Protect yourself from SSLST**P exploit

To protect yourself from SSLST**P exploit:
  1. Install HTTPS Everywhere plugin
  2. Type https:// in browser (make sure!)
  3. Add some outgoing firewall to known sites:
## DROP http connection to secure sites
# klikbca, mandiri
for IP in 202.6.211.9 114.57.44.10; do
        /sbin/iptables -I OUTPUT -d $IP -p tcp --dport 80 -j DROP
done;


Comments

Post a Comment

Popular posts from this blog

Optimize SSD on Linux

After installing the SSD on your laptop, there are some adjustments that need to be done so that it is optimal . I'm using Fedora 30 File system My Partition is: Disk /dev/sda: 465.8 GiB, 500107862016 bytes, 976773168 sectors Disk model: Samsung SSD 860 Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: gpt Disk identifier: DF4E716F-F00A-40F3-8176-C97A52F36998 Device      Start       End   Sectors   Size Type /dev/sda1    2048    253951    251904   123M EFI System /dev/sda2  253952 976773119 976519168 465.7G Linux LVM And logical volume are: Root, Home, Archive, VM, Games Format as ext4 with default block size (4096 best for SSD), and set reserved block to 1% # mkfs.ext4 -L Home -m 1 /dev/VG/YourHome Copying I did not reinstall lin...
Read more

Manually clean up zimbra zmcat/zmcpustat exploit

Symptoms: server load high, cpu usage 300% To clean up manually follow this steps: STOP the process but dont kill it, use kill -STOP [PID] Hide from search engine (su zimbra): zmprov mcf zimbraMailKeepOutWebCrawlers TRUE +zimbraResponseHeader "X-Robots-Tag: noindex" chmod 755 /opt/zimbra/data/tmp/ chmod 755 /opt/zimbra/data/tmp/upload Delete malicious JSP, find using this command: grep -R '(request.getParameter.' /opt/zimbra/mailboxd /opt/zimbra/jetty For example: /opt/zimbra/mailboxd/webapps/zimbraAdmin/public/jsp/Alert.jsp and /opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp > /opt/zimbra/mailboxd/webapps/zimbraAdmin/public/jsp/Alert.jsp > /opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp chattr +i /opt/zimbra/mailboxd/webapps/zimbraAdmin/public/jsp/Alert.jsp /opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp Fix modified jsp files, find using: rpm -qa zimbra* | xargs rpm -qV - | egrep -E '^.{2}5' | grep .jsp For...
Read more

Ports to allow for whatsapp call

These are ports to be opened on your firewall to allow WA video call or voice call: WHATSAPP Call: TCP: 4244,5222,5223,5228,5242 UDP: 3478,45395 Reference: http://kaa.kiev.ua/blog/whatsapp-voice-calls-firewall-ports/ LINE call: TCP: 443 UDP: 2675
Read more