Kategorie: CentOS Red Hat Enterprise Smeserver Bluequartz Strongbolt

Apache MEMCACHED UDP Protection

Current a lot of sites blogging about memcached attacks on Servers here some details: Memcached Servers need a installed and running Service called „memcached“ Websites need a php-plugin like php7.0-memcached to connect via API to the memcached Service The Memcached Service uses a own Config File at debian /etc/memcached.conf By default it MUST listen to localhost or socket Admins MUST setup a FIREWALL like „ufw“ (iptables) and MUST check own Server for OPEN PORTS with nmap The Problem is that Attackers can run Scripts against to your Server in a 10^6 Range like a BOTNET !! with ONE PC cause […]

ENFORCE Google to DuckDuckgo SEARCH

If you want to enforce the use of DuckDuckgo.com instead of google.com do: Edit at the PC the „hosts“ File on: Linux /etc/hosts Windows C:\Windows\System32\drivers\etc insert at last: 54.229.105.92 google.com #ip of duckduckgo or 176.34.131.233 54.229.105.203 google.com #ip of duckduckgo 176.34.131.233 bing.com #ip of duckduckgo or 176.34.131.233 176.34.131.233 yahoo.com #ip of duckduckgo or 176.34.131.233 ..reboot and test on a Browser Session after google.com you see duckduckgo.com Remark: Most DSL Routers do offer the edit of the hosts File too, do same there and ALL devices redirected! Don’t forget to reboot! This Solution works only on IPv4 Networks, to enforce the […]

Locale Umloud Problems Cron

If you run scripts to handle text output by cronjobs your perhaps get problems with umlouds „ÖÄÜ“ cause they are displayed by „**“. This is a problem cause cron uses „C“ setting as locale, you can test it by setting it into root crontab: open crontab from root with: $su – root $crontab – insert * * * * * locale This will mail cron’s locale echo to the mailbox of root! Read root’s mail! After tests remove the locale entry at crontab! Howto fix for Scripts: open crontab from root with: $su – root $crontab -e insert (for German): […]

Postfix: Automatic UFW Firewall Updates

If you use a Mail Server with Postfix you got daily Spam Attacks by Scripts: How to fix? Install ufw Firewall Run a Scanner Script as  cronjob On Debian/Ubuntu: Install ufw: sudo apt-get update && sudo apt-get install ufw && sudo ufw enable && sudo  ufw logging off Scan Script: sudo nano /home/user/firewall-update.sh: #!/bin/bash # scan rejected cat /var/log/mail.log | grep rejected | cut -d"[" -f3 | cut -d"]" -f1|grep -v '^$' > /tmp/firewall.txt # insert to Firewall while read line; do sudo ufw insert 1 deny from $line to any; done < /tmp/firewall.txt # scan "denied" cat /var/log/mail.log | […]

Linux: Systemd ignore console-setup settings

If you work on older Laptops and you use a Console only System Setup like on Debian there is a Bug on systemd and the console-setup package since years. After reboot all Font Settings seems gone. But the Settings are not real gone, cause systemd does not pull the settings on boot! How to fix? edit the crontab of root by sudo su – crontab -e insert the /bin/setupcon command on „@reboot“ means on every boot! @reboot     /bin/setupcon > /dev/null 2>&1 save and exit, reboot now now the PC should echo big Fonts for old eyes „Terminus 20×12 Frambuffermode“  

Apache: Analyse Logs Spam Bots

If you admin a Apache Webserver, you see often weekly thousand of visits a day on your Blogs. Background: These are no real users, this visits are made by Spam Bots in my Logs like Xovi.de or xovibot.net Bots! On info pages this Company says Admins should disallow crawl by robots.txt, but they IGNORE the settings! This x-guys is in my opinion against German Law „Datenschutz“. "Mozilla/5.0 (compatible; XoviBot/2.0; +http://www.xovibot.net/)" Solution: On Linux Setup a Firewall like ufw and block these IP Ranges To find out the IPs do: $sudo cat /var/log/apache2/access.log|grep xovibot.net| awk '{ print $2 }' | sort | […]

Rsync: Performance NFS Boost

If you use two Linux Servers with NFS Shares connect over Gigabit Interfaces for Backups, you perhaps remark performance problems on using rsync. It does often pause transmissions or reach only a rate of 32Mb/s. That’s bad and waste time and energy. Background: After some Tests of running Backups with single files and compressed big archives, the scans of my tools like iftop, systat, iptraf found out that the used Option „rsync -avz“ was the bottle neck, cause the Data Rate break down at intervals. The „z“ compress option was described on howtos as must have for slower networks did […]