Christophs outsourced brain https://www.hackerbruecke.net/ Sun, 12 Apr 2026 13:24:12 +0000 FeedCreator 1.8 https://www.hackerbruecke.net/_media/wiki/favicon.ico https://www.hackerbruecke.net/ https://www.hackerbruecke.net/linux/commserv/squid/config?rev=1408135491&do=diff Squid configuration */etc/squid/squid.conf: icp_port 0 htcp_port 0 hierarchy_stoplist cgi-bin ? cache_swap_low 90 cache_swap_high 95 maximum_object_size 4096 KB ipcache_size 1024 ipcache_low 90 ipcache_high 95 fqdncache_size 1024 cache_access_log /var/log/squid/access.log cache_dir ufs /var/cache/squid 240000 32 256 cache_log /var/log/squid/cache.log cache_mem 3000 MB cache_store_log /var/log/squid/store.log emulate_httpd_log off mime_table /etc/squid/mime.conf log_mime_hdrs off useragent_log… anonymous@undisclosed.example.com (Anonymous) Fri, 15 Aug 2014 20:44:51 +0000 https://www.hackerbruecke.net/linux/email/monitoring/monitoring?rev=1493132284&do=diff Monitoring email-monitoring * create „/var/lib/rrd“ Mailgraph mailgraph is a very simple mail statistics RRDtool frontend for Postfix that produces daily, weekly, monthly and yearly graphs of received/sent and bounced/rejected mail (SMTP traffic). anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:58:04 +0000 https://www.hackerbruecke.net/linux/email/amavisd/amavisd?rev=1493132275&do=diff AmaVisd-new /etc/amavis/amavisd.conf: use strict; # a minimalistic configuration file for amavisd-new with all necessary settings # # see amavisd.conf-default for a list of all variables with their defaults; # see amavisd.conf-sample for a traditional-style commented file; # for more details see documentation in INSTALL, README_FILES/* # and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html # COMMONLY ADJUSTED SETTINGS: # @bypass_virus_checks_maps = (1); # uncomment to DI… anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:57:55 +0000 https://www.hackerbruecke.net/linux/commserv/apache2/config?rev=1293466841&do=diff Apache SSL (https) A special thing for getting Apache2 starting withaut user-interaction is also to store a decrypted key, since without Apache will ask at every start for the password... mv /etc/ssl/private/station7_key.pem /etc/ssl/apache2/private/station7_secure-key.pem openssl rsa -in /etc/ssl/private/station7_secure-key.pem -out /etc/ssl/apache2/private/station7_decrypted-key.pem anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:41 +0000 https://www.hackerbruecke.net/linux/commserv/ldap/slapd_conf?rev=1293466843&do=diff /etc/openldap/slapd.conf <http://www.stanford.edu/services/directory/openldap/configuration/bdb-config.html> # The database configuration parameters must appear *after* the "database" # directive, as DB_CONFIG files are 'per backend'. dbconfig set_cachesize 4 0 1 dbconfig set_lg_regionmax 262144 dbconfig set_lg_bsize 2097152 dbconfig set_lg_dir /var/log # Automatically remove log files that are no longer needed. dbconfig set_flags DB_LOG_AUTOREMOVE # # Setting set_tas_spins reduces resour… anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:43 +0000 https://www.hackerbruecke.net/linux/commserv/squid/sarg?rev=1408135580&do=diff SARG /etc/crontab: ### SQUID-Monitoring via Sarg: 00 06-19/1 * * * root /usr/local/chhaas-skripts/sarg-reports.sh today > /dev/nul 00 00 * * * root /usr/local/chhaas-skripts/sarg-reports.sh daily > /dev/nul 00 01 * * 1 root /usr/local/chhaas-skripts/sarg-reports.sh weekly > /dev/nul 30 02 1 * * root /usr/local/chhaas-skripts/sarg-reports.sh monthly > /dev/nul anonymous@undisclosed.example.com (Anonymous) Fri, 15 Aug 2014 20:46:20 +0000 https://www.hackerbruecke.net/linux/duplicity/lvm_backup?rev=1493131687&do=diff LVM-Backup mit Duplicity Tim Riemenschneider <http://duplicity.nongnu.org/contrib/tmpback> #!