Category: Security Infos

mj12bot hammer mediawiki

Here some IP’s of some Botnet Servers of mj12bot.com: the Botnet ignores robots.txt and hammers on Mediawiki’s! A sorted output of a Log done with :   cat /var/log/apache2/other*.log|grep MJ | awk '{ print $2 }' | sort | uniq -c | sort -n Output for ufw Firewalls: 162.210.196.97 144.76.3.131 148.251.195.14 5.9.158.195 173.208.157.186 176.31.255.65 178.63.34.189 69.30.198.186 144.76.60.198 40.121.210.108 5.189.152.91 5.9.66.153 69.30.198.242 69.30.205.218 81.109.126.245 192.99.10.47 If this doesn’t help the use “Apache AUTH Basic” to block unwanted access!! It’s easy to setup.

WordPress Gutenberg Editor fails on modsecurity2

If you use modsecurity2 Plugin Filter on a Apache2 / Apache24 Setup then on my Blogs Gutenberg fails to SAVE Pages and Drafts. Workaround: Install the old but useful “Classic Editor Plugin” and replace Gutenberg for all Users! Background: It seems the lastest stable mod_security2 Rules not modified for Gutenberg post urls!

5G Mobile Network opens Pandora’s Box

5G will it make possible to attack mobile Devices and Cars 10 times faster Users will not recognize attacks or uploaded data the wider data bandwith will it make possible to attack much more efficient Remark: checkout if you really need this mobile network, cause slower is sometime safer against automated tools slower mobile network is cheaper disable mobile data if not neeeded to stay hidden and offline, calls option is still working

Major Bug: UFW stopped thru logrotate

On Debian Sid i have seen that ufw service is stopped on logrotate!! Its a bad known bug! Workaround: Set all Services like Dovecot, Postfix to listen on LOCALHOST (127.0.0.1) if not needed over Internet Enable ONLY encrypted AUTH (Login) to Postfix! (TLS 1.2) Disable unneeded Services ! like Samba, FTP… move config from /etc/logrotate.d/ufw to /root/ to disable ufw logrotate !! edit /etc/ufw/ufw.conf set LOGLEVEL to “off” restart the Server and check open Ports next Days from outside with: $sudo nmap -PN my.server.com

Goodby Smartphones

Today iam going offline with any of my Smarthones for Testing. Why? all current Smartphones based on nonfree Hard and Software less patched Hackers can remote force install Trojans as Updates (especially Stores by gov order) non rooted devices are black boxes rooted Images or Tools as Workarounds are often not published in which way the System OS is broken down, Hackers don’t work nonprofit ! Linux Laptops usage is often easier and much safer, you have full control and can run security tools to monitor Apps for free do always call home at background can’t control active background jobs […]