Installing MariaDB + PHPMyAdmin on Debian 11/Debian 11 Proxmox LXC Container

Installing MariaDB 10.5

apt update; apt upgrade -y
apt -y install curl software-properties-common gnupg2

then

curl -LsS -O https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
bash mariadb_repo_setup --mariadb-server-version=10.5

then

apt install mariadb-server mariadb-client -y

then

mariadb-secure-installation

when prompted…

Switch to unix_socket authentication [Y/n]    (Answer: n)
Change the root password? [Y/n]               (Answer: n)
Remove anonymous users? [Y/n]                 (Answer: y)
Disallow root login remotely? [Y/n]           (Answer: n)
Remove test database and access to it? [Y/n]  (Answer: y)
Reload privilege tables now? [Y/n]            (Answer: y)

Install Apache2

apt install apache2 -y

Install PHP

We are using this server strictly for MariaDB, to make things simple, we can install our OS’s native PHP version, in Debian 11’s case that would be PHP 7.4. If needed PHP8 will also work.

apt install php php-common php-mysql php-gd php-cli -y
service apache2 restart

Install PHPMyAdmin

apt install phpmyadmin -y

log into MariaDB and create our Database Administrative user.

mysql -u root -p

once you’ve logged in, we create our new Administrative user via MySQL/MariaDB cli, take note of the bold words, don’t forget to use unique values if copy and pasting.

CREATE USER Administrator@localhost IDENTIFIED BY "mysecretpassword";
GRANT ALL PRIVILEGES ON *.* TO Administrator@localhost WITH GRANT OPTION;
FLUSH PRIVILEGES;

exit

once outside MariaDB’s cli and back into Debian’s terminal

service mysql restart

Install Vim (text editor)

apt install vim -y

Adding SSL/HTTPS Support to Apache/PHPMyAdmin

a2enmod ssl
a2enmod rewrite

Prepare our apache folder for SSL cert storage

mkdir /etc/apache2/certs/ssl

then

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/certs/ssl/ssl.key -out /etc/apache2/certs/ssl/ssl.crt

once completed with cert detail prompts you will want to edit apache’s defaut site config

vim /etc/apache2/sites-available/000-default.conf

Add the following three lines of code before the </VirtualHost> closing tag.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Finally we enable our ssl configuration and restart our apache services

a2ensite default-ssl.conf && systemctl restart apache2

to get your local server IP address, inside terminal use the following

ip addr

once you have your server’s local network address you should be able to access it from any computer on the same subnet using putty.

For this example, the server sits on the same local network. If you wanted to host the server remotely and access phpmyadmin you would likely use certbot to autogenerate validated ssl certs.

Fake Online Pet Store Scams Are On The Rise

Anyone considering buying a pet via a website should be wary of making any payments until you have done aggressive research on the facility/kennel!

Over the past year, and due to covid lockdowns, there has been an increase in websites selling pets. In some cases, these sites are entirely fake. This type of scam is particularly crueler, much like the popular scams targeting the less tech-savvy using fake refund/bank/amazon login sites.

The scam goes a little like this:

  • Attackers setup a fake website, usually using something like WordPress.
  • Attackers then go to various websites and steal images of real dogs belonging to other kennels/sellers.
  • Attackers then set up a fake marketplace utilizing the stolen content.
  • Attackers then optimize their websites to rank higher then real kennels.

Due to the nature of how idiotic SEO algorithms are, buyers are funneled in directly to the fake site via search engines. Once on the site, the attackers use multiple metrics to optimize their profiles and ultimately scam their targets.

How To Avoid Being Scammed By Fake Pet Store Sites

  1. Do Your Research, Call, Visit (if you can), ask for a Zoom, Skype, Duo, or Facetime video call.
  2. If You are paying a premium price for a high-end breed, Look up the kennel club’s information, the American Kennel Club Is a first good step.
  3. Take the profile picture of the site’s pet profile and do a quick Google Image Search, make sure it’s not a stock photo or a stolen image from another site.
  4. Watch out for foreign accents.
  5. Ask for a license, visit their state’s or local municipality’s website and verify their license. You should be able to call a customer service line as well.
  6. Don’t use giftcards, cryptocurrency, zell, cash, check. Use PayPal or a Credit Card which offers better protection from such scams.

As a previous pet owner, I know how falling for a scam like this can upset anyone. Hopefully, these quick tips will have helped someone trying to get a pet do it a bit more safely and, most importantly, not fall for a potential scam.

When your new pet gets home, don’t forget to buy them lots of treats!

