Category: Security Infos

Owncloud: Howto harden owncloud access with a ssh tunnel and squid

If you want to use a private secure owncloud (WebDAV Space Server) as Backup for all your devices you can harden the access thru a openssh Login with key auth and a squid as relay. Install apache2, php5, mysql-Server, openssh, squid3 config Apache2 to listen on https://localhost:443 setup squid3  and config the Proxy to listen only on localhost:3128 install owncloud to /var/WWW with forced “https” settings at the config.php create ssh-keys to auth with password protected key to the SSH Server If done, you can access the private Backup-Server via a Terminal/ Putty with the Tunneling Options $ssh -L 3128:localhost:3128 username@owncloudserver.home Open your Browser on your […]

Major Webserver Setup Rules: The “must” do!

If you want to setup a fresh secure Webserver then use this list dont ever upload data, files, images on the Webserver who are classified as “secret” setup daily full backup with Cron view daily the system logs, auth, www, errors … setup a local firewall with less opened ports 80,25 .. setup daily automatic updates by cron reduce the count of users who can login use no logical usernames force long passwords by rules min 15 digits setup a daily load monitor by “uptime” to log setup a realtime network monitor by “iftop” use “nmap” as local portscan to […]

Debian Ubuntu Laptop mods for SSD HDD and a full encrypted with luks

Major INFO 06-2015: Do not set tmpfs on ubuntu 15.XX or Systems with systemd!!! This block PC boot !! If you want to setup a Ubuntu/Debian Laptop with a full encrypted HDD use a “alternate” CD/DVD. After Setup you have to change some little Parameters to extend the lifecycle of the SSD Chips disable Swap if you have more than 4GB Ram enable a RAMDISK with tmpfs for logs, caches of Browsers install cpufrequtils for CPU freqscaling install laptop-mode-tools to set powersave mode for hardware modules install xbacklight to reduce backlight energy Steps: open a Console and change to root […]

Security Warning Sicherheitsproblem: Visa Card Model 2013 with RFID Chip

Sicherheitsproblem Visa Karte Modell 2013: Wie auch beim neuen Ausweis mit RFID Chip besitzt die neue Visa Karte einen Funkchip RFID der die Kartennummer per Funk zur Kassen senden kann. Grund wird eine Umstellung des Bezahlvorganges beim Einkauf sein, Missbrauch ist nun also per Hackersoftware und Smartphone denkbar! Quasi Taschendiebstahl auf 10Meter im vorbeigehen! Tip: Ausweise oder Ausweisbücher/mehrere Karten mit RFID in Alufolie einwickeln! Laut Gesetz liegt im Missbrauchsfall die Beweislast beim Kunden!!! Fachpresse: Link  

Chromebook Replacement: Get or build your Firefoxbook with Linux for free

A free Howto to get a free Chromebook Replacement: Called Firefoxbook Everybody knows a product called chromebook, but you must not buy such a laptop with branded OS! Here is a small  Howto get a similar Laptop with free firefox. How does it work? Easy, the Laptop boots from Stick or CF-Card to RAMDISK, the firefox profile and cache is always new created at non permanent RAMDISK. The private Mode surpress cookie and other waste. Only the Window Settings are stored (Fullscreen/ F11). After boot the Internet is connected and Firefox is shown on Desktop. All you need: a Laptop, […]