Categories
Hosting and Servers Security

Locked out of Webmin/Virtualmin?

Webmin, and its big brother, Virtualmin, are control panels for managing Linux servers. They take care of all aspects of virtual hosting. And they are superb. Oh, and free.

Annoyingly, I sometimes get locked out of the Webmin interface. I check the Webmin service is running:

service webmin status

I check the port is open:

netstat -an | grep :10000

But I’m still locked out. The answer? Firewall. Each and every time. So to help me next time my firewall rules keep me from accessing my own server, this is what I need to do. Start by flushing everything. I guess this kinda disables the firewall completely.

sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -F
sudo iptables -X

Now log into Webmin. Finally, reset the firewall, clicking the option that states: “Block all except ports used for virtual hosting”.

Done.

Categories
Quick Tips Security

AdultSwine

Just took an urgent call from a client who was concerned their Android phone had been hacked. Adverts were appearing featuring the following URLs (don’t worry – they are disabled):

These were pop-up adverts that just appeared, covering the whole screen. I immediately suggested my client install Malwarebytes – a program that detects adware/spyware and other malicious software. She did so and Malwarebytes identified an app called ‘Etsy’ to be the culprit. It had been infected with an adware (a piece of software that pushes invasive/obtrusive adverts out to the user), called AdultSwine.

With no alternative, I suggested that she remove the app. It is important here to point out that there are often apps with deliberately similar names that look like genuine apps, and there is no way at this stage to determine whether the ‘Etsy’ app that my client downloaded was the real one. In any case, there are clearly questions to put to Google around how they could permit infected applications to be available on their play store, especialy ones that deliberately mislead users into downloading them, in the belief they are genuine.

The problem immediately stopped. She then told me that she had only downloaded the app today (21st January 2018) at around midday.

Always keep your phone scanned for malware

According to security research company Checkpoint, the malware has infected over 60 applications on the Google Play store, and these ‘apps’ have been downloaded between 3 and 7 million times. Their full article can be read here.

Stay safe. Keep your phone updated. And use a good malware protection application.