Protect yourself from SSLST**P exploit

To protect yourself from SSLST**P exploit:
  1. Install HTTPS Everywhere plugin
  2. Type https:// in browser (make sure!)
  3. Add some outgoing firewall to known sites:
## DROP http connection to secure sites
# klikbca, mandiri
for IP in 202.6.211.9 114.57.44.10; do
        /sbin/iptables -I OUTPUT -d $IP -p tcp --dport 80 -j DROP
done;


Comments

Post a Comment

Popular posts from this blog

Ports to allow for whatsapp call

These are ports to be opened on your firewall to allow WA video call or voice call: WHATSAPP Call: TCP: 4244,5222,5223,5228,5242 UDP: 3478,45395 Reference: http://kaa.kiev.ua/blog/whatsapp-voice-calls-firewall-ports/ LINE call: TCP: 443 UDP: 2675
Read more

Manually clean up zimbra zmcat/zmcpustat exploit

Symptoms: server load high, cpu usage 300% To clean up manually follow this steps: STOP the process but dont kill it, use kill -STOP [PID] Hide from search engine (su zimbra): zmprov mcf zimbraMailKeepOutWebCrawlers TRUE +zimbraResponseHeader "X-Robots-Tag: noindex" chmod 755 /opt/zimbra/data/tmp/ chmod 755 /opt/zimbra/data/tmp/upload Delete malicious JSP, find using this command: grep -R '(request.getParameter.' /opt/zimbra/mailboxd /opt/zimbra/jetty For example: /opt/zimbra/mailboxd/webapps/zimbraAdmin/public/jsp/Alert.jsp and /opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp > /opt/zimbra/mailboxd/webapps/zimbraAdmin/public/jsp/Alert.jsp > /opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp chattr +i /opt/zimbra/mailboxd/webapps/zimbraAdmin/public/jsp/Alert.jsp /opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp Fix modified jsp files, find using: rpm -qa zimbra* | xargs rpm -qV - | egrep -E '^.{2}5' | grep .jsp For
Read more

Keychron K2 in Linux

Image
OK... I got new mechanical keyboard: Keychron K2 😀 Nice and compact keyboard layout with F-Keys and cursor keys. Brown switch and RGB Led and big battery It works nicely under Linux, I use gnome-shell, Fedora 30. Using USB cable or Bluetooth is also working. Key combo like Ctrl-Shift-PrintScreen is working and also trigger SysRq like Ctrl-Shift-Alt-PrintScreen-O is working (don't try this) To make Function keys without pressing Fn use this command: echo 2 > /sys/module/hid_apple/parameters/fnmode Ref: https://imgur.com/y3j6pUG To make it permanent, edit /etc/modprobe.d/keychron.conf and reboot: options hid-apple fnmode=2 We can also see remaining battery from Gnome Settings - Power
Read more