Owncloud on OpenSuse Leap

openSUSE_Leap_42.1 owncloud-files-9.0.3-3

Run the following shell commands as root to trust the repository.

rpm --import https://download.owncloud.org/download/repositories/stable/openSUSE_Leap_42.1/repodata/repomd.xml.key

Run the following shell commands as root to add the repository and install from there.

zypper addrepo http://download.owncloud.org/download/repositories/stable/openSUSE_Leap_42.1/ce:stable.repo
zypper refresh
zypper install owncloud-files

What is Tarpitting?

This is a method to stop a mail sender sending you multiple mail requests, it was designed to stop miscreant from carrying out either a :

Directory Harvest Attack : Attempting to find out legitimate emails on your email server by randomly sending emails to loads of randomly generated names, that might exist on your Exchange Server. if they get an NDR back they know the address does not exist, if they do not get an NDR they will log that address and start sending spam to it.

NDR attack:

Essentially a denial of service on your mail server, this can be a result of a Directory Harvest Attack, insofar as your outbound mail queues fill up with thousands of NDR’s and the server slowly grinds to a halt.

To stop this from happening we have a system called Tarpitting, this stops a remote sender, from sending multiple emails one after the other. It imposes a time limit between emails from a sender (5 Seconds by default). The net result of this is, it’s far to expensive and time consuming to attack you, so the spammers and script kiddies will go elsewhere.

  • Exchange Commands:
    • – get-ReceiveConnector | select name,tarpitinterval
    • – get-ReceiveConnector | set-ReceiveConnector –TarpitInterval 00:00:00

Enabling Circular logging in Exchange 2013

  1. Browse to the Exchange 2013 ECP URL and log in (Admin).
  2. Left click in “Servers” and select “Databases”
  3. Select the database you want to enable Circular logging for and click “Edit”.
  4. Left click on “maintenance”
  5. Left click on “Enable circular logging”
  6. Left click on “save “

Finally you have to either reboot or manually dismount en remount the database, click here for more information.

This should save a ton in log files.

Disable Mac OSX services

  • En/Dis-able APSD (Apple’s push notification)
    • sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.apsd.plist
    • sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.apsd.plist
  • Improve Performance by disabling spindump
    • sudo launchctl unload -w  /System/Library/LaunchDaemons/com.apple.spindump.plist
    • sudo launchctl load -w  /System/Library/LaunchDaemons/com.apple.spindump.plist

Exchange 2013 cmd samples

  • Get-MessageTrackingLog -Start “Mar 7 2016” -End “Mar 11 2016” -Recipients “someone@someplace.com”
  • or using a where clause:
    • Get-MessageTrackingLog -ResultSize Unlimited -Start “Jan 01 2016” -End “Mar 19 2016” -Recipients “someone@someplace.com” | where{$_.sender -like “*pieceof@address*”}

QNAP add Strict-Transport-Security

Open ssh connection to the NAS to enable Strict Transport Security

Editing the apache.conf to include the headers module:
  • cd /mnt/HDA_ROOT/.config/apache
  • vi apache.conf
Add the following lines:
  • LoadModule headers_module modules/mod_headers.so
  • <IfModule headers_module>
  •     Header set Strict-Transport-Security max-age=15768000;
  • </IfModule>
  • Dump apache modules:
    • /usr/local/apache/bin/apache -t -D DUMP_MODULES
  • Show files in directory
    • cd /mnt/ext/opt/apache/modules
    • ls -al