If you hold a website and use SSL/HTTPS with Certificates theres is often the question should i block Port 80? The most Admins think after the Major Changes of the Browsers to pull first HTTPS Port 443 they can close the HTTP Port 80. But you should NOT do it! Why? most Bots scan at first Port 80 for Content or for Listening Web Servers. More Details: https://letsencrypt.org/de/docs/allow-port-80/
Tag: firewall
Apache MEMCACHED UDP Protection
Current a lot of sites blogging about memcached attacks on Servers here some details: Memcached Servers need a installed and running Service called “memcached” Websites need a php-plugin like php7.0-memcached to connect via API to the memcached Service The Memcached Service uses a own Config File at debian /etc/memcached.conf By default it MUST listen to localhost or socket Admins MUST setup a FIREWALL like “ufw” (iptables) and MUST check own Server for OPEN PORTS with nmap The Problem is that Attackers can run Scripts against to your Server in a 10^6 Range like a BOTNET !! with ONE PC cause […]
Nextcloud Owncloud Calling Home
I did a deeper firewall test on my fresh installed OpenWRT Router and activated a “Ads Blacklist” after this my owncloud Share Login loops! Result: Seems that some IP’s of the “Update Check Tool” Servers, which is installed inside the PHP-Kit is blacklisted. So it seems the Code calls home! With this option its possible to count and collect IPs of Setups! Perhaps checkout unpatched Versions! I didn’t check deeper, but the behavior was clear without viewing the codes. After publish this Info via Twitter: REMARKS: No Company / Developer works for “free” After Setup of PHP-Kits do a […]
Security: Protection Against Cryptware Wannacry
You heard perhaps last day’s about the major problems of Attacks to Systems with the “WannaCry” Crypto Ware Howto protect yourself? Enable the Firewall on Windows Systems!! Always! Update daily the Virus Scanners and Windows Patches! Disable and CLOSE Ports you never need! SMB Protocol is a open unencrypted Transfer Protocol! Use a second Router with Firewall behind your ISP Router or Modem! (openwrt, pfsense) Check with nmap Portscanner Tool the taken Rules and check if the work! For Network Access use ALWAYS SFTP with Authentification over KEYs Logins (Two Factor: Key and Password for unlock the Keyfiles id_rsa) For […]
Freifunk: Setup Router Software Bugfix
If you want to share Public Wifi at home for friends and you don’t want to share the Wifi Password, you can setup cheap a Public Openwrt Wifi Router as Access Point. Advantages: Public Setup needs no Wifi Password You are not responsible, cause the Internet is pulled thru a VPN of Freifunk Network It’s anonymous! It’s free of Charge! Supported by a big Community Can installed on very cheap old Routers like the TP-Link 841 (find the Singleband Router on Amaz or EbXX 12$ or Powerfull Dualband Router TP Link C7 at 50$) Can by used at EVERY Freifunk […]
Apache: Analyse Logs Spam Bots
If you admin a Apache Webserver, you see often weekly thousand of visits a day on your Blogs. Background: These are no real users, this visits are made by Spam Bots in my Logs like Xovi.de or xovibot.net Bots! On info pages this Company says Admins should disallow crawl by robots.txt, but they IGNORE the settings! This x-guys is in my opinion against German Law “Datenschutz”. "Mozilla/5.0 (compatible; XoviBot/2.0; +http://www.xovibot.net/)" Solution: On Linux Setup a Firewall like ufw and block these IP Ranges To find out the IPs do: $sudo cat /var/log/apache2/access.log|grep xovibot.net| awk '{ print $2 }' | sort | […]
Openwrt: Turn older Router into Wifi Accesspoint Repeater Extender Solar Powered
At the Summer Time you need perhaps a Wifi Extender for your Garden?? Solution: TP Link 841/N (low power/Battery 9V/Solar /Type-N-allows external planar Antennas!!), 3600+4300 (USB-NAS/CIFS/SFTP/Classroom Library with USB Strorage) Openwrt 15.XX Calmer as OS with Firewall, Webinterface and REALTIME Monitor for Traffic and Connections! Easy Setup, replace the OS by the TP-Link-Updater, reboot and Login to Openwrt You got professional Options! works as Firewall, Extender, Repeater, WIFI-to-WIFI Bridge, LAN-to-WIFI Bridge, NTP-Server, DNS/DHCP Server can isolate connected WIFI Clients can handle different WIFI SSIDs / Networks on same Hardware modded Hardware can be used with 5Volts of Power! (841 removed Resistor) […]