Category: Security Infos

WordPress: Change User Password manual on mysql prompt

If you don’t want to use Passwords generated by wordpress itself, you can do it manual on a MYSQL Console howto: Login to your Webserver with the Database via encrypted SSH!! Login to the MYSQL Server Conssole with $ mysql -u username -p Enter Password, and change database with mysql>use database-name-of-blog Now Set Password for the User mysql>UPDATE wp_users SET user_pass = MD5('NEWPASSWORD-16-DIGITS') WHERE user_login = "THEUSERNAME"; System shows Echo: mysql> ok.. Changed 1 Row.. Quit mysql> exit Logout of SSH

Security: Harden DSL Routers and Networks against attacks

Last days there was a high count of news about the Bot Attacks against T-Com Telekom Router devices. To understand the behavior about this up comming security problems you should know following points : Every network supported device can be a goal for a attack ( Routers, Modems, PC, Fridges,IP-TV, IP Switches, IP-Cams…) You have to update the OS for each device monthly, if not supported by the manufacter, then dont buy! Try to get Opensource Hardware with Opensource Software for full access (ssh / console) to have full control Reduce the count of devices who are connected direct to […]

Android: Remove builtin Bloatware without hacking rooting or root-firmware

Last Weeks i got a new Smartphone, it offered 8GB Rom for OS and Apps. Iam not a real fan of rooting, cause i didnt write/change the firmware, i found a other way to tune the System: Dont insert a SIM CARD! After first Boot DONT CREATE a Google Account! Then go i to Apps Manager at Settings and try to disable all unwanted Apps! By default the Manufacterer install a very small and Basic App-Links which is updated later by the Playstore to a newer and much bigger one! Most Apps are min 50%-80% bigger than the factory Apps. The disabling […]

Openwrt: Turn older Router into Wifi Accesspoint Repeater Extender Solar Powered

At the Summer Time you need perhaps a Wifi Extender for your Garden?? Solution: TP Link 841/N (low power/Battery 9V/Solar /Type-N-allows external planar Antennas!!), 3600+4300 (USB-NAS/CIFS/SFTP/Classroom Library with USB Strorage) Openwrt 15.XX Calmer as OS with Firewall, Webinterface and REALTIME Monitor for Traffic and Connections! Easy Setup, replace the OS by the TP-Link-Updater, reboot and Login to Openwrt You got professional Options! works as Firewall, Extender, Repeater, WIFI-to-WIFI Bridge, LAN-to-WIFI Bridge, NTP-Server, DNS/DHCP Server can isolate connected WIFI Clients can handle different WIFI SSIDs / Networks on same Hardware modded Hardware can be used with 5Volts of Power! (841 removed Resistor) […]

Ubuntu: Create USB Live System Stick for Live Mode or Emergency Help

For all Users, especially Newbies its VERY helpful to have a Rescue System on a USB Stick if a Major Update/Release Change fails or break the System. To this the Ubuntu-ON-RAM Live System is very useful at public shared PCs for Online Banking etc., cause after every reboot all old Firefox Data are safe deleted!! How to create this VERY helpful Tool Stick for free? All you need is the latest Ubuntu-ISO file (AMD64-15.04 – 64bit) a new 4/8GB USB Stick (take a good Brand! to get a high quality tool). Howto: Burn the ISO to DVD/CD (NON-Linux-PC) Boot your […]

Security: Webserver HTTPS with Self Signed Certificate Do it yourself in 5 Minutes!!

Today the Point of Security and encrypted Webserver Communication is rolling over every User who hosts own Websites on the Internet. Last decades HTTPS was only used by Online Login Pages like Shops and Banks to verify the Communication between a User PC and the Website. But after January 2015 the most Search Engines like google decides to force index of Websites with HTTPS Protocol. The Background is that a TLS encrypted Connection isn’t easy to track and to force “drive-by-load-Viruses” to the Website Visitors. But a lot of Webmasters of the Opensource Community were angry about this handling. Thats […]

Raspberry Pi: Howto build a Local Network Monitor for Intrusion Logging Watchdog

Today the count of network devices at home networks grows up weekly, cause more and more home devices like freezers, coffee engines, dishwasher and more got builtin wifi interfaces. To have a Control Unit you can use a raspberry pi2 as cheap Network Monitor Logger. The Raspian by default offers builtin free tools, like arp, arp-scan, nmap, ping to easy monitor a network. If you have learned some commands and the bash scripting you can fast create a Network Logger, perhaps with analyse tools to mail alerts if new “MAC” NIC Adresses are seen. Every network device uses a owned […]

Owncloud: Howto harden owncloud access with a ssh tunnel and squid

If you want to use a private secure owncloud (WebDAV Space Server) as Backup for all your devices you can harden the access thru a openssh Login with key auth and a squid as relay. Install apache2, php5, mysql-Server, openssh, squid3 config Apache2 to listen on https://localhost:443 setup squid3  and config the Proxy to listen only on localhost:3128 install owncloud to /var/WWW with forced “https” settings at the config.php create ssh-keys to auth with password protected key to the SSH Server If done, you can access the private Backup-Server via a Terminal/ Putty with the Tunneling Options $ssh -L 3128:localhost:3128 username@owncloudserver.home Open your Browser on your […]

Major Webserver Setup Rules: The “must” do!

If you want to setup a fresh secure Webserver then use this list dont ever upload data, files, images on the Webserver who are classified as “secret” setup daily full backup with Cron view daily the system logs, auth, www, errors … setup a local firewall with less opened ports 80,25 .. setup daily automatic updates by cron reduce the count of users who can login use no logical usernames force long passwords by rules min 15 digits setup a daily load monitor by “uptime” to log setup a realtime network monitor by “iftop” use “nmap” as local portscan to […]

Debian Ubuntu Laptop mods for SSD HDD and a full encrypted with luks

Major INFO 06-2015: Do not set tmpfs on ubuntu 15.XX or Systems with systemd!!! This block PC boot !! If you want to setup a Ubuntu/Debian Laptop with a full encrypted HDD use a “alternate” CD/DVD. After Setup you have to change some little Parameters to extend the lifecycle of the SSD Chips disable Swap if you have more than 4GB Ram enable a RAMDISK with tmpfs for logs, caches of Browsers install cpufrequtils for CPU freqscaling install laptop-mode-tools to set powersave mode for hardware modules install xbacklight to reduce backlight energy Steps: open a Console and change to root […]