Current a lot of sites blogging about memcached attacks on Servers here some details: Memcached Servers need a installed and running Service called „memcached“ Websites need a php-plugin like php7.0-memcached to connect via API to the memcached Service The Memcached Service uses a own Config File at debian /etc/memcached.conf By default it MUST listen to […]
Kategorie: Security Infos
ENFORCE Google to DuckDuckgo SEARCH
If you want to enforce the use of DuckDuckgo.com instead of google.com do: Edit at the PC the „hosts“ File on: Linux /etc/hosts Windows C:\Windows\System32\drivers\etc insert at last: 54.229.105.92 google.com #ip of duckduckgo or 176.34.131.233 54.229.105.203 google.com #ip of duckduckgo 176.34.131.233 bing.com #ip of duckduckgo or 176.34.131.233 176.34.131.233 yahoo.com #ip of duckduckgo or 176.34.131.233 ..reboot […]
Nextcloud Owncloud Opensource Risk’s
If you are current using Nextcloud / Owncloud or other PHP-Kits for File Handling you should know these remarks: Based on this Article You must know: Details of Security about your current used PHP Versions (7.X) Details of your used Database Version (MySQL..) Details of hardened OS and Webserver Version (Apache,Firewall,fail2ban,file policys, selinux, apparmor filter) […]
Ubuntu 16.04 Compiz Hang Kernel
After Ubuntu published the latest Kernel Patches for Meltdown and Spectre the Kernel 4.4.0-104/109-generic let Intel Graphics freeze or hang on Compiz with Unity. Howto fix: Install the latest Kernel 4.4.0-112-generic do: sudo apt-get install linux-image-4.4.0-112-generic sudo apt-get install linux-image-extra-4.4.0-112-generic reboot then: sudo apt-get autoremove –purge -y This removes older kernels and save Space! Do test the […]
Meltdown Spectre VM Hosting
Thru current IT News you may have heard about the major Security Problem of x86 Technology. If your Websites current hosted on VM at VM Providers, contact them to get current news about their bug handling of their VM Host Servers. If you get no details, then shutdown your sites temporarily, or look for a […]
Debian: without sytemd
If you run Debian Servers, you read last weeks about security problems of systemd service manager. On several tests i have seen much systems having problems on service starts on boot like on debian, raspian .. This is a result of not clean redesigned scripts of the services by the Maintainers like the Proxy Server […]
Security: Disable USB Drive mount for Users
If you share your Systems and you want to disable USB Drive connects there is a small solution. By default the gvfs Service handle all automounts and drive scans. On old Linux Systems you could purge the complete gvfsd „Backend“ but Ubuntu-Desktop forces some pakets to the default Desktop Package! If you purge it the […]
Security: Isolated Browser eMail Programs
If you want to be more secure, on Linux you can isolate used programs on different Users! All you need is installed by default! Howto: Add a new User for eMail and Browser to the System with: $sudo adduser mailuser $sudo adduser webuser now install if not installed by default „gksu“ User Switch $sudo apt-get […]
Security: Protection Against Cryptware Wannacry
You heard perhaps last day’s about the major problems of Attacks to Systems with the „WannaCry“ Crypto Ware Howto protect yourself? Enable the Firewall on Windows Systems!! Always! Update daily the Virus Scanners and Windows Patches! Disable and CLOSE Ports you never need! SMB Protocol is a open unencrypted Transfer Protocol! Use a second Router […]
Linux Console: SSH Echo Last User LOGIN Info
If you use SSH Logins to your Systems, you perhaps want to know, who logged in last days and from which IP Address. Screenshot SSH Login Echo LAST Info: Howto: Open the .profile File at your Home with a Editor and enter: clear last -n 4 This will echo after login the last 4 Logins […]