Northwest Victims Tricked Into Calling Scammers Fake Support Number

There seems to be some hilarious tomfoolery going on where victims are tricked into calling a fake support number via email. The worst part is the scammer’s effort or IQ level, put some effort loser, but I digress. The worst part seems to be it targeting the poor (those experiencing financial hardship if you want to be P.C.) as they would be most likely to panic and call. Beware if you’re lucky enough to fall for it, you are further exploited into giving account details, credit cards numbers, nuclear codes, etc. The scam is some basic sh*t but for the uninitiated, it can spell a bad week or month/s of the recovery process. So the moral of the post is if you get a shady email telling you to thank you for your some unknown purchase from Amazon (or wherever), with a crazy price, support numbers listed in the same email multiple times… I’d probably call it, f*ck it.

No, no, don’t call. Validate the sender’s address, no support email from any big company will come from Gmail or Hotmail, it will come from the companies domain. If you’re still in doubt, don’t panic, do a quick search on Google, look up the company visit the site, look up their support information, and contact them. Don’t be a statistic.

It’s Official, China Is Undeniably Attacking US Networks 400% Increase In Network Attacks Over Holiday Weekends.

Ok so I am not here to point fingers because both governments pretty much do the same thing duh… I will also add that Chinese attacks on US networks have increased in the past few months since the conflicts in Ukraine. Over this memorial weekend I have been monitoring many server nodes across different data centers and have definitely had in increase in brute force and scan attacks.

Today I have noticed a 400% increase in additional log records related to these attacks. Coincidence I think not, how else do you explain an increase in attacks a day before a major US holiday? Chinese PLA will obviously deny anything but if you analyze the data it definitely looks like a coordinated attack on US networks .Chinese Intelligence Assumes that no IT personal will be working over the weekend so they amp their attacks. Let let me say something to Chinese Intel… YES WE WORK ON HOLIDAYS TOO!… lol

P.S. I have logs to prove that too… xD

Here is a list of their most popular attack networks…

inetnum:        61.174.51.192 – 61.174.51.255
netname:        HANGZHOU-SRT-TECHNOLOGY-CO-LTD
country:        CN
————————————————————————–
inetnum:        42.62.0.0 – 42.62.127.255

netname:        Forest-Eternal
descr:          Forest Eternal Communication Tech. co.ltd
descr:          Rm.902,North Real Estate Building, Build. No.3,
descr:          #81Yuan,Haidian District,Beijing
country:        CN

————————————————————————–

inetnum:        116.8.0.0 – 116.11.255.255
netname:        CHINANET-GX
descr:          CHINANET Guangxi province network
descr:          Data Communication Division
descr:          China Telecom
country:        CN

————————————————————————–

inetnum:        61.191.0.0 – 61.191.255.255
netname:        CHINANET-AH
descr:          CHINANET Anhui province network
descr:          China Telecom
descr:          A12,Xin-Jie-Kou-Wai Street
descr:          Beijing 100088
country:        CN

————————————————————————–

inetnum:        117.79.80.0 – 117.79.95.255
netname:        SANXIN
descr:          Beijing Sanxin Shidai Co.Ltd
descr:          1513 Xinjishu building Beijing link west road
descr:          Haidian District, Beijing, PRC
country:        CN

 

 

The Future Of Decentralized Computing And It’s Impact On Social Justice On The World Wide Web

 

Get ready people we are living once again in exciting times for the internet, it’s evolving! We are living in times where information can no longer be suppressed which will have a major impact in overall society. People all around the world are becoming involved in the preservation of privacy and social justice. Here are some ideas of how I think decentralized computing will change the world.

 

1) Open Source Decentralized Political Registry

Everyone who is a political or public official should be registered on this site, their entire public record could be open sourced and controlled by a community, decentralized platform would eliminate illegal confiscation of infrastructure or prevent censorship. rendering covert corruption difficult.

2) Open Source Decentralized Criminal Registry

Every person on this planet would now be able to report any crime about any person including a public official (police, federal, military officer etc…) at any time and keep it in public domain. This would eliminate extortion, threats and possible cover-ups by any person/group or agency in the world. This platform would also be decentralized to eliminate confiscation or hack.

3) Open Source Decentralized News Registry

Every person on this planet would now be able to report any crime about any person including a public official (police, federal, military officer etc…) at any time and keep it in public domain. This would eliminate extortion, threats and possible cover-ups by any person/group or agency in the world. This platform would also be decentralized to eliminate confiscation or hack.

4) Open Source Decentralized Education Registry

Every Person in the world would now have access to any knowledge without propaganda, lies, manipulation, managed by a global community on a credit system so popular vote always wins.

 

The overall idea is to create an infrastructure that anyone can post any information without censorship, but the information must remain check able, other “wallets” with “coins” or credits should have the ability to change or revise any post, as the post is modified the amount of credits required to modify the post increases, groups of wallets/users could donate amounts to a pool key to also use their limited credits to help causes they might believe in, this will discourage the act of one person acquiring many credits and overwhelming a specific record or trying to hijack its content, a group of wallets/users would always be able to override a single user modifications.

