,

Server security scan #manpage

chkrootkit – Linux rootkit scanner

What it does : Find rootkits
Where to find it : in your distribution – or on chkrootkit.org

# install whatever way you want
apt-get install chkrootkit
chkrootkit
# That's about all you need.

Malware protection

Option 1: ISPProtect – 90 euro / year but worth it.
Where to find it : ispprotect.com

Step #1: Get a licence

Step #2: Download and install and run

#/tmp is what's indicated on ISPProtect site as first instruction
#Obviously you won't leave it here forever :)
cd /tmp
wget http://www.ispprotect.com/download/ispp_scan.tar.gz
tar xzf ispp_scan.tar.gz
./ispp_scan
#and you're nearly done.

Then indicate your key number or trial if you want a trial version.
Indicate /var/www to start the scan on the web installs.

It will then generate reports as follow:


After the scan is completed, you will find the results also in the following files:
Malware => /usr/local/ispprotect/found_malware_20170228201238.txt
Wordpress => /usr/local/ispprotect/software_wordpress_20170228201238.txt
Joomla => /usr/local/ispprotect/software_joomla_20170228201238.txt
Drupal => /usr/local/ispprotect/software_drupal_20170228201238.txt
Mediawiki => /usr/local/ispprotect/software_mediawiki_20170228201238.txt
Contao => /usr/local/ispprotect/software_contao_20170228201238.txt
Magentocommerce => /usr/local/ispprotect/software_magentocommerce_20170228201238.txt
Woltlab Burning Board => /usr/local/ispprotect/software_woltlab_burning_board_20170228201238.txt
Cms Made Simple => /usr/local/ispprotect/software_cms_made_simple_20170228201238.txt
Phpmyadmin => /usr/local/ispprotect/software_phpmyadmin_20170228201238.txt
Typo3 => /usr/local/ispprotect/software_typo3_20170228201238.txt
Roundcube => /usr/local/ispprotect/software_roundcube_20170228201238.txt
Shopware => /usr/local/ispprotect/software_shopware_20170228201238.txt
Mysqldumper => /usr/local/ispprotect/software_mysqldumper_20170228201238.txt
Starting scan level 1 ...

Step #3: The cron job

 
0 * * * * root	/usr/local/ispprotect/ispp_scan --update && /usr/local/ispprotect/ispp_scan --path=/var/www --email-results=EMAIL --non-interactive --scan-key=KEY
#crontab -e to get there

Option 2: Maldet – free which you can find at this place

 
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xvf maldetect-current.tar.gz
cd maldetect-1.4.2/
./install.sh
vi /usr/local/maldetect/conf.maldet
#then you have to run more config stuff - go check the doc.
,

Voice & IOT

Voice and IOT

Amazon Echo, Alexa, Google Home, Apple HomePod and Siri (and Microsoft Cortana) are all fighting to control the voice market. While they get full respect for doing so, I am not gonna say I am particularly trusting any of these companies to provide us with the best level of privacy, service and control over what we do with our devices and how is the data used.

Therefore I am compiling here some resources which I’ll probably update as we go on interesting DIY tools to build similar devices.

Libraries

Cool tutorials

,

Be interesting to somebody

Not to anybody.

You cannot be interesting to anybody.

Whatever medium you are using to express yourself – it won’t work with every human being.

So instead of trying to please the world – go make sure the people your information is intended to reach – actually catch their attention.

If you don’t know – just pick one and go with it.

You will have an other opportunity tomorrow to write for the other crowd you have ignored today.

Content lose its impact when you try to talk to too many people at once.

If you don’t know what the people you want to reach care about – try something and throw it out there.

 

Internet is a place for conversation.

You don’t make more conversation happen if you shut up.

Best conversations are always the ones we start.

Just don’t try to talk to everybody at once or even say everything at once.

 

,

Newsletter email confirmation – NextCloud #JustAnExample

 

Nextcloud is an awesome solution to create and manage your own cloud – you should really check them out if you have never heard of them.

Here we have a quick look at the newsletter confirmation – an always challenging issue for open rate and engagement with your users. I found this one pretty good – so I have added to the #justAnExample collection

Why is it good?

  • It gets personal

It gets personnal real quick – which force you to care about that guy who is writing to you. I think it is an underrated way to communicate with your audience. Too often businesses are very impersonal and you never know the name of the person writing to you – including in the newsletter and that’s a shame. Not that it is right in every case – but I do think a lot more should be doing it – especially – but not only – SMBs.

  • Text!

No fancy graphics – just a plain text email – which I think sometime help convey better the information than an over crowded branded email with graphics all over the place.

 

So that’s it – just wanted to get this out there – and have it in the collection πŸ™‚