If you hold a website and use SSL/HTTPS with Certificates theres is often the question should i block Port 80? The most Admins think after the Major Changes of the Browsers to pull first HTTPS Port 443 they can close the HTTP Port 80. But you should NOT do it! Why? most Bots scan at […]
Schlagwort: Debian
Bug: WIFI WICD Network dropped by apparmor randomly
Apparmor prevent by broken Security Profile read Access to Configs of WICD Syslog dmesg Log: apparmor="DENIED" name="/var/lib/wicd/dhclient.conf"…. Solution: sudo nano /etc/apparmor.d/sbin.dhclient add after „/etc/dhcp/** r,“: /var/lib/wicd/dhclient.conf r, to enable access to /var/lib/wicd/dhclient.conf which is able to read updates
Debian Ubuntu: CEWE Fotobuch installieren unter 64bit Linux
Problem: Cewe Fotobuch Software wurde für 32bit Linux geschrieben lässt sich daher nach der Installation wegen fehlender Libraries nicht starten. Lösung: Download der Software von http://www.cewe-fotobuch.de/download/ Konsole öffnen (ähnlich Windows Dos Fenster – keine Mausgesteuerte Installation) die Datei Namens setup_Mein_CEWE_Fotobuch.tgz nach /tmp kopieren entpacken des Archives (.tgz) starten des Perlscripts nachträgliche Installation der 32bit Framedateien […]
Firefox Bug more than a Feature no Sound after Update
If you use firefox for hamradio like openwebrx or kiwisdr the Sound will die after a Update! That’s NO Driver or NO Linux or a WEBSDR Problem, The Problem is DISABLED AUDIO startup on Firefox Fix: Enter at the URL-BAR „about:config“ search entry „media.autoplay.block-webaudio“ to false Restart Firefox and be happy.. If you are a […]
Major Tools for your IT Systems
A must „USE“ in these insecure days: nmap Portscan Tool use nmap -PN IP-Address to check failed Firewall Settings! arp-scan Network Scan to find active devices iftop to detect traffic and used Ports on a physical network Interface! ps aux show active processes on a Linux System htop more human friendly Process Monitor iotop human […]
Ubuntu Odroid Enable Boot Messages again
To see any VERY useful Kernel Boot Messages on Screen do: nano /media/boot/boot.ini then search line 9: setenv condev "console=ttyS0,115200n8" change to: setenv condev "console=ttyS0,115200n8 console=tty1" now enable Multi-User Console this disable graphic Lightdm Login Manager systemctl set-default multi-user.target Now you can debug all again.. be happy
Redis Monitoring command line
Open a Console to checkout the IO of the REDIS Socket on Ubuntu Linux do: redis-cli -s /var/run/redis/redis-server.sock at the Prompt enter „MONITOR“ ! redis /var/run/redis/redis-server.sock > MONITOR Lines run should be seen.. like 1643798561.129268 [0 unix:/var/run/redis/redis-server.sock] "EXPIRE" "98f4dfa05f67a630e9a828ad8a7c30d9/lockfiles/5cd93670745f7ff4ef4b456cc9c8b126" "3600" 1643798561.130843 [0 unix:/var/run/redis/redis-server.sock] "INCRBY" "98f4dfa05f67a630e9a828ad8a7c30d9/lockfiles/262023e9d503ea4158010bfebc4124bd" "1" 1643798561.131158 [0 unix:/var/run/redis/redis-server.sock] "EXPIRE" "98f4dfa05f67a630e9a828ad8a7c30d9/lockfiles/262023e9d503ea4158010bfebc4124bd" "3600" 1643798561.132725 [0 unix:/var/run/redis/redis-server.sock] […]
Nextcloud Owncloud Upgrade Traps
If you use Nextcloud (Owncloud) and you login into the Admin Panel the Updater display you that your Setup is outdated, you MUST handle as follows to PREVENT System Problems: Do FULL-BACKUP the Server Setup before you CHANGE something! Pre-Check Nextcloud Version dependency’s of PHP-Version and MYSQL Version! Cause Nextcloud offers NO System PRECHECK or […]
Pihole DNS Adblocker
If you have outdated PC’s you can give them a Second Life as DNS Adblocker! You can get the free Software Package at pi-hole.net Don’t buy high priced preinstalled devices on NET cause a lot of the Resellers DONT DONATE the pi-hole Developers Group!!! Advantages: Less Homecalls of all Devices at your Home, like […]
Major Bug: UFW stopped thru logrotate
On Debian Sid i have seen that ufw service is stopped on logrotate!! Its a bad known bug! Workaround: Set all Services like Dovecot, Postfix to listen on LOCALHOST (127.0.0.1) if not needed over Internet Enable ONLY encrypted AUTH (Login) to Postfix! (TLS 1.2) Disable unneeded Services ! like Samba, FTP… move config from /etc/logrotate.d/ufw […]