On Debian Sid i have seen that ufw service is stopped on logrotate!! Its a bad known bug! Workaround: Set all Services like Dovecot, Postfix to listen on LOCALHOST (127.0.0.1) if not needed over Internet Enable ONLY encrypted AUTH (Login) to Postfix! (TLS 1.2) Disable unneeded Services ! like Samba, FTP… move config from /etc/logrotate.d/ufw to /root/ to disable ufw logrotate !! edit /etc/ufw/ufw.conf set LOGLEVEL to “off” restart the Server and check open Ports next Days from outside with: $sudo nmap -PN my.server.com
If you run a embedded Linux PC like raspi often some Linux Commands fail without error messages, cause the hardware performance is low tech. Same i have seen on the split command.. to split a 50GB Photos-Archive File to 4Gb on a USB Drive i found out that: sudo split -b 4096m -d -u Photos.tgz Photos-Archive_ fix the job.. Cause option -u disable IO-Caching over the 2.0 USB Port to the RAM of the raspi that the Data of the Output Stream is written direct to the Drive.
If you are a Newbie on AWS Glacier Cloud Backup you want to use a simple Backup Uploader you can use FastGlacier inside Wine! Major Info: Glacier puts only Files up to 4GB size, split 50GB Tar/Zip Files to 4GB!! Setup AWS free Account !! Go to IAM create User, set User Role to Glacier full access Write down User and Password key at IAM now go right to you loved Cloud Area like Frankfurt or Asia Setup new vault, logout.. install wine install winetricks dotnet40 Framework install FastGlacier have fun.. sudo apt-get install wine sudo apt-get install winetricks Run […]
If you upgrade or install Ubuntu to 18.04 the last and current LTS Version you have may asked yourself “what the hell is snap loop device?” Easy Snap was hidden built in to print MONEY, sure?? YES see manpage snap.. ” BUY A SNAP !!” .. its a new try to get money since Amazon Shop Link implementation.. like others from Appstores.. Howto get rid off? Removing of snapd with purge app Apps by deps.. # sudo apt-get remove snapd –purge Some may ask do i need snaps? No cause most packages still live at the debian apt repository Snap […]
Current a lot of sites blogging about memcached attacks on Servers here some details: Memcached Servers need a installed and running Service called “memcached” Websites need a php-plugin like php7.0-memcached to connect via API to the memcached Service The Memcached Service uses a own Config File at debian /etc/memcached.conf By default it MUST listen to localhost or socket Admins MUST setup a FIREWALL like “ufw” (iptables) and MUST check own Server for OPEN PORTS with nmap The Problem is that Attackers can run Scripts against to your Server in a 10^6 Range like a BOTNET !! with ONE PC cause […]
Apparmor has a current bug with the Kernel 4.14 on Debian and seems Ubuntu too, it blocks MySQL and other services from clean run. Bug touches Network Stack of the Kernel