Blog - Seite 2 von 3

Die Ransomware GoldenEye

2020-04-19T15:11:14+01:00Von Robin Lutz

Die vergangenen Tage hat eine neue Welle von Ransomware in Deutschland ihr Unwesen getrieben. Erschreckend ist dabei vor allem die Qualität der Phishing-E-Mails, die den Benutzer dazu verleiten soll, eine Excel-Datei von einer unbekannten Person zu öffnen und die enthaltenen Makros auszuführen. Es hat den Anschein, dass die Angreifer auf Daten der Agentur für Arbeit zugreifen, um gezielt einzelne Personalentscheider innerhalb von Unternehmen zu attackieren. Für diesen Zweck wird eine Bewerbung vorgetäuscht, die auf den ersten Blick sehr glaubwürdig wirkt. Was ist Ransomware und wie funktioniert sie? Die Bezeichnung Ransomware ist abgeleitet von dem englischen Begriff für Lösegeld "ransom". Der Zusatz "ware" ist eine Kurzform für Software (vgl. Malware, Spyware, Crapware etc.) . Es handelt sich dabei um eine Schadsoftware, die

Open Source und der Telekom-Hack

2023-01-30T17:04:26+01:00Von Daniel Morlock

Deutschland ist knapp an einer digitalen Katastrophe von apokalyptischen Dimensionen vorbeigeschrammt. Aus dem Telekom-Hacking kann man aber für die Zukunft lernen. Quelle: FAZ Wie kann es sein, dass plötzlich so viele Haushalte und Unternehmen von der Außenwelt regelrecht abgeschnitten waren? Telefon, E-Mail und die gesamte Kommunikation waren über Stunden und manchmal sogar Tage komplett lahmgelegt. Teilweise wurde über Radio versucht, wenigstens ein paar der betroffenen Telekom-Kunden über den aktuellen Stand zu informieren. Nach diesen schwerwiegenden Ausfällen stellt sich natürlich schnell die Frage: Wie kann so etwas passieren und wer ist dafür verantwortlich? An dieser Stelle müsste man eigentlich so etwas sagen wie: Wir können Sie beruhigen oder es ist alles unter Kontrolle. Die Realität sieht leider anders aus. Grund für den großflächigen Ausfall am 04.

Kubernetes: Aller Anfang ist schwer …

2017-03-02T13:06:33+01:00Von Daniel Morlock

Kubernetes ist ein Open-Source System um Container-Anwendungen automatisch zu verteilen, zu skalieren und zu verwalten. Im Gegenteil zu der Cluster Verwaltung von Ganeti bietet Kubernetes keine vollständige Virtualisierung, sondern setzt auf das verbreitete Docker Prinzip und unterstützt ausschließlich Container-Anwendungen. Kubernetes stellt dabei die Automatisierung und Cluster Verwaltung in den Vordergrund: So wird zum Beispiel durch redundant laufende Containergruppen und eine unterbrechungsfreie Migration das Updaten von Anwendungen während des Betriebs ohne Ausfallzeit unterstützt. Das ist nur ein Bruchteil der Features von Kubernetes. Wir sind bereits mit Hochdruck am Testen, sodass wir möglichst bald auch Kubernetes in unser Angebot für virtuelle Server- und Clusterlösungen aufnehmen können.

Back in Game: Kolab 3.3 for Gentoo

2020-04-19T15:12:28+01:00Von Daniel Morlock

Some weeks after the official Kolab 3.4 release we finally released the Gentoo packages for Kolab 3.3 including the usual benefits like the CalDAV/iCAL ready calendar plugin and the Getmail plugin which allows fetching mails from any external email account right into your Kolab Groupware. During this release some things required much more work than we've expected. To speed things up for the next time we plan to cooperate more closely with the Kolab developers and the community. For example we finally requested the multi-driver support for the calendar plugin to be pushed upstream. The required patch is currently pending and waiting for approval. Further we had some great release planning meetings with the Kolab guys where they announced to also keep focus on quality assurance and upgrade paths for the

