Christophs outsourced brain https://www.hackerbruecke.net/ Sun, 12 Apr 2026 13:35:50 +0000 FeedCreator 1.8 https://www.hackerbruecke.net/_media/wiki/favicon.ico https://www.hackerbruecke.net/ https://www.hackerbruecke.net/linux/fully_encrypted_debian?rev=1506205530&do=diff Full disk encryption with LUKS (inklusive /boot) Referenzen: * <http://www.pavelkogan.com/2014/05/23/luks-full-disk-encryption/> * <http://www.pavelkogan.com/2015/01/25/linux-mint-encryption/> * <https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system> * <http://www.schmidp.com/2014/12/12/full-disk-encryption-with-grub-2-+-luks-+-lvm-+-swraid-on-debian/> * <https://unix.stackexchange.com/questions/160504/lvm-ontop-of-luks-using-grub> * <https://systemausfall.org/w… anonymous@undisclosed.example.com (Anonymous) Sat, 23 Sep 2017 22:25:30 +0000 https://www.hackerbruecke.net/linux/commserv/egroupware/config?rev=1293466841&do=diff eGroupWare Version 1.4.001 pre-requisites: * required PHP version 4.3+ (recommended 5+) * php.ini: safe_mode = Off * php.ini: magic_quotes_runtime = Off * php.ini: register_globals = Off * php.ini: memory_limit >= 16M * php.ini: max_execution_time >= 30 anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:41 +0000 https://www.hackerbruecke.net/linux/email/spamassassin/spamassassin?rev=1493132319&do=diff SpamAssassin SA-config-genarator: <http://www.yrex.com/spam/spamconfig.php> /etc/mail/spamassassin/local.cf: # SpamAssassin config file for version 3.x # NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6 # See http://www.yrex.com/spam/spamconfig25.php for earlier versions # Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50) # How many hits before a message is considered spam. required_score 5.0 # Encapsulate spam in an attachment (0=no, 1=yes, 2=safe) report_safe … anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:58:39 +0000 https://www.hackerbruecke.net/linux/debian/hardware?rev=1493131617&do=diff 2014-06-17 zuerst „Debian OS-Basis-Installation auf Blech“ durchfuehren!!! zusaetzlich „auf dem Blech“: ### Proxy der UKBW fuer die Installations-Shellsitzung setzen: export http_proxy="http://proxy01.ukbw.de:3128/" ### LiHAS GPG-Key importieren: anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:46:57 +0000 https://www.hackerbruecke.net/linux/debian/all?rev=1493131598&do=diff 2014-08-08 zuerst „Debian OS-Basis-Installation auf Blech“ durchfuehren!!! auf allen Server-Instanzen („Blech“, Linux VServer, LXC): ### Proxy der UKBW fuer die Installations-Shellsitzung setzen: export http_proxy=„<http://proxy01.ukbw.de:3128/>“ ### LiHAS GPG-Key importieren: wget -O - anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:46:38 +0000 https://www.hackerbruecke.net/wiki/syntax?rev=1712421931&do=diff Formatting Syntax DokuWiki supports some simple markup language, which tries to make the datafiles to be as readable as possible. This page contains all possible syntax you may use when editing the pages. Simply have a look at the source of this page by pressing anonymous@undisclosed.example.com (Anonymous) Sat, 06 Apr 2024 16:45:31 +0000 https://www.hackerbruecke.net/linux/email/amavisd/amavisd?rev=1493132275&do=diff AmaVisd-new /etc/amavis/amavisd.conf: use strict; # a minimalistic configuration file for amavisd-new with all necessary settings # # see amavisd.conf-default for a list of all variables with their defaults; # see amavisd.conf-sample for a traditional-style commented file; # for more details see documentation in INSTALL, README_FILES/* # and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html # COMMONLY ADJUSTED SETTINGS: # @bypass_virus_checks_maps = (1); # uncomment to DI… anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:57:55 +0000 https://www.hackerbruecke.net/linux/email/monitoring/monitoring?rev=1493132284&do=diff Monitoring email-monitoring * create „/var/lib/rrd“ Mailgraph