception facility in the SBC Communications […]
sometimes if you know how to r-click… you are allready a HACKER! “Last month’s story about organizations exposing passwords and other sensitive data via collaborative online spaces at Trello.com only scratched the surface of the problem. A deeper dive suggests […]
basically the advanced version of PiHole. WARNING! THIS IS not a complete OPNSense / PFSense tutorial it is rather just to get started. right now, one is (still) using iptables without any gui. there seems to be a lot of […]
By the amount of commentary SPAM i get on WordPress using Google’s ReCaptcha… it wonder if i shut just disable comments all together (kind of what Anti Spam Bee did… it was impossible for me to comment on my own […]
as you can see here every single day – spammers attach password encrypted word.doc to a mail and try to infect systems to extract ransome. This raises the question: How to handle this threat? Virus scanners are not enough anymore. […]
Update: 2024 unfortunately also some ARM CPUs are affected by Spectre v1 and v2. Update: 2020.03 “The newly developed Rowhammer- attack TRRespass can crack the RAM-a security mechanism by many DDR4-DRAM-modules as well as LPDDR4 Chips. Until now, these were […]
not a day passes by that spammers/crackers/evil money addicted people try to infect your system with an word.doc attached to some mail from “police” “government” “paypal” “facebook” “google” “apple” or whatever. here is the latest scam that: a password encrypted […]