Jump to content


Photo

Prevent Leaks with Linux & Firestarter (also Stop traffic when VPN Drops)

Linux Firestarter gufw ufw

  • Please log in to reply
82 replies to this topic

#81 salamander5182986621

salamander5182986621

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 16 April 2017 - 06:34 AM

Just to follow up on my posts, there is another blocking message you may be wondering about. [local ip]:5353 -> 224.0.0.[x]:5353 -- this is a mulitcast address and it basically exists so you can be lazy on the network and "discover" printers, "files to look at, and people to talk to." -- according to the arch wiki. If you're a purist, you want this immediately terminated and, if you wanted to actually connect to a device on your network, you would manually type in the correct address of said device. Solution to the problem:

# systemctl disable avahi-daemon
$ reboot

After that, no more "discovery" attempts on the network.



#82 salamander5182986621

salamander5182986621

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 12 May 2017 - 11:59 PM

After that, no more "discovery" attempts on the network.

 
This is especially useful considering today's shit-show of "cyber attacks" affecting the UK's NHS and various places around the world affecting antiquated windiz boxes. Who knew that a lowly SMB vuln could cause so much damage and corporate losses?
 
Btw, while this doesn't affect us on (proper) distros, it's always best practice to stop network propagation especially if you have antiquated windiz boxes on your network (for whatever reason.)



#83 bananaphone69

bananaphone69

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 23 June 2017 - 11:06 PM

Hi. I use a similar, though not identical method and was wondering how I might go about setting up an SSL or SSH connection using a network manager.







3 user(s) are reading this topic

0 members, 3 guests, 0 anonymous users

Servers online. Online Sessions: 13008 - BW: 41029 Mbit/sYour IP: 54.92.174.226Guest Access.