Mail Address Tags With Zarafa

2017-11-15T14:30:46+01:00Von Daniel Morlock

Mail Address Tags or Mail Address Extensions are meant to allow a user to extend his or her email address. The user can add a tag (or extension) to his address and will still recive mail in his standard inbox. Lets make an example: the email address of Robert may be robert.paulson@example.com. Using address tags, Robert can add the name of the page where he has registered himself with his mail address, for example robert.paulson+twitter@example.com. The seperation with a plus sign is not a must, but it is the common use. In fact you could use any valid email string to indicate mail tags. When Robert now recives an email with such a tag, he can easily create a filter rule for example to move all tagged emails to a

Android App: Remote Keyboard

2017-11-09T10:17:29+01:00Von Daniel Morlock

As a big fan of open source software, I'm running my Android phone without Google's Play Store. The only resource for apps I use is FDroid. And there are some really nice apps available. In this post I'll show you how to install and setup a remote keyboard app that also includes clipboard management. And the best part: It does not require any special software! Installation There are many ways to install the app on your phone: Install it using one of the available markets. Remote Keyboard is available in the FDroid and in the Play Store. The FDroid store also offers a direct download link, so you don't need to use an app store at all, if you don't want to. Another way is of course to compile the source

Change KVM/Ganeti Storage Controller For A Windows Guest

2017-11-09T10:20:28+01:00Von Daniel Morlock

The old Windows 2003 Server of a customer, which was mentioned in an earlier post, encountered some problems since the last windows update. Varied blue screens indicated a problem with the virtual storage controller. As this was still an virtual IDE controller, an update to the VirtIO SCSI drivers was the logic step to do. Many sources I found on the internet on this topic suggested to reinstall/repair-install Windows, but this was not a possibility. This post sums up how to change the storage controller of a Windows installation without reinstalling Windows. The reason why someone wants to do this is a change of the hard disk (from IDE to SATA, from physical to virtual, etc.) or a replacement of controller hardware, e.g. your motherboard

OCSP Stapling on Nginx

2021-04-01T11:06:46+01:00Von Daniel Bross

OCSP (Online Certificate Status Protocol) is an internet protocol used for obtaining the status of SSL certificates. It was created as an alternative to CRL (Certificate Revocation Lists) and is described in RFC 6960. In this post I'll try to explain the differences between CRL and OCSP and what OCSP stapling is good for. CRL and OCSP Here is how certificate validation is supposed to work: Browers and other clients are supposed to check somehow if the certificate some HTTPS website presents to them is still valid or was already revoked for some reason. In case of CRLs the client downloads a list, which contains a number of serial numbers of certificates which are no longer valid. The problem here is, that in order to access an HTTPS website, the

Kolab 3.2 for Gentoo is ready to rumble

2017-11-09T10:23:34+01:00Von Daniel Morlock

Just in time for the official Kolab 3.3 release, our Gentoo packages for Kolab 3.2 became stable and ready to use. This will clear the way for the upcoming release of Kolab 3.3 for Gentoo. Altough this release won't bring any major changes, it prepares the ground for upcoming developments and new features in Kolab 3.3. Further, with Kolab 3.2 we introduced an upgrade path between Kolab releases for Gentoo and we will try our best to keep updates as consistent and comfortable as possible. A lot of work has been done by the Kolab developers to support the new features of the upcoming Cyrus IMAP 2.5 including support for event notifications, xconversations and full-text indexing. Unfortunately, Cyrus 2.5 is neither announced on the Cyrus

Migrate Windows 2000/XP/2003 from VMWare to Ganeti/KVM

2023-01-30T17:04:57+01:00Von Daniel Morlock

The migration of a virtual Windows 2003 Server system from an existing VMWare ESXi 5.0 machine to a new Ganeti cluster based on KVM was way harder than expected. The process discribed on this page should work for other virtualisation platforms as well. Just replace the Ganeti and ESXi specific commands with the corresponding commands of your virtualisation software. Prepare it! Before we start, it is important to know that without the appropriate modifications to the registry, a Windows 2000/XP/2003 Server refuses to boot from a new disk controller. Hence before shutting down the virtual machine, you have to install this registry patch available from the Microsoft Knowledge Base. Just follow the instruction of the knowledge base article to install the registry patch. This concerns