Broadcom sends cease-and-desist letters to users of VMware perpetual licenses without a maintenance contract
Archive for Mai, 2025
VMware by Broadcom – ended perpetual license sales and users with perpetual licenses can still use the software they bought but they are unable to renew support services unless they had a pre existing contract enabling them to do so
Donnerstag, Mai 8th, 2025GMKtec Nucbox G3 Plus – is built around Intel’s N150 processor a quad-core chip for energy efficiency and light computing tasks
Donnerstag, Mai 8th, 2025REDDOXX Archive Cloud – eMail Archivierung für Microsoft 365 Onboarding & Konfiguration
Donnerstag, Mai 8th, 2025LlamaCon 2025 – this session features a keynote presentation with Chief Product Officer Chris Cox VP of Llama Manohar Paluri and Llama Researcher Angela Fan
Donnerstag, Mai 8th, 2025AVM FRITZ!Tech – das brauchst man für den FRITZ! Smart Energy 250
Donnerstag, Mai 8th, 2025Understanding Snort Rules – the FritzBox sends ICMPv6 packets to distribute information about the network such as router announcements used for automatic address configuration (SLAAC) and DNS server discovery specifically ICMPv6 type 134 packets as routing advertisement with multicast address FF02:: are used to announce that the FritzBox is a router and provide information about available network prefixes and DNS servers
Mittwoch, Mai 7th, 202505/07-20:01:05.468282 [**] [1:10000001:1] ICMP test detected [**] [Classification: Generic ICMP event] [Priority: 3] {IPV6-ICMP} :: -> ff02::1:ff02:13ed
root@rpi-iot-jsho-snort-02:~# vi .swatchrc
ignore /ff02::/
watchfor /Priority\: [1-3]/
echo=normal
mail=js@dpsolution.de,subject=[SNORT] Priority [1-3] Alert
Snort 2.9.15.1 – network intrusion detection system (NIDS) installation & config & logging & rule writing
Mittwoch, Mai 7th, 2025
root@rpi-iot-jsho-snort-02:~# apt-get install snort
root@rpi-iot-jsho-snort-02:~# snort -V
,,_ -*> Snort! <*-
o“ )~ Version 2.9.15.1 GRE (Build 15125)
““ By Martin Roesch & The Snort Team: http://www.snort.org/contact#team
Copyright (C) 2014-2019 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using libpcap version 1.10.3 (with TPACKET_V3)
Using PCRE version: 8.39 2016-06-14
Using ZLIB version: 1.2.13
root@rpi-iot-jsho-snort-02:~#
root@rpi-iot-jsho-snort-02:~# systemctl status snort
● snort.service – LSB: Lightweight network intrusion detection system
Loaded: loaded (/etc/init.d/snort; generated)
Active: active (running) since Mon 2025-04-28 20:02:47 CEST; 21min ago
Docs: man:systemd-sysv-generator(8)
Tasks: 2 (limit: 383)
CPU: 11.421s
CGroup: /system.slice/snort.service
└─1570 /usr/sbin/snort -m 027 -D -d -l /var/log/snort -u snort -g snort –pid-path /run/snort/ -c /etc/snort/snort.conf -S „\“HOME_N>
Apr 28 20:02:47 rpi-iot-jsho-snort-02 snort[1570]: Preprocessor Object: SF_DNP3 Version 1.1 <Build 1>
Apr 28 20:02:47 rpi-iot-jsho-snort-02 snort[1570]: Preprocessor Object: SF_DNS Version 1.1 <Build 4>
Apr 28 20:02:47 rpi-iot-jsho-snort-02 snort[1570]: Preprocessor Object: SF_SMTP Version 1.1 <Build 9>
Apr 28 20:02:47 rpi-iot-jsho-snort-02 snort[1570]: Preprocessor Object: SF_SDF Version 1.1 <Build 1>
Apr 28 20:02:47 rpi-iot-jsho-snort-02 snort[1570]: Preprocessor Object: SF_IMAP Version 1.0 <Build 1>
Apr 28 20:02:47 rpi-iot-jsho-snort-02 snort[1570]: Preprocessor Object: SF_POP Version 1.0 <Build 1>
Apr 28 20:02:47 rpi-iot-jsho-snort-02 snort[1570]: Preprocessor Object: SF_SSH Version 1.1 <Build 3>