mailgraph is a very simple mail statistics RRDtool frontend for Postfix that produces daily, weekly, monthly and yearly graphs of received/sent and bounced/rejected mail (SMTP traffic). anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:58:04 +0000 https://www.hackerbruecke.net/endian/vmware?rev=1293466840&do=diff Endian Firewall 2.12 Community Edition VMware-image Thanks to Peter Warasin and Raphael Vallazza from endian, I put together some minimal docu for the VMware-image. Standard users and passwords: * Web-interface: admin, pwd.: endian * Console: root, pwd: endian anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:40 +0000 https://www.hackerbruecke.net/linux/commserv/ca/openssl_ca?rev=1293466844&do=diff simple OpenSSL Certficate Authority Create Certificate Authority station7:/etc # station7:/usr/share/ssl/misc # ./CA.sh -newca CA certificate filename (or enter to create) Making CA certificate ... Generating a 1024 bit RSA private key .....++++++ .....................................++++++ writing new private key to './demoCA/private/./cakey.pem' Enter PEM pass phrase: Verifying - Enter PEM pass phrase: ----- You are about to be asked to enter information that will be incorporated into your c… anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:44 +0000 https://www.hackerbruecke.net/linux/commserv/ldap/slapd_conf?rev=1293466843&do=diff /etc/openldap/slapd.conf <http://www.stanford.edu/services/directory/openldap/configuration/bdb-config.html> # The database configuration parameters must appear *after* the "database" # directive, as DB_CONFIG files are 'per backend'. dbconfig set_cachesize 4 0 1 dbconfig set_lg_regionmax 262144 dbconfig set_lg_bsize 2097152 dbconfig set_lg_dir /var/log # Automatically remove log files that are no longer needed. dbconfig set_flags DB_LOG_AUTOREMOVE # # Setting set_tas_spins reduces resour… anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:43 +0000 https://www.hackerbruecke.net/linux/email/cyrus/sieve?rev=1493131976&do=diff Sieve * <http://sieve.info/> * <http://en.wikipedia.org/wiki/Sieve_%28mail_filtering_language%29> * <http://de.wikipedia.org/wiki/Sieve> * <http://www.uni-koeln.de/rrzk/mail/software/sieve/sieve.html> Sieve and SSL / TLS timsieved allows for SSL on connect (like https, imaps, or pop3s), only STARTTLS. So you have to wrap it in an stunnel (www.stunnel.org), which is a another story ... Have a look at this: <http://lists.horde.org/archives/ingo/Week-of-Mon-20050704/000872.html> Testi… anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:52:56 +0000 https://www.hackerbruecke.net/linux/commserv/other/cpan2rpm?rev=1293466841&do=diff cpan2rpm At <http://sourceforge.net/project/showfiles.php?group_id=74018> you can download a RPM-builder for CPAN-Perl-modules. The man-page stats: cpan2rpm [options] <distribution> The syntax for cpan2rpm requires a single distribution name, which can take one of four different forms: * a CPAN module name (e.g. XML::Simple) - When a module name is passed, the script will ``walk'' search.cpan.org to determine the latest distribution. If an exact match is not found, the CPAN module i… anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:41 +0000 https://www.hackerbruecke.net/linux/email/greylisting/postgrey?rev=1493136147&do=diff Greylisting For a overview what greylisting does, have a look at www.greylisting.org/ There are several greylisting daemons for Postfix available. I stick to David Schweikert's Postgrey or to Lionel Bouton's SQLgrey in combination with it's web-interface http://www.vanheusden.com/sgwi/ Postgrey Postgrey greylisting daemon anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 16:02:27 +0000 https://www.hackerbruecke.net/wiki/dokuwiki?rev=1684170792&do=diff DokuWiki wiki:dokuwiki DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database. It is loved by users for its clean