David Yin's Blog

Currently Viewing Posts in Web & Network

How to Protect Your Smartphone from Online Threats

September 30, 2019
0 Comments

Every day, hundreds of people have their smartphone hacked, exposing important data like contacts and even credit card details to criminals that prey upon poorly protected phones.

Whenever your phone connects to the internet, it is at risk from hacking by data thieves that target phones in particular, as they contain nearly all of our important information such as passwords, emails and even the login details to online banking apps.

Fortunately, there are a few steps anyone can take to protect their phones from harm and recover their data if their smartphone is damaged or locked my malicious software.

Use a Virtual Private Network App When Connected to Public Wi-Fi

When you are using public Wi-Fi, such as when you are at a hotel or café, your phone is at risk of being hacked by someone else using that network. Some data thieves are known to connect to these networks regularly in order to steal credit card information from shoppers and tourists.

Virtual Private Networks encrypt and conceal your web traffic, even when using a public Wi-Fi network. These services can also be used from home to protect your online shopping and browsing there, giving you extra peace of mind.

Use an App to Securely Back Up All of Your Smartphone’s Data

Sometimes when a phone is hacked, it can suddenly become corrupted and unusable, trapping your files like your phone numbers and personal photographs on the device. There are apps available that can back up data to an online cloud service, but sometimes they can be missing important and more recent files.

If you have data on a damaged or corrupted smartphone, there are services like mobile data recovery by Secure Data Recovery that can recover data from your device, sometimes even if it has been deleted by a hacking program.

Use a Password Manager to Encrypt and Generate Your Passwords

Our passwords are gatekeepers to a lot of our sensitive information such as emails and bank accounts. Too many people rely on using the same password, or maybe two or three, in order to log in to all their different accounts.

Password managers use encryption algorithms to generate complex passwords for you, and store them in a ‘digital safe’ in an app on your phone and online on a secure server. The password manager will auto-complete passwords on all your accounts, or they can be copy-and-pasted from the app to the login form. This means you have only one password to remember, the one that logs you into your password manager, and you can let it safely and securely do the rest.

We keep a large amount of sensitive data on our phones, and not just banking details and contact information. Your phone probably has hundreds of photos of friends and family, as well as pictures from social media accounts. This information needs to be protected, not just from theft, but also from accidents and problems with a smartphone’s components. With a few apps and the help of professionals, anyone can protect the data on their phone, and recover it if the worst happens.

How to Add an SPF Record in Windows 2000 and Windows 2003 DNS

May 23, 2019
0 Comments

This post is an online archive of the page (http://www.michaelbrumm.com/spfwindowsdns/)

How to Add an SPF Record in Windows 2000 and Windows 2003 DNS

Step 1: Select and open the domain in which you wish to add the SPF record. Right-click in the record list and select “Other New Records…” from the menu.

Continue reading “How to Add an SPF Record in Windows 2000 and Windows 2003 DNS”

Another Facebook security failure: millions of records leaked

April 4, 2019
0 Comments

540 million data records of Facebook users were compromised after third-party apps and sites stored the data on unsecured servers.

The leaked information included comments, likes, reactions, account names, and FB IDs, and some email addresses. The app called At The Pool even stored passwords of 22,000 users in plaintext.

Security expert tips: If you have used At The Pool, make sure you are not reusing the same password for any other accounts. All other Facebook users, beware of phishing attacks based on your account activity.

How to protect yourself

  • Don’t use third-party Facebook apps. These apps collect data on Facebook and deliver it to third parties who may not be secure. If you don’t want your private data showing up on unsecured servers, don’t use any third-party apps on Facebook.

  • Don’t use Facebook. This is a tough ask for many users, but the arguments for leaving Facebook are growing. With more and more data breaches and suspicious activities coming to light every month, more people are questioning whether this free service is worth it.

  • Reduce your Facebook activity levels. The less time you spend on Facebook and the less you do on their platform, the less they know about you. When creating or editing your account, don’t provide them with any more data than they need to provide their service.

Move Virtualbox VDI to Proxmox VE System

March 25, 2019
1 Comment

I have some Virtualbox virtual machine on my desktop. Now I have Proxmox VE 5.3-8 installed on a separate machine. So I would like to move the VM to Proxmox.

Let me list the existing installation.

  • My Desktop, Windows 10 Pro version 1809.
  • Virtualbox 6.0.4 r128413
  • Guest VM inside of Virtualbox is Ubuntu 18.04 with 1G memory and 20GB disk space.
  • Proxmox VE 5.3-8, VM and LXC are stored in the local-lvm

 

Step 1, Located the vdi file and convert it to RAW format

Virtualbox vdi file location

Check the settings of the virtual machine, storage, and located the location of the vdi file. Mine is in the d:\Virtualbox VM\

Then open a command prompt window, enter the following command to convert the vdi file to raw image file.

d:
cd "program files\oracle\virtualbox"
vboxmanage clonehd --format RAW "d"\virtualbox vm\ubuntu 18.04 (122)\ubuntu 18.04.vdi" d:\testing.img

After a while the new image file is ready. The time depends on the size of your VM. Maybe 10 minutes or half an hour.

Converting

Continue reading “Move Virtualbox VDI to Proxmox VE System”

Lots of favicon.ico requests from Mainland China

March 21, 2019
0 Comments

I check the Nginx error log file regularly. I noticed that a lot of attempted accesses to favicon.ico coming from mainland China.

They come from different IP addresses and with different User Agents.  Each of these IPs is only doing this, sometimes repeatedly.