Apr 28 20:02:47 rpi-iot-jsho-snort-02 snort[1570]: Preprocessor Object: SF_GTP Version 1.1 <Build 1>
Apr 28 20:02:47 rpi-iot-jsho-snort-02 snort[1570]: Preprocessor Object: appid Version 1.1 <Build 5>
Apr 28 20:02:47 rpi-iot-jsho-snort-02 snort[1570]: Commencing packet processing (pid=1570)
root@rpi-iot-jsho-snort-02:~#
root@rpi-iot-jsho-snort-02:~# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 22633 0 56 0 4279 0 0 0 BMRU
lo 65536 38 0 0 0 38 0 0 0 LRU
root@rpi-iot-jsho-snort-02:~# ip link set eth0 promisc on
root@rpi-iot-jsho-snort-02:~# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 22873 0 56 0 4330 0 0 0 BMPRU
lo 65536 38 0 0 0 38 0 0 0 LRU
The flag will be updated to BMPRU
Flag details are as follows
B flag is for broadcast
M flag is for multicast
P flag is for promisc mode
R is for running
U is for up
root@rpi-iot-jsho-snort-02:~#
root@rpi-iot-jsho-snort-02:/etc/network# dmesg | tail -n 4
[ 87.654916] Bluetooth: HCI socket layer initialized
[ 87.654962] Bluetooth: L2CAP socket layer initialized
[ 87.655034] Bluetooth: SCO socket layer initialized
[ 108.558206] smsc95xx 1-1.1:1.0 eth0: entered promiscuous mode
Google Chrome OS Version 136.0.7103.93 – steht zum Download bereit
Mittwoch, Mai 7th, 2025Geschäftsführender Deutscher Bundesminister für Wirtschaft und Energie Dr. Robert Habeck (Grüne) – Amtsübergabe an Katherina Reiche (CDU)
Mittwoch, Mai 7th, 2025Understanding Snort Rules – ‚alert udp any any -> any 67‘ Message „Possible DHCP server“ will alert if a TCP packet is sent from any source to any destination on port 67 potentially indicating a DHCP server this rule can be used to identify and alert on potential DHCP server activity on the network
Mittwoch, Mai 7th, 202505/07-10:15:17.565258 [**] [1:527:8] BAD-TRAFFIC same SRC/DST [**] [Classification: Potentially Bad Traffic] [Priority: 2] {UDP} 0.0.0.0:68 -> 255.255.255.255:67
root@rpi-iot-jsho-snort-02:~# vi .swatchrc
ignore /0.0.0.0:68 -> 255.255.255.255:67/
watchfor /Priority\: [1-3]/
echo=normal
mail=js@dpsolution.de,subject=[SNORT] Priority [1-3] Alert
ADAC – diese 5 Tempolimit Irrtümer kosten euch richtig Geld
Mittwoch, Mai 7th, 2025Fraunhofer-Institut für Solare Energiesysteme ISE – Energy Charts Talks 05 05 2025
Mittwoch, Mai 7th, 2025Oettinger Brauerei – die in Bayern beheimatete Brauerei ist Opfer eines Ransomware Angriffs geworden
Mittwoch, Mai 7th, 2025
Understanding Snort Rules – the IP@ 239.255.255.250 is a multicast address and is used in conjunction with the Simple Service Discovery Protocol (SSDP) and SSDP is a protocol used to search for Universal Plug and Play (UPnP) devices in a network
Dienstag, Mai 6th, 202505/06-17:58:18.513849 [**] [1:1917:6] SCAN UPnP service discover attempt [**] [Classification: Detection of a Network Scan] [Priority: 3] {UDP} 192.168.1.167:1900 -> 239.255.255.250:1900
05/07-10:29:42.163512 [**] [1:1384:8] MISC UPnP malformed advertisement [**] [Classification: Misc Attack] [Priority: 2] {UDP} 2003:d4:c71d:ba00:3e37:12ff:fe55:1452:1900 -> ff0e::c:1900
root@rpi-iot-jsho-snort-02:~# vi .swatchrc
ignore /:1900$/
watchfor /Priority\: [1-3]/
echo=normal
mail=js@dpsolution.de,subject=[SNORT] Priority [1-3] Alert
Dienstag, Mai 6th, 2025
Für die MyFRITZ!App gibt's ein Update mit Stabilitäts- und Detailverbesserungen.
Jetzt downloaden:MyFRITZ!App (iOS):https://t.co/moU8FWhUo3
MyFRITZ!App (Android):https://t.co/i9L52Uw4Dw pic.twitter.com/dv7zANFMMH
— FRITZ!Box (@AVM_DE) May 6, 2025