Google Glass Security & The Surveillance State, Privacy Beware

url

Like usual all the Google Fanboys, marketing buffs are in full effect as Google and their millions of dollars begin to influence the masses with what they call revolutionary… Google Glass.
As usual all the sheeple are blinded by the fad and how their social status will be after wearing these glasses. What people are failing to see are the numerous privacy issues that these type of devices bring to the table, if you think hacked cellphones are a problem lets dive into some of the possibilities with Google Glass…

  • Camera Hacking/Hi-jacking
  • Microphone Hacking/Hi-Jacking
  • Video Interception/Hi-Jacking
  • GPS Tracking

Camera Hi-Jacking
This Could be used on a compromised device to take snapshots of meetings, projects, monitors/screens and so on. Now days cameras on smart devices tend to embed GPS information into pictures, which can result as another tracking vector.

Microphone Hacking/Hijacking
This Could be used to snoop in on private meetings, talks, calls and things along these lines.

Video Interception
One of my favorites,  If pulled off correctly this could allow a potential attacker/agency the ability to record/view multiple locations at a single time. This could also be used in conjunction with facial recognition, it would allow multiple glasses to work as spy cams, which are a lot closer to people (when worn) ultimately creating a more effective facial recognition system/surveillance grid. This could also be used to spy on peoples workplace, their meetings, life or anything that could be exploited/copied/stolen by eavesdropping.

GPS Tacking We all know how that works, but what most people don’t know is that this has actually been secretly done for YEARS using cell phones as part of another NSA program. This would just be another vector used.

Does every still believe that Google is just out for your best interest? I mean it’s no coincidence that an ex-NSA director just happened to get hired by Google. If you know anything about computer science or information technology, you know that NOTHING IS UN HACK-ABLE and that no corporation is out for your best interest…

Bitcoin To Possibly Rival The US Dollar, Could It Be Staging Itself As A Global Reserve Currency?

 

url

 

 

 

 

It’s true Bitcoin is and has been steadily growing in use increasing its user base more than 1400% in one year. This because “it is immune to government or bank manipulation” -Max Keiser.
If true this has become the semi-perfect solution to traditional monetary policy as crypto-currency is not governed by any central authority.
This is a very interesting concept and hopefully we will know more in the coming months. As Bitcoin currency cannot be manipulated it may soon become a widely used global currency possibly overtaking traditional currency notes and even the current global reserve currency, The US Dollar.

 

Max Keiser talks about bitcoin:
http://rt.com/shows/keiser-report/episode-416-max-keiser-005/

http://www.youtube.com/watch?v=sMcZF4810ao

Sick And Tired Of Censorship And This False Sense of Freedom Of Speech Online!

Seriously I am sick and tired of Twitter and Facebook and other sites always censoring information and not relaying posts outside of twitter. Why do certain topics not aggregate across the net? Oh Yeah because Twitter is a piece of crap service to begin with, I mean seriously in the 7 years of seo I still cant find any real significance only hype. Not only are they in bed with governments around the world suppressing news and information but they are actively trying to kill their API community in a sad attempt to gain more traffic to their shitty site. Facebook… I don’t want to get started with… all the bullshit involved with this company is hilarious from their blatant disregard for privacy to their state of the art facial recognition system currently running in secrecy for NSA and CIA (part of Tapwire). Its ridiculous, is there no one out there who dares to challenge the status quo? Has everyone truly become cowards?

I think its time for a new internet infrastructure that doesn’t run on the current TCP/IP structure, an internet that isn’t being developed by Universities (Internet2) who are funded by US military (or any for that matter). Any University secretly working on projects with military applications should be abolished, or at least have the title of University removed and boycotted and/or destroyed.  The world doesn’t need institutions working frivolously on more weaponry for barbaric idiots who deem themselves superior.
Its time for a new mindset, one away from the all the left and right paradigm of political assholes who want to play the blame game while the world crumbles.

We need a new facebook and twitter service that is not influenced by governments, where the people running the company actually have backbones and stand up for what they believe in instead of giving into a seriously grotesque system. Seriously everything is this world should not be influenced by monetary gain, there is more to life then money.
People in science should publish their works as open source, contributing to humanity as a whole instead of a wealthy few.

Information must remain free and open and most importantly WITHOUT CENSORSHIP it is the only path to peace, a collective mindset where no one can hold any information/secret above anyone else.

“Beware of he who would deny you access to information, for in his heart he dreams himself your master.” – Sid Meier’s Alpha Centauri [1998], Commissioner Pravin Lal