If you hold a website and use SSL/HTTPS with Certificates theres is often the question should i block Port 80? The most Admins think after the Major Changes of the Browsers to pull first HTTPS Port 443 they can close the HTTP Port 80. But you should NOT do it! Why? most Bots scan at […]
Kategorie: Firewall
Apache2 evasive Problems with WordPress
If you use Apache2 / Apache24 and anti-hammering tools like the Modul evasive and security2 as addon fail2ban than you can fail blogging. Problems: Apache2 Module „evasive“ must be fine tuned for WordPress go /etc/apache2/ if you use default enabled auto-safe drafts of posts can let you look like a Attacker so disable auto save […]
Major Tools for your IT Systems
A must „USE“ in these insecure days: nmap Portscan Tool use nmap -PN IP-Address to check failed Firewall Settings! arp-scan Network Scan to find active devices iftop to detect traffic and used Ports on a physical network Interface! ps aux show active processes on a Linux System htop more human friendly Process Monitor iotop human […]
mj12bot hammer mediawiki
Here some IP’s of some Botnet Servers of mj12bot.com: the Botnet ignores robots.txt and hammers on Mediawiki’s! A sorted output of a Log done with : cat /var/log/apache2/other*.log|grep MJ | awk '{ print $2 }' | sort | uniq -c | sort -n Output for ufw Firewalls: 162.210.196.97 144.76.3.131 148.251.195.14 5.9.158.195 173.208.157.186 176.31.255.65 178.63.34.189 […]
Firefox Stop Home Calls
During my last Network Monitoring found out that MANY of „free“ Software calls home permanent Article: https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections .. if you want to be safe, block all OUTGOING Traffic by a Firewall or local DNS Server and use a Proxy with Auth Mechanism!
Major Bug: UFW stopped thru logrotate
On Debian Sid i have seen that ufw service is stopped on logrotate!! Its a bad known bug! Workaround: Set all Services like Dovecot, Postfix to listen on LOCALHOST (127.0.0.1) if not needed over Internet Enable ONLY encrypted AUTH (Login) to Postfix! (TLS 1.2) Disable unneeded Services ! like Samba, FTP… move config from /etc/logrotate.d/ufw […]
Postfix: Automatic UFW Firewall Updates
If you use a Mail Server with Postfix you got daily Spam Attacks by Scripts: How to fix? Install ufw Firewall Run a Scanner Script as cronjob On Debian/Ubuntu: Install ufw: sudo apt-get update && sudo apt-get install ufw && sudo ufw enable && sudo ufw logging off Scan Script: sudo nano /home/user/firewall-update.sh: #!/bin/bash # […]
Security: Protection Against Cryptware Wannacry
You heard perhaps last day’s about the major problems of Attacks to Systems with the „WannaCry“ Crypto Ware Howto protect yourself? Enable the Firewall on Windows Systems!! Always! Update daily the Virus Scanners and Windows Patches! Disable and CLOSE Ports you never need! SMB Protocol is a open unencrypted Transfer Protocol! Use a second Router […]
Freifunk: Setup Router Software Bugfix
If you want to share Public Wifi at home for friends and you don’t want to share the Wifi Password, you can setup cheap a Public Openwrt Wifi Router as Access Point. Advantages: Public Setup needs no Wifi Password You are not responsible, cause the Internet is pulled thru a VPN of Freifunk Network It’s […]