Security: Protection Against Cryptware Wannacry

You heard perhaps last day’s about the major problems of Attacks to Systems with the „WannaCry“ Crypto Ware

Howto protect yourself?

  • Enable the Firewall on Windows Systems!! Always!
  • Update daily the Virus Scanners and Windows Patches!
  • Disable and CLOSE Ports you never need! SMB Protocol is a open unencrypted Transfer Protocol!
  • Use a second Router with Firewall behind your ISP Router or Modem! (openwrt, pfsense)
  • Check with nmap Portscanner Tool the taken Rules and check if the work!
  • For Network Access use ALWAYS SFTP with Authentification over KEYs Logins (Two Factor: Key and Password for unlock the Keyfiles id_rsa)
  • For fresh installed Systems do a Full Backup of the Disk.
  • To Save your work files use USB Drives or USB Sticks which can be unplugged, if you don’t need them.
  • Backup weekly the Windows Disk to a external USB Disk 1TB sold for less than 50$
  • ..last but not least use a Live CD of Linux like ubuntu to access the Internet..

Update:

  • The Linux Windows Share Service called Samba is also under attack CVE-2017-7494
  • to fix enter smb.conf with a Editor:

nt pipe support = no

  • restart the Service with:

$service samba stop && service samba start

  • Don’t use reload, to be secure that the config is really reloaded!! A „systemd“ Problem!
  • Check the Samba Share for write and read access!

Ubuntu: Create USB Live System Stick for Live Mode or Emergency Help

For all Users, especially Newbies its VERY helpful to have a Rescue System on a USB Stick if a Major Update/Release Change fails or break the System. To this the Ubuntu-ON-RAM Live System is very useful at public shared PCs for Online Banking etc., cause after every reboot all old Firefox Data are safe deleted!!

How to create this VERY helpful Tool Stick for free?
All you need is the latest Ubuntu-ISO file (AMD64-15.04 – 64bit) a new 4/8GB USB Stick (take a good Brand! to get a high quality tool).

Howto:

  • Burn the ISO to DVD/CD (NON-Linux-PC)
  • Boot your PC on this DVD/CD
  • Plugin the USB Stick
  • Open a Gnome-Terminal
  • Change to root/admin User enter $ sudo -s
  • To cleanup the NEW Stick enter $ dd if=/dev/zero of=/dev/sdb bs=1M count=10
  • Create new Partition Type Primary set to Format „FAT32“ with Partition Tool „Gparted“ do $ gparted /dev/sdb
  • Exit gparted
  • Re-Plugin the Stick
  • On the Gnome-Terminal enter  to umount the auto mounted Stick by Filemanager „Nautilus“ $ umount /dev/sdb1
  • Open Firefox download latest Ubuntu-ISO to this Live System (Downloads)
  • Run now the Start-Disk-Creator and create the Emergency Stick with „SELECTED NON PERMANENT FILESYSTEM“!!! (last Option) select the Stick and the ISO-File
  • After this Process ends, exit and reboot the PC on the USB stick for TESTING!
  • Language for the KEYBOARD can be set on „EN“ beside the CLOCK, touch with right Mouse Button to view the menu, select last point to add you Language!

You got:

  • Very secure USB System for Internet Access and Emergency Help to recover or Backup YOUR DATA!
  • Live Linux-On-RAM System with Firefox on Live Mode WITHOUT saving History or Trash!!
  • If used on a Travel Laptop a very secure System for Traveling cause you can REMOVE the Harddrive!!
  • With this always working OS you can test your Hardware, fix Errors, find out why the installed System freezes, do full backups (mirroring to usb disk)
gparted-usb-stick
gparted-usb-stick

 

startdisk-creator
startdisk-creator

Ubuntu Vivid: Things you should change after fresh setup

If you Setup Ubuntu 15.XX on a PC there are a few things to change:

open a Gnome Terminal an run (# Comments):

  • $sudo apt-get update && apt-get dist-upgrade #Pull Updates
  • $sudo adduser CrazY12U$ERNAME # Create a crazy Username (Standarduser, no sudo, no lpadmin) for daily work! to prevent social engineering Hacks
  • $sudo chmod 700 /home/* # to prevent that other users look into each other homes! (check root home to „ls -l /root)
  • $sudo passwd root # SET long Password (min.15 digits) for the root User to prevent PC recovery Console Access without Password!!! Keep Password save!
  • $sudo apt-get install gufw  #Installs Firewall Dialog to easy setup a Firewall
  • $sudo apt-get install midori chromium-browser # to have 3 different browsers to open stream sites with plugins same time
  • $firefox -P #to create a Firefox Profile on Path /tmp which is deleted after every reboot, cause /tmp is on tmpfs (RAM)
  • $sudo apt-get install pidgin # to use pidgin chat (icq+facebook..)
  • $sudo apt-get install cpufrequtils #Auto sensing the CPU frequency to the load
  • $sudo apt-get install rsync # to sync home to a NAS Server in your Network over ssh encrypted! with „$rsync -av /home/user/ server:/home/user“
  • $sudo apt-get install gimp # to get a good Photoeditor
  • $sudo apt-get install filezilla # to have a nice FTP/FTPS-Client
  • $sudo apt-get install cups-pdf # to print notes/Websites from Browser into PDF document files for offline read (Paperless office)
  • $sudo apt-get install ssh # to have a secure remote access to your PC from everywhere (open incomming Port 22 with gufw)
  • $sudo gedit /etc/sshd/sshd_config and change:

AllowUsers yourusername #to allow only one user to login!!
PermitRootLogin no #disallow root to login!!! 
PasswordAuthentication no # disallow login without passwords
#if you have a ssh-pub-key!! then..
PubkeyAuthentication yes
AuthorizedKeysFile  %h/.ssh/authorized_keys

Remark: If you have a SSD/fast HDD in your PC you should setup Linux with full encrypted Disk Setup! My Howto easy to do and offers steal protection! (Laptops)

PHPMYADMIN: Performance Monitor not working Java Script Error

If you install phpmyadmin on your Server Version 4.XX, the Browser shows a Javascript Error if the Performance Monitor is opened. Problem is the mostly the setting „localhost“ on the config.inc.php file.

If you want to view the monitor from external, set the ip to 192.XXX.XXX.XXX or domainname and control that the MYSQL Server is listening on all IPs!

Warning! If you dont really need this  tool DONT CHANGE the MYSQL Server IP to listening „ALL“ cause LOCALHOST is much more secure! Localhost should work if you have installed a local proxy on the Server! So you can relay the Interface!

phpmyadmin performance javascript error