and readable syntax. The ease of maintenance, backup and integration makes it an administrator's favorite. Built in anonymous@undisclosed.example.com (Anonymous) Mon, 15 May 2023 17:13:12 +0000 https://www.hackerbruecke.net/linux/commserv/squid/sarg?rev=1408135580&do=diff SARG /etc/crontab: ### SQUID-Monitoring via Sarg: 00 06-19/1 * * * root /usr/local/chhaas-skripts/sarg-reports.sh today > /dev/nul 00 00 * * * root /usr/local/chhaas-skripts/sarg-reports.sh daily > /dev/nul 00 01 * * 1 root /usr/local/chhaas-skripts/sarg-reports.sh weekly > /dev/nul 30 02 1 * * root /usr/local/chhaas-skripts/sarg-reports.sh monthly > /dev/nul anonymous@undisclosed.example.com (Anonymous) Fri, 15 Aug 2014 20:46:20 +0000 https://www.hackerbruecke.net/linux/email/postfix/relayhost?rev=1493132193&do=diff Postfix configuration for a relayhost (MX) / Anti-SPAM-/UCE-settings smtpd (smtp + daemon) = server = Postfix receives mail from a client smtp = client = Postfix sends mail to another mailserver used Ports: 10023/tcp: postgrey 10024/tcp: amavisd-new 10025/tcp: policyd-weight anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:56:33 +0000 https://www.hackerbruecke.net/linux/email/postfix/ssh-smtp-tunnel?rev=1493132228&do=diff SMTP-over-SSH-Tunnel Um zwei SMTP-Server (z.B. Mailserver im Heim-Netz zu Mailgateway bei Provider/Hoster) sicher miteinander zu verbinden, gibt es verschiedene Möglichkeiten. OpenVPN-Tunnel Eine Möglichkeit ist, ein OpenVPN-Tunnel zwischen beiden Servern. anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:57:08 +0000 https://www.hackerbruecke.net/thunderbird/avast-ssl?rev=1293466844&do=diff Thunderbird - SpamPal - Avast with SSL 1. Installing and preparing STUNNEL: Download OPENSSL for Windows from: <http://www.slproweb.com/products/Win32OpenSSL.html> Download STUNNEL for WIndows from: <http://www.stunnel.org/download/binaries.html> and install both. In the folder where you have installed stunnel (e.g. C:\Programme\stunnel), you will create its configuration file. anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:44 +0000 https://www.hackerbruecke.net/uvnc/index?rev=1293466840&do=diff UltraVNC <ALT>+<TAB> on remote machine one thing that annoyed me quite often, when usin uvnc was, that I could not make use of <ALT>+<TAB> for cycling through the open windows on the remote machine. By searching in the unvc-forum, I found the solution: anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:40 +0000 https://www.hackerbruecke.net/wiki/welcome?rev=1684170792&do=diff Welcome to your new DokuWiki Congratulations, your wiki is now up and running. Here are a few more tips to get you started. Enjoy your work with DokuWiki, -- the developers Create your first pages Your wiki needs to have a start page. As long as it doesn't exist, this link will be red: anonymous@undisclosed.example.com (Anonymous) Mon, 15 May 2023 17:13:12 +0000 https://www.hackerbruecke.net/linux/duplicity/lvm_backup?rev=1493131687&do=diff LVM-Backup mit Duplicity Tim Riemenschneider <http://duplicity.nongnu.org/contrib/tmpback> #!/bin/sh # The Archive is encrypted with this (since it is transfered to FTP) export PASSPHRASE="foo" # The FTP-password (not exposed at cmdline export FTP_PASSWORD="bar" # Do a fullbackup weekly OPTIONS="--full-if-older-than 14D" KEEPFULLS=5 # Where to backup to TARGETBASE=ftp://user@server/backups/ #TARGETBASE=file:///tmp/test function create_mysql_snap { /usr/bin/mysql --defaults-extra-file=/et… anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:48:07 +0000 https://www.hackerbruecke.net/linux/commserv/apache2/config?rev=1293466841&do=diff Apache SSL (https) A special thing for getting Apache2 starting withaut user-interaction is also to store a decrypted key, since without Apache will ask at every start for the password... mv /etc/ssl/private/station7_key.pem /etc/ssl/apache2/private/station7_secure-key.pem