The quickest way to find brute force attackers on a server using Netstat
30 May 2025
11:20 am
Step 1. Identify the bastard: netstat -an | grep ‘:443’ | grep ESTABLISHED | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq
Knowledgebase
How to recognise and outbound attackers and a website compromise
23 May 2025
11:28 am
Platforms: Outdated CentOS 7 Virtualmin Client suddenly added to 8 block lists visible on MX Toolbox. Server’s top shows many users of the same name.
Proxmox Firewall Primer
21 May 2025
4:31 pm
Background Sooner rather than later your servers and routers will be attacked. This is especially so if you run a large network (>100 servers), and
ZFS Primer
19 May 2025
7:04 pm
Sometimes your ZFS drives on your disk runs away with you. Then you quickly need commands to see what ZFS disk is the busiest. Try
Canon printer asking for username / password
1 May 2025
11:21 am
Open the file /etc/cups/cups-files.conf. Find the group name at the line containing SystemGroup (in Ubuntu it should be lpadmin). Add yourself to that group (sudo usermod -a -G lpadmin
The quickest way to find brute force attackers on a server using Netstat
30 May 2025
Step 1. Identify the bastard: netstat -an | grep ‘:443’ | grep ESTABLISHED | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq
KernelCare Broken Warnings and Looping about Free Symlink Protection on WHM/cPanel servers
27 May 2025
On a cPanel server you may see this warning: You’ll notice the link “Add KernelCare’s Free Symlink Protection” but clicking it bring up either a
How to block and and unblock IP addresses using FirewallD
27 May 2025
What is FirewallD? FirewallD (Firewall Daemon) is a nice alternative to iptables but still uses iptables behind the scenes. Yet it’s much simpler and easier
How to gain control over a postfix server by deleting all messages in the queue at once
27 May 2025
Scenario If your postfix server is running away and it’s chaos because there are 1000s or millions of messages in the queue, your only recourse
How to recognise and outbound attackers and a website compromise
23 May 2025
Platforms: Outdated CentOS 7 Virtualmin Client suddenly added to 8 block lists visible on MX Toolbox. Server’s top shows many users of the same name.