/bin/sh # The Archive is encrypted with this (since it is transfered to FTP) export PASSPHRASE="foo" # The FTP-password (not exposed at cmdline export FTP_PASSWORD="bar" # Do a fullbackup weekly OPTIONS="--full-if-older-than 14D" KEEPFULLS=5 # Where to backup to TARGETBASE=ftp://user@server/backups/ #TARGETBASE=file:///tmp/test function create_mysql_snap { /usr/bin/mysql --defaults-extra-file=/et… anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:48:07 +0000 https://www.hackerbruecke.net/linux/commserv/squid/lightsquid?rev=1408135540&do=diff Lightsquid-Tool your access.log look slightly different from standart. may be you use CUSTOM log record. at and of standart record in you log you has addition field look like: [User-Agent: TMhtload/1.32.00.1008\r\nAccept: */*\r\nHost: cm-t.activeupdate.trendmi anonymous@undisclosed.example.com (Anonymous) Fri, 15 Aug 2014 20:45:40 +0000 https://www.hackerbruecke.net/thunderbird/avast-ssl?rev=1293466844&do=diff Thunderbird - SpamPal - Avast with SSL 1. Installing and preparing STUNNEL: Download OPENSSL for Windows from: <http://www.slproweb.com/products/Win32OpenSSL.html> Download STUNNEL for WIndows from: <http://www.stunnel.org/download/binaries.html> and install both. In the folder where you have installed stunnel (e.g. C:\Programme\stunnel), you will create its configuration file. anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:44 +0000 https://www.hackerbruecke.net/linux/debian/all?rev=1493131598&do=diff 2014-08-08 zuerst „Debian OS-Basis-Installation auf Blech“ durchfuehren!!! auf allen Server-Instanzen („Blech“, Linux VServer, LXC): ### Proxy der UKBW fuer die Installations-Shellsitzung setzen: export http_proxy=„<http://proxy01.ukbw.de:3128/>“ ### LiHAS GPG-Key importieren: wget -O - anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:46:38 +0000 https://www.hackerbruecke.net/linux/commserv/php/config?rev=1293466843&do=diff PHP5 configuration for GOsa and eGroupWare eGroupWare When I added about 250 users to a group in GOsa or in eGroupWare, I encountered the following problem with (open)SUSE 10.2, which I did not encounter with SUSE 10.0: station7: suhosin[373]: ALERT - configured request variable limit exceeded - dropped variable \ 'account_user[]' (attacker '172.16.130.9', file '/srv/www/htdocs/egroupware/index.php') anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:43 +0000 https://www.hackerbruecke.net/linux/email/monitoring/pflogsum?rev=1493132162&do=diff Postfix-Reporting mit Pflogsum apt-get install pflogsum /usr/local/bin/postfix_report.sh #!/bin/bash /usr/sbin/pflogsumm -d yesterday --problems_first /var/log/mail.log.1 > /tmp/pflogsumm /usr/bin/mailx -s "Automatischer Postfix-Report von $(hostname)" -r postfix-admin@station7.example.de postfix-admin@station7.example.de < /tmp/pflogsumm anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:56:02 +0000 https://www.hackerbruecke.net/linux/email/postfix/sasl?rev=1493132202&do=diff SASL A very conveniant way of configuring the Simple Authentication and Security Layer (SASL) is to use the Pluggable Authentication Modules (PAM), since it can use diffrent authentication sources like ldap or /etc/passwd - thus SASL is everything but simple anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:56:42 +0000 https://www.hackerbruecke.net/datenschutzerklaerung?rev=1577911335&do=diff Datenschutzerklärung 1. Einleitung Vielen Dank für den Besuch auf unseren Internetseiten. Diese Datenschutzerklärung informiert Sie über den Schutz Ihrer personenbezogenen Daten. Wir nehmen den Schutz Ihrer Daten ernst und möchten, dass Sie sich beim Besuch unserer Internetseiten sicher fühlen. Grundsätzlich gilt, dass alle von uns erhobenen personenbezogenen Daten den Bestimmungen der Europäischen Datenschutzgrundverordnung (DSGVO) unterliegen. anonymous@undisclosed.example.com (Anonymous) Wed, 01 Jan 2020 20:42:15 +0000 https://www.hackerbruecke.net/endian/vmware?rev=1293466840&do=diff Endian Firewall 2.12 Community Edition VMware-image Thanks to Peter Warasin and Raphael Vallazza from endian, I put together some minimal docu for the VMware-image. Standard users and passwords: * Web-interface: admin, pwd.: endian * Console: root, pwd: endian anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:40 +0000 https://www.hackerbruecke.net/linux/commserv?rev=1493132445&do=diff This documentation is work in progress, no liability for correctness can be given! Communications-Server Motivation Because I had to look for a log time around the Internet, asking a lot of questions on mailing-lists, reading books and talking to friends for configuring my commserv, thus having quite a bit of hassle getting things working, I'd like give my experiences back to the comunity. anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 15:00:45 +0000 https://www.hackerbruecke.net/wiki/dokuwiki?rev=1684170792&do=diff DokuWiki wiki:dokuwiki DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database. It is loved by users for its clean and readable syntax. The ease of maintenance, backup and integration makes it an administrator's favorite. Built in anonymous@undisclosed.example.com (Anonymous) Mon, 15 May 2023 17:13:12 +0000 https://www.hackerbruecke.net/linux/ejabberd/neues_certificate?rev=1493131703&do=diff Neues Zertifikat für ejabberd installieren neues PEM-File erzeugen: * in CA Certificate und private-Key erzeugen und nach /etc/ejabberd auf jabber-Server kopieren * auf ejabberd-Server in cat jabber@ukbw.de-key.pem > ejabberd.pem cat jabber@ukbw.de-cert.pem >> ejabberd.pem anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:48:23 +0000 https://www.hackerbruecke.net/linux/commserv/egroupware/config?rev=1293466841&do=diff eGroupWare Version 1.4.001 pre-requisites: * required PHP version 4.3+ (recommended 5+) * php.ini: safe_mode = Off * php.ini: magic_quotes_runtime = Off * php.ini: register_globals = Off * php.ini: memory_limit >= 16M * php.ini: max_execution_time >= 30 anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:41 +0000 https://www.hackerbruecke.net/linux/commserv/gosa/config?rev=1293466843&do=diff GOsa GOsa is a GPL'ed PHP based administration tool for managing accounts and systems in LDAP databases. It administers users and groups, mail distribution lists, thin clients, applications, phones and faxes. Get GOsa from: <http://oss.gonicus.de/pub/gosa/> Project homepage: <http://www.gosa-project.org/> anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:43 +0000 https://www.hackerbruecke.net/linux/commserv/ldap/ldap_secure?rev=1293466843&do=diff TLS and LDAP over SSL (ldaps) Modifying /etc/openldap/ldap.conf Modify / append the TLS-settings: #--- SSL/TLS setting ---# TLSCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP TLS_CACERT /etc/ssl/certs/ca_cert.pem TLS_CERT /etc/ssl/certs/station7_cert.pem TLS_KEY /etc/ssl/private/station7_key.pem TLS_REQCERT demand anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:43 +0000 https://www.hackerbruecke.net/linux/commserv/ldap/pam?rev=1293466843&do=diff /etc/ldap.conf (for PAM) # # This is the configuration file for the LDAP nameservice # switch library, the LDAP PAM module and the shadow package. # # Your LDAP server. Must be resolvable without using LDAP. host 127.0.0.1 # The distinguished name of the search base. base dc=example,dc=com # The LDAP version to use (defaults to 3 # if supported by client library) ldap_version 3 # Hash password locally; required for University of # Michigan LDAP server, and works with Netscape # Directory Ser… anonymous@undisclosed.example.com (Anonymous) Mon, 27 Dec 2010 16:20:43 +0000 https://www.hackerbruecke.net/linux/email/cyrus/config?rev=1493131953&do=diff Cyrus imapd / popd <http://www.opensuse.org>Modify /etc/cyrus.conf to: START { recover cmd="ctl_cyrusdb -r" deliver cmd="ctl_deliver -r" } SERVICES { imap cmd="imapd" listen="imap" prefork=0 # imaps cmd="imapd -s" listen="imaps" prefork=0 pop3 cmd="pop3d" listen="pop3" prefork=0 # pop3s cmd="pop3d -s" listen="pop3s" prefork=0 sieve cmd="timsieved" listen="sieve" prefork=2 # entry must be the same as in th… anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:52:33 +0000 https://www.hackerbruecke.net/linux/email/cyrus/cyrus_secure?rev=1493131964&do=diff TLS, IMAP over SSL (imaps) and pop3 over SSL (pop3s) TLS Modify / append the TLS-settings in /etc/imap.conf: #--- SSL/TLS setting ---# tls_ca_path: /etc/ssl/certs tls_ca_file: /etc/ssl/certs/ca_cert.pem tls_cert_file: /etc/ssl/certs/station7_cert.pem tls_key_file: /etc/ssl/private/station7_key.pem anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:52:44 +0000 https://www.hackerbruecke.net/linux/email/postfix/postfix_secure?rev=1493132183&do=diff Postfix with TLS and SSL (smtps) Use a portscanner like „nmap“: station7:/etc/init.d # nmap localhost | grep smtp 25/tcp open smtp -> smtp is only running at port 25! TLS Modify the TLS-settings in /etc/postfix/main.cf #--- SSL/TLS setting ---# smtpd_client_restrictions= permit_tls_clientcerts, permit_sasl_authenticated smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, permit_tls_clientcerts, reject_unauth_destination, check_sender_access hash:/etc/… anonymous@undisclosed.example.com (Anonymous) Tue, 25 Apr 2017 14:56:23 +0000