Today i got the openwrt Firmware to run on my new xiaomi ax3200 Router, the Problem is that the Default Firmware open a Upload-Channels to “api.wifimi.com” Many online wiki told that its impossible to flash the BR01 Version after Production Date 09.21 To flash you need a Serial UART to USB Adaptor and 4 Pin-Lab Cables connected to the Mainboard from bottom without open the Case!! Remark: Plug Router-Pin-RX to TX at the UART Adapter and Router TX to RX-UART (Crossover!!!) Voltage + is 3,3 Volts!! not 5Volts!! here some Pictures https://github.com/mikeeq/xiaomi_ax3200_openwrt#uart-flash REMARK the Pins from bottom must be seen MIRRORED!!! […]
Category: Maintenance
Apache2 evasive Problems with WordPress
If you use Apache2 / Apache24 and anti-hammering tools like the Modul evasive and security2 as addon fail2ban than you can fail blogging. Problems: Apache2 Module “evasive” must be fine tuned for WordPress go /etc/apache2/ if you use default enabled auto-safe drafts of posts can let you look like a Attacker so disable auto save by wp-config set “define(‘AUTOSAVE_INTERVAL’, 86400);” !! on small systems redis and other cache technics can generate too additional hidden “posts” traffic to the Apache2 & SQL checkout the system by disable all security addons and fine tune settings, if ok enable them again.. try wordpress […]
Redis Monitoring command line
Open a Console to checkout the IO of the REDIS Socket on Ubuntu Linux do: redis-cli -s /var/run/redis/redis-server.sock at the Prompt enter “MONITOR” ! redis /var/run/redis/redis-server.sock > MONITOR Lines run should be seen.. like 1643798561.129268 [0 unix:/var/run/redis/redis-server.sock] "EXPIRE" "98f4dfa05f67a630e9a828ad8a7c30d9/lockfiles/5cd93670745f7ff4ef4b456cc9c8b126" "3600" 1643798561.130843 [0 unix:/var/run/redis/redis-server.sock] "INCRBY" "98f4dfa05f67a630e9a828ad8a7c30d9/lockfiles/262023e9d503ea4158010bfebc4124bd" "1" 1643798561.131158 [0 unix:/var/run/redis/redis-server.sock] "EXPIRE" "98f4dfa05f67a630e9a828ad8a7c30d9/lockfiles/262023e9d503ea4158010bfebc4124bd" "3600" 1643798561.132725 [0 unix:/var/run/redis/redis-server.sock] "INCRBY" "98f4dfa05f67a630e9a828ad8a7c30d9/lockfiles/84b5072ee7801482b6bf7d661003df87" "1" 1643798561.133044 [0 unix:/var/run/redis/redis-server.sock] "EXPIRE" "98f4dfa05f67a630e9a828ad8a7c30d9/lockfiles/84b5072ee7801482b6bf7d661003df87" "3600" 1643798561.138752 [0 unix:/var/run/redis/redis-server.sock] "WATCH" "98f4dfa05f67a630e9a828ad8a7c30d9/lockfiles/84b5072ee7801482b6bf7d661003df87" 1643798561.139097 [0 unix:/var/run/redis/redis-server.sock] "GET" "98f4dfa05f67a630e9a828ad8a7c30d9/lockfiles/84b5072ee7801482b6bf7d661003df87"
Android Cleanup NonRoot
If you use a Android Phone you should cleanup by Reset every 6 Month: Remove of Background Apps Remove blown up Updates Remove unused Apps Disable unused Apps preinstalled Raise Security Raise Privacy Reduce burned Bandwith from App Homecalls Use Siteload to reinstall LESS Apps Use Browser against Apps ! Reduce Backlinks of Apps to Cloud Remove Google Account Reset Advertisment-ID at Google Settings Reset Phone Settings, often useful! Disable Mobile Net+Wifi Access to unused preinstalled Apps! Control Homecalls by connect to a OpenWRT Router with iftop! Increase Battery runtime. Remove E-Mail, Social-Media Apps against Viruses over Chat and Mails […]
Split Files on embedded Linux Systems
If you run a embedded Linux PC like raspi often some Linux Commands fail without error messages, cause the hardware performance is low tech. Same i have seen on the split command.. to split a 50GB Photos-Archive File to 4Gb on a USB Drive i found out that: sudo split -b 4096m -d -u Photos.tgz Photos-Archive_ fix the job.. Cause option -u disable IO-Caching over the 2.0 USB Port to the RAM of the raspi that the Data of the Output Stream is written direct to the Drive.
Apache MEMCACHED UDP Protection
Current a lot of sites blogging about memcached attacks on Servers here some details: Memcached Servers need a installed and running Service called “memcached” Websites need a php-plugin like php7.0-memcached to connect via API to the memcached Service The Memcached Service uses a own Config File at debian /etc/memcached.conf By default it MUST listen to localhost or socket Admins MUST setup a FIREWALL like “ufw” (iptables) and MUST check own Server for OPEN PORTS with nmap The Problem is that Attackers can run Scripts against to your Server in a 10^6 Range like a BOTNET !! with ONE PC cause […]