IPFire 2.29 Core Update 195 open-source firewall is out, adding long-awaited WireGuard VPN support and easy-to-configure tunneling options.
https://linuxiac.com/ipfire-2-29-core-update-195-firewall-brings-native-wireguard-support/

#Rethink DNS + Firewall
für Android

Weiß jemand den Grund, warum sich bei "Rethink" NICHTS mehr tut

Letztes RELEASE:
9. Juni 2024

Könnte #Mozilla der Grund sein?

A list of 3rd party file mirrors you may not want users accessing.

https://github.com/BadSamuraiDev/bs-lists/blob/main/file-mirrors.txt

iX-Workshop: Sicherer Betrieb von Windows 11 in Unternehmen

Lernen Sie an praktischen Beispielen, wie Sie Windows 11 Pro und Enterprise in Ihrem Unternehmen sicher und effektiv einsetzen.

https://www.heise.de/news/iX-Workshop-Sicherer-Betrieb-von-Windows-11-in-Unternehmen-10443417.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

How to add my Ultimate #AI Block List to BBQ Pro #Firewall with just a few clicks https://plugin-planet.com/bbq-pro-add-ultimate-ai-block-list/ #WordPress #security

Hallo @rdns,

warum zeigt mir #RETHINK falsche Informationen zu der IP-Adresse an?

Der Server ist nicht in Australien, sondern in der Schweiz

It's dangerous to go alone. Here. Take this.

#infosec #security #firewall

Note: this is totally how cybersecurity works.

Hey other #network folks I have a weird #firewall and #NAT question. I'm looking at the firewall traffic log where my work laptop (I'm in the office) is the source, and I'm looking at the traffic connecting to my home plex server.

The plex server is a private IP behind NAT. In the log I show the putbound traffic from my work laptop to my home router IP, but I also see a following entry with the private IP that my router is forwarding plex's port traffic to. I thought anything done behind NAT wouldn't show up, especially because I'm only looking at the initial communication out, and not the return communication from my server to my me. Is my understanding of NAT wrong?

I came across the #Fail2Ban #docker image from #linuxserverio and thought to myself that it's finally time to set up Fail2Ban. I admit i never used it before and it was a bit difficult to add it to my #playbook as all of my #servers have different services and therefore different #logfile paths, but that's nothing #jinja #templating can't fix.

Now that i've got #Discord notifications for banned #IPs, it's time to work on actual #IPblocking. I also want to use the #IPComplaint and #AbuseIPDB actions as i really like the idea of reporting abuse (even though i have no idea how effective that may be).

I may also want to replace the discord #webhook with #email notifications later as that's mostly the reason i've set up a #mailserver ( #stalwart ) in the first place.

I mean, most of my services are only accessible from #tailscale or my #homenetwork, but since #Ansible makes it so much easier to apply higher standards, i just can't resist. My #homelab is changing every day and i think setting up additional #security, even though i don't need it yet, is never a bad idea.

Using an SSH credential brute-force attack, Go-based PumaBot is exploiting IoT devices everywhere
https://www.linux-magazine.com/Online/News/Go-Based-Botnet-Attacking-IoT-Devices?utm_source=mlm
#malware #PumaBot #IoT #security #SSH #systemd #firewall

Hey Fedi, was ist denn Deine Meinung zu #Netgate Firewalls? Ich würde gerne mein Heimnetz etwas besser unter Kontrolle bringen und unnötige Trackingkommunikation von "smarten" Geräten unterbinden und am liebsten auch die ganzen anderen Privacy-feindlichen Vorgänge, denen man täglich so ausgesetzt ist, schon auf Netzwerkebene blockieren. Taugen die Geräte von Netgate was oder ist das überteuert? Wie geht Ihr mit dieser Sache um? Ist-Zustand ist sehr basic: Bislang habe ich nur eine Fritzbox, AVM-Mesh-APs und ein paar unmanaged Switches für die Ethernetkabel.

I set up a few honeypots in Europe this weekend mdr.

My servers found russian unreported, so I guess it works fine. So I feed a list + self-report to AbuseIP every day.

It's downloadable for everyone for free

https://github.com/DXC-0/Malicious-Robots.txt

Anyone got a download link for the current pfsense 2.8.0 iso handy?

The official site shows me a shop when I want to download. Huh.

I just upgraded 10 pfsense installation *across the globe* in *remote datacenters* on hardware.

Ahh the thrill of fucking up. Joy.
Luckily even the old 2.6.0er came back up as 2.8.0 (via 2.7.x detour).

Now, beer and downtime!

I love the new zone management of the Unifi firewall. I feel more comfortable now being more granular in my rules. Before, I was using Cloudflare DNS proxy to only allow three countries to connect to my public services.

Now, I’m no longer using the DNS proxy, and my rule is done with Unifi. Other improvement, my public services are in an isolated VLAN and are available on IPv4 and IPv6.

#Smartphone plattgemacht und neu installiert. Wieder komplett ohne #Google #Meta #Amazon Krempel. Alles was sonst noch übrig ist bleibt in #VPN #Firewall stecken...
#Android

Today's installment of #blockthis:

Block login URLs for common shadow SaaS, domain registrars, and high-risk licensing downloads.

cloudflare.com/login/
identity.getpostman.com
lucid.app/users/login/

sso.godaddy.com
namecheap.com/myaccount/
auth.hostinger.com/

sketchup.com
figma.com/downloads/
virtualbox.org
download.oracle.com/java/24/latest/jdk-

Oh, ha, and speaking of #firewall + #multicast fixes: Didn't notice before but my #Linux #netfilter fix for #MRD has made it upstream, yaiy: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4a3540a8bf3c13dc3955f0c0895332b9c653be3f
It went in through net-next, so likely won't be backported to stable kernels. But now I'm looking forward to #Proxmox using Linux 6.10, then I can drop the workaround firewall rule on the @chaotikumev server.

Ihr möchtet dafür sorgen, dass eure Kinder im Netz sicher unterwegs sind? Dann klickt in unseren "Wegweiser kompakt: 8 Tipps für den digitalen Familienalltag": https://www.bsi.bund.de/dok/1101378