Configure Firefox for anonymity

To get started, type the following in the address bar of the Firefox browser:

about:config

Below I will describe what settings transmit information about the user, for faster search, you can copy and paste the parameter into the search bar.

Google Safe Browsing (the parameter includes the transmission of information about the sites visited by the user on Google and prevents visits to sites with malicious software):

browser.safebrowsing.enabled
browser.safebrowsing.downloads.enabled
browser.safebrowsing.malware.enabled

Sending stability and performance reports to Firefox:

datareporting.healthreport.service.enabled
datareporting.healthreport.uploadEnabled

Usage statistics:

toolkit.telemetry.enabled

The parameter transmits the real IP address even if a VPN connection or TOR is used:

media.peerconnection.enabled

Enabling integration with the Pocket service:

browser.pocket.enabled

Using geolocation:

geo.enabled

Firefox connects to third-party servers without permission:

loop.enabled

Saving typed text in the search, for further tips:

browser.search.suggest.enabled

Enabling locks to track user information:

privacy.trackingprotection.enabled

Monitoring the number of Ubiquiti sector clients by SSH from Zabbix

On the test I’ll give an example of getting the number of clients connected to the usual sectoral antenna Ubiquiti AirMax Rocket M5.
We will receive the data via SSH.

To test once we connect to the device (the first time when connecting, type yes and press enter):

sudo -u zabbix ssh -p 22 admin@192.168.0.55

Now in Zabbix we add the data element to the template or host, for example with the name “Template Ubiquiti Rocket M5 Sector”:

Name: any
Type: SSH agent
Key: ssh.run[clients,,22,utf8]
Authentication method: Password
Username: NAME
Password: PASSWORD
Executed script: the command executed on the device (see below)

Example of the command displayed the number of connected clients:

wstalist |grep "mac" |wc -l

Accordingly, we create a graph for the data element, as well as the trigger:

Name: On the sector antenna {HOST.NAME} > 40 clients
Expression: {Template Ubiquiti Rocket M5 Sector:ssh.run[clients,,22,utff8].last(#1)}>40

See also:
Configuring SSH checks in Zabbix

How to troubleshoot Samba autorun in Linux?

I installed and configured Samba once on the next Ubuntu Server 14.04.5 LTS as described in this article Installing and Configuring Samba in Linux.

And after restarting the system, not everything was started, smbd and nmbd were started, if they can be restarted like this:

sudo restart smbd
sudo restart nmbd

But you can not connect to the disk and you still had to execute the command:

sudo service samba start

For samba to automatically start at system startup, execute the following command:

sudo update-rc.d samba defaults

Done.

Solving the error of “Interface (‘VirtualBox Host-Only Ethernet Adapter’) is not a Host-Only Adapter interface”

I noticed once in VirtualBox when starting a virtual machine the following error:

Interface (‘VirtualBox Host-Only Ethernet Adapter’) is not a Host-Only Adapter interface (VERR_INTERNAL_ERROR).

As it turned out in the device manager of the system and in network connections for some reason, the network interface disappeared “VirtualBox Host-Only Network

For this, the easiest and fastest solution to an error will be to update or reinstall VirtualBox, virtual machines and settings will remain thereafter.
And also in the virtual machine, at which start there was an error, nano to specify the same network parameters.

Done.

Some information about the virus encryptor Trojan.Encoder.12544 attacked 06/27/2017

06/27/2017 After lunch, I received a call from one organization and reported that many computers stopped working, but some worked, I understood that Windows auto-update was enabled and all updates were installed, including the critical vulnerability fix that the virus uses – Microsoft Security Bulletin MS17-010 – Critical

On some infected computers, there was the following window (infected MBR area):

On the other side, the disk was checked for errors via CHDISK, as it turned out to be the second stage of the virus – disk encryption using AES-128-CBC algorithms and in this case, an immediate shutdown is necessary to recover the remaining unencrypted data.
Through special utilities, you could see only a few unencrypted data that can be recovered, and the rest can only be returned from backup copies made by system administrators since the decryptor is not available at the moment.
Under the old version of the virus last year, the decryptor was written https://github.com/leo-stone/hack-petya

The mail that was specified for requesting the decryption key was blocked after some time after the virus appeared, even about 45 transactions were received on the wallet.

Installing and using Conky in Linux

Conky – system monitor.

The installation command in Ubuntu:

sudo apt-get install conky

In CentOS/Fedora:

sudo yum install conky

Start command:

conky

At the first start, I displayed this window:
conky

The configuration files are located in the /etc/conky/.

To read the built-in documentation, you can run the following command:

man conky

Example of launching in a background with an update interval of 2 sec.:

conky -d -u 2

To stop, you can use the command:

pkill conky

Configuring PIM on MikroTik

Here is an example of configuring PIM on two MikroTik routers:

Let us configure the first MikroTik.
Add a pim interface and check:

routing pim interface add
routing pim interface p

Add the IP address of RP (this MikroTik):

routing pim rp add address=IP-ADDRESS

Let’s specify from which IP multicast traffic is allowed:

routing pim interface set alternative-subnets=238.0.0.0/24,239.0.0.0/24

Let’s configure the second MikroTik.
Add a pim interface to the uplink WAN port, I have ether1:

routing pim interface add interface=ether1
routing pim interface p

Add the IP address of the RP (the first MikroTik):

routing pim rp add address=IP-АДРЕС

Let’s specify the route of the multicast source: (first MikroTik):

ip route add 239.0.0.0/24 via IP-АДРЕС

Done.