Tag: encryption

Security: Protection Against Cryptware Wannacry

You heard perhaps last day’s about the major problems of Attacks to Systems with the “WannaCry” Crypto Ware Howto protect yourself? Enable the Firewall on Windows Systems!! Always! Update daily the Virus Scanners and Windows Patches! Disable and CLOSE Ports you never need! SMB Protocol is a open unencrypted Transfer Protocol! Use a second Router with Firewall behind your ISP Router or Modem! (openwrt, pfsense) Check with nmap Portscanner Tool the taken Rules and check if the work! For Network Access use ALWAYS SFTP with Authentification over KEYs Logins (Two Factor: Key and Password for unlock the Keyfiles id_rsa) For […]

Android: Get back Privacy and Security

If you use a Android Smartphone (other Mobile-OS same) you should take a minute to get back your privacy and security! This points helps to prevent, but there is no warranty for 100% protection! First every Smartphone offers a Factory Reset, search it on Settings and DO it! This prevent you from Firmware Spam by the Reseller! (Samsung, HTC..) Boot the Phone without inserting a SIM card, create a fake account to get Updates and Software over a PUBLIC WIFI Network (Coffee Shop, Freifunk) Install wanted Apps, then go to Settings now to accounts, PURGE the fake account. Disable / […]

Owncloud: Howto harden owncloud access with a ssh tunnel and squid

If you want to use a private secure owncloud (WebDAV Space Server) as Backup for all your devices you can harden the access thru a openssh Login with key auth and a squid as relay. Install apache2, php5, mysql-Server, openssh, squid3 config Apache2 to listen on https://localhost:443 setup squid3  and config the Proxy to listen only on localhost:3128 install owncloud to /var/WWW with forced “https” settings at the config.php create ssh-keys to auth with password protected key to the SSH Server If done, you can access the private Backup-Server via a Terminal/ Putty with the Tunneling Options $ssh -L 3128:localhost:3128 username@owncloudserver.home Open your Browser on your […]

Debian Ubuntu Laptop mods for SSD HDD and a full encrypted with luks

Major INFO 06-2015: Do not set tmpfs on ubuntu 15.XX or Systems with systemd!!! This block PC boot !! If you want to setup a Ubuntu/Debian Laptop with a full encrypted HDD use a “alternate” CD/DVD. After Setup you have to change some little Parameters to extend the lifecycle of the SSD Chips disable Swap if you have more than 4GB Ram enable a RAMDISK with tmpfs for logs, caches of Browsers install cpufrequtils for CPU freqscaling install laptop-mode-tools to set powersave mode for hardware modules install xbacklight to reduce backlight energy Steps: open a Console and change to root […]