openssl rsa -in /etc/ssl/private/station7_secure-key.pem -out /etc/ssl/apache2/private/station7_decrypted-key.pem anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:41 +0000 https://www.hackerbruecke.net/linux/commserv/ldap/ldap_conf?rev=1293466843&do=diff /etc/openldap/ldap.conf # # LDAP Defaults # # See ldap.conf(5) for details # This file should be world readable but not world writable. # 21.07.2006, chhaas BASE dc=example,dc=com URI ldap://127.0.0.1 ### #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never #--- SSL/TLS setting ---# TLSCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+SSLv2:+EXP #TLSCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP TLS_CACERT /etc/ssl/certs/ca_cert.pem TLS_CERT /etc/ssl/certs/station7_cert.pem TLS_KEY /e… anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:43 +0000 https://www.hackerbruecke.net/linux/commserv/ldap/pam?rev=1293466843&do=diff /etc/ldap.conf (for PAM) # # This is the configuration file for the LDAP nameservice # switch library, the LDAP PAM module and the shadow package. # # Your LDAP server. Must be resolvable without using LDAP. host 127.0.0.1 # The distinguished name of the search base. base dc=example,dc=com # The LDAP version to use (defaults to 3 # if supported by client library) ldap_version 3 # Hash password locally; required for University of # Michigan LDAP server, and works with Netscape # Directory Ser… anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:43 +0000 https://www.hackerbruecke.net/linux/commserv/php/config?rev=1293466843&do=diff PHP5 configuration for GOsa and eGroupWare eGroupWare When I added about 250 users to a group in GOsa or in eGroupWare, I encountered the following problem with (open)SUSE 10.2, which I did not encounter with SUSE 10.0: station7: suhosin[373]: ALERT - configured request variable limit exceeded - dropped variable \ 'account_user[]' (attacker '172.16.130.9', file '/srv/www/htdocs/egroupware/index.php') anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:43 +0000 https://www.hackerbruecke.net/linux/email/amavisd/operation?rev=1493132007&do=diff AmaViSd-new Operation emails aus der Quarantäne releasen: Wenn AMaViSd emails in die Quarantäne verschiebt, erhält man emails dieser Form: Betreff: BANNED contents (text/x-msdos-batch,.asc,bacula_after_failure.cmd) in mail FROM LOCAL [...] No viruses were found. Banned name: text/x-msdos-batch,.asc,bacula_after_failure.cmd Content type: Banned Internal reference code for the message is 11606-02/IJvAMUUAzNma [...] The message has been quarantined as: I/banned-IJvAMUUAzNma The message W… anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:53:27 +0000 https://www.hackerbruecke.net/linux/email/cyrus/cyrus_secure?rev=1493131964&do=diff TLS, IMAP over SSL (imaps) and pop3 over SSL (pop3s) TLS Modify / append the TLS-settings in /etc/imap.conf: #--- SSL/TLS setting ---# tls_ca_path: /etc/ssl/certs tls_ca_file: /etc/ssl/certs/ca_cert.pem tls_cert_file: /etc/ssl/certs/station7_cert.pem tls_key_file: /etc/ssl/private/station7_key.pem anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:52:44 +0000 https://www.hackerbruecke.net/linux/email/postfix/smtp-authentication?rev=1493132210&do=diff SMTPd- / SMTP-authentication SMTPd-authentication SASL must be configured! in /etc/postfix/main.cf: smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = ... permit_sasl_authenticated anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:56:50 +0000 https://www.hackerbruecke.net/linux/email/amavisd/dkim/sign?rev=1493132019&do=diff Domain Key Identified Mail outbound - ORIGINATING - signieren DKIM basiert auf asymetrischer Verschlüsselung mit public- und private-Key. Das Key-Paar wird mit folgender Syntax erzeugt: amavisd genrsa <Dateiname> [Anzahl der Bits für den Schlüssel] anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:53:39 +0000