They are just waste my server’s time and CPU.  How to stop them or reduce the effect on my VPS.

Continue reading “Lots of favicon.ico requests from Mainland China”

Report the bad IP address to the AbuseIPDB

March 18, 2019
0 Comments

I have a VPS on DigitalOcean.  Web server is Nginx web server. I checked the web server log files, including an access log and error log.

The error log always gives information about the strange activities from some IP address.

2019/03/17 03:08:02 [error] 781#781: *140434 access forbidden by rule, client: 183.240.196.121, server: www.yinfor.com, request: "HEAD //com/.zip HTTP/1.1", host: "www.yinfor.com", referrer: "http://www.yinfor.com//com/.zip"
2019/03/17 03:08:04 [error] 781#781: *140451 access forbidden by rule, client: 183.240.196.121, server: www.yinfor.com, request: "HEAD //com/..zip HTTP/1.1", host: "www.yinfor.com", referrer: "http://www.yinfor.com//com/..zip"
2019/03/17 03:08:06 [error] 781#781: *140452 access forbidden by rule, client: 183.240.196.121, server: www.yinfor.com, request: "HEAD //www.yinfor.com/..zip HTTP/1.1", host: "www.yinfor.com", referrer: "http://www.yinfor.com//www.yinfor.com/..zip"
2019/03/17 03:08:07 [error] 781#781: *140453 access forbidden by rule, client: 183.240.196.121, server: www.yinfor.com, request: "HEAD //com/.rar HTTP/1.1", host: "www.yinfor.com", referrer: "http://www.yinfor.com//com/.rar"
2019/03/17 03:08:08 [error] 781#781: *140454 access forbidden by rule, client: 183.240.196.121, server: www.yinfor.com, request: "HEAD //com/..rar HTTP/1.1", host: "www.yinfor.com", referrer: "http://www.yinfor.com//com/..rar"
2019/03/17 03:08:10 [error] 781#781: *140456 access forbidden by rule, client: 183.240.196.121, server: www.yinfor.com, request: "HEAD //www.yinfor.com/..rar HTTP/1.1", host: "www.yinfor.com", referrer: "http://www.yinfor.com//www.yinfor.com/..rar"
2019/03/17 06:10:41 [error] 781#781: *145806 access forbidden by rule, client: 192.99.35.63, server: www.yinfor.com, request: "GET /wp-content/uploads/2019/03/settings_auto.php HTTP/1.1", host: "www.yinfor.com"
2019/03/17 13:21:35 [error] 781#781: *160016 access forbidden by rule, client: 139.99.121.91, server: www.yinfor.com, request: "GET /.htaccess?c=askjhGQVFcrwqevq&q=ZWNobyA0Mzc0NTc1NDc7 HTTP/1.1", host: "www.yinfor.com"
2019/03/17 13:22:21 [error] 781#781: *160124 access forbidden by rule, client: 139.99.121.91, server: www.yinfor.com, request: "GET /.well-known.zip HTTP/1.1", host: "www.yinfor.com"
2019/03/17 13:22:22 [error] 781#781: *160125 access forbidden by rule, client: 139.99.121.91, server: www.yinfor.com, request: "GET /.well-known.tar.gz HTTP/1.1", host: "www.yinfor.com"
2019/03/17 13:22:22 [error] 781#781: *160126 access forbidden by rule, client: 139.99.121.91, server: www.yinfor.com, request: "GET /.well-known.gz HTTP/1.1", host: "www.yinfor.com"

You can see the URL requested is so strange. Actually, I banned these IP address already. So the Nginx server recorded the access forbidden log.

I am not banning these IP address, but also want to report it to the AbusedIPDB.

When finding a bad IP address, I will sign in the AbuseIPDB site and report it.

Please enter the information of the behave and the details of the IP log.

 

AbuseIPDB is not just a reporting tool. The registered users can also use its API to check the IP if it is bad or spam IP. It works with Fail2Ban.

How to pass the Real IP Address of client to Nginx Server

December 19, 2018
0 Comments

I use a Nginx as  the reverse proxy. Here is the scenario.

The original server is Server A. The reverse proxy is Server B. Web users are browser the website through Server B.

Wikipedia

The web log of Server A just received the IP address of server B. All users are shared one remote address. It is Server B.

 

To pass the real IP address of client to the Web server, or server A.

  1. Set up on Server B.
    Let server B add the X-Forwarded-For header to the request. It is the real IP of users.
  2. Set up on Server A.
    Add following in to Nginx server block

    set_real_ip_from IP_Address_of_Server_B;
real_ip_header X-Forwarded-For;

 

Continue reading “How to pass the Real IP Address of client to Nginx Server”

Google will Discontinue Inbox by Gmail

September 12, 2018
0 Comments

It is a new about Google emaill APPs.

Google has two email APPs, Inbox and Gmail.

Just an hour ago, Google announced that Inbox by Gmail will be discontinue at the end of March 2019. vi

In the post “Inbox is signing off. Find your favorite features in the new Gmail”, Google said so. I am using Inbox by Gmail for three years. Until yesterday, I found that my new phone has built-in Gmail APP, I can not uninstall it to use Inbox by Gmail App. Everytime I receive an email, two notifications comeout on my smartphone. All this just happened on my LG Q6, after upgrading to Android 8.1.0.

So I uninstalled Inbox by Gmail App.  Start to use Gmail App now.

Continue reading “Google will Discontinue Inbox by Gmail”

  • Archives