Category: Debian

mj12bot hammer mediawiki

Here some IP’s of some Botnet Servers of mj12bot.com: the Botnet ignores robots.txt and hammers on Mediawiki’s! A sorted output of a Log done with :   cat /var/log/apache2/other*.log|grep MJ | awk '{ print $2 }' | sort | uniq -c | sort -n Output for ufw Firewalls: 162.210.196.97 144.76.3.131 148.251.195.14 5.9.158.195 173.208.157.186 176.31.255.65 178.63.34.189 69.30.198.186 144.76.60.198 40.121.210.108 5.189.152.91 5.9.66.153 69.30.198.242 69.30.205.218 81.109.126.245 192.99.10.47 If this doesn’t help the use “Apache AUTH Basic” to block unwanted access!! It’s easy to setup.

Convert WordPress Blog into Static Websites

For some reasons you want to convert your WordPress with Linux Tools into a Static Website: low level Hosting no SQL + PHP for higher Security Then open a Terminal and enter into a Text Editor: nano wp2statis.sh: #!/bin/bash wget \ –recursive \ –no-clobber \ –page-requisites \ –html-extension \ –convert-links \ –restrict-file-names=windows $url-of-site exit 0 Advantage? wget runs on most WP-Themes low Load on the convert Process Script can be used to run by Cron automaticly every Night !

Website Speed Test with Linux

If you own a Blog and want to check the Speed with your local Linux Computer use a commandline tool called curl. Open a Terminal and enter:   curl -o /dev/null -s -w 'Connect: %{time_connect}\nStart Transfer: %{time_starttransfer}\nTotal: %{time_total}\n' https://www.yourdomain.de System Echos: Connect: 0,084774 Start Transfer: 0,173280 Total: 0,228651 Advantage? You will see the Website Load Time of Users at your Location (Country Area) You can check “high performance Clouds” vs. “bare metal Servers” or “virtual Hosting” You see that mostly expensive Hosting is wasted money cause “shared” IO V-Host is SLOWER! You get the real “felt” IO for Users who […]

Major Bug: UFW stopped thru logrotate

On Debian Sid i have seen that ufw service is stopped on logrotate!! Its a bad known bug! Workaround: Set all Services like Dovecot, Postfix to listen on LOCALHOST (127.0.0.1) if not needed over Internet Enable ONLY encrypted AUTH (Login) to Postfix! (TLS 1.2) Disable unneeded Services ! like Samba, FTP… move config from /etc/logrotate.d/ufw to /root/ to disable ufw logrotate !! edit /etc/ufw/ufw.conf set LOGLEVEL to “off” restart the Server and check open Ports next Days from outside with: $sudo nmap -PN my.server.com

Split Files on embedded Linux Systems

If you run a embedded Linux PC like raspi often some Linux Commands fail without error messages, cause the hardware performance is low tech. Same i have seen on the split command.. to split a 50GB Photos-Archive File to 4Gb on a USB Drive i found out that: sudo split -b 4096m -d -u Photos.tgz Photos-Archive_ fix the job.. Cause option -u disable IO-Caching over the 2.0 USB Port to the RAM of the raspi that the Data of the Output Stream is written direct to the Drive.

FastGlacier Client on Linux AWS Cloud Backup

If you are a Newbie on AWS Glacier Cloud Backup you want to use a simple Backup Uploader you can use FastGlacier inside Wine! Major Info: Glacier puts only Files up to 4GB size, split 50GB Tar/Zip Files to 4GB!! Setup AWS free Account !! Go to IAM create User, set User Role to Glacier full access Write down User and Password key at IAM now go right to you loved Cloud Area like Frankfurt or Asia Setup new vault, logout.. install wine install winetricks dotnet40 Framework install FastGlacier have fun.. sudo apt-get install wine sudo apt-get winetricks Run winetricks […]

Smartmontools unlisted Devices

If you use a Toshiba Canvio 3tb Drive at a raspi then smartmontools will not see the usb drive. Try: sudo smartctl -t long -d sat -s on /dev/sdb -t test long or short -d drive protocol sata = sat -s enforce smart which is off by the usb drive firmware wait XXX Minutes then: sudo smartctl -H -d sat -s on /dev/sdb get status..

Apache MEMCACHED UDP Protection

Current a lot of sites blogging about memcached attacks on Servers here some details: Memcached Servers need a installed and running Service called “memcached” Websites need a php-plugin like php7.0-memcached to connect via API to the memcached Service The Memcached Service uses a own Config File at debian /etc/memcached.conf By default it MUST listen to localhost or socket Admins MUST setup a FIREWALL like “ufw” (iptables) and MUST check own Server for OPEN PORTS with nmap The Problem is that Attackers can run Scripts against to your Server in a 10^6 Range like a BOTNET !! with ONE PC cause […]

ENFORCE Google to DuckDuckgo SEARCH

If you want to enforce the use of DuckDuckgo.com instead of google.com do: Edit at the PC the “hosts” File on: Linux /etc/hosts Windows C:\Windows\System32\drivers\etc insert at last: 54.229.105.92 google.com #ip of duckduckgo or 176.34.131.233 54.229.105.203 google.com #ip of duckduckgo 176.34.131.233 bing.com #ip of duckduckgo or 176.34.131.233 176.34.131.233 yahoo.com #ip of duckduckgo or 176.34.131.233 ..reboot and test on a Browser Session after google.com you see duckduckgo.com Remark: Most DSL Routers do offer the edit of the hosts File too, do same there and ALL devices redirected! Don’t forget to reboot! This Solution works only on IPv4 Networks, to enforce the […]