Thursday, June 12, 2014

Android browser size comparison

Hey there folks! This post isn't actually a PC tip but an Android one.

I wanted some kind of list of the installation file sizes of the most popular Andriod browsers. I couldn't find one, so I made it myself.

This is based on the installation size info on Google Play on 12. June 2014.

From smallest to biggest, here it the list of Android 2.3.6. browsers compared by file size:

1. Lighting 186KB
2. Opera Mini 1.03MB
3. Ninesky Browser 1.29MB
4. Next Browser 4.02MB
5. Baidu Browser 5.28MB
6. Maxthon Browser 5.72MB
7. Boat Browser 7.67MB
8. ONE Browser 7.91MB
9. Dolphin 8.45MB
10. Mobile Classic (by Opera) 9.32MB
11. UC browser 12.83MB 
12. Firefox 28.34MB


If size matters, you might want to choose Lighting, since it by far the smallest of the more popular browsers out there.

The biggest of this list is Firefox, which is a whopping 152 times bigger than Lighting browser!

Lighting browser relies on Android's integrated browsing capabilities, which makes the small file size possible.

Thursday, April 17, 2014

How to put Firefox in Kiosk mode with no scroll bars

Here's how to make Firefox run in kiosk mode. Just install the add-on R-Kiosk.
From now on, Firefox will run in fullscreen with most of the user interface disabled.

If you want to also disable the scroll bars, you have to create a userContent.css file.
1) go to your Profile folder. In Windows 7, it is a subfolder of "%APPDATA%\Mozilla\" with a random name.
2) if a subfolder "chrome" doesn't exist in your profile folder, create the subfolder
3) if the userContent.css file doesn't exist, create it with notepad
4) add this line to the userContent.css file:
html { overflow: -moz-scrollbars-none; }


Friday, March 7, 2014

Removing Apache signature "Apache X.X.X running on Ubuntu"

On ubuntu, edit the file /etc/apache2/conf.d/security and modify the lines starting with ServerTokens and ServerSignature so that they look like this:

ServerTokens Prod
ServerSignature Off

Sunday, March 2, 2014

Making your SSH server more secure with fail2ban

Today, when I was checking the logs on my server, I noticed that someone was trying to hack it by quessing usernames and passwords.

The command
cat /var/log/auth.log

Returned something like this:
Invalid user danica from (attacker ip)
input_userauth_request: invalid user danica [preauth]
pam_unix(sshd:auth): check pass; user unknown
pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=(attacker ip)
Failed password for invalid user danica from (attacker ip) port 20135 ssh2
Received disconnect from (attacker ip): 11: Bye Bye [preauth]
reverse mapping checking getaddrinfo for (attacker host) [(attacker ip)] failed - POSSIBLE BREAK-IN ATTEMPT!
Invalid user daniela from (attacker ip)
input_userauth_request: invalid user daniela [preauth]
pam_unix(sshd:auth): check pass; user unknown
pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=(attacker ip)
Failed password for invalid user daniela from (attacker ip) port 12037 ssh2
Received disconnect from (attacker ip): 11: Bye Bye [preauth]
reverse mapping checking getaddrinfo for (attacker host) [(attacker ip)] failed - POSSIBLE BREAK-IN ATTEMPT!
Invalid user daniele from (attacker ip)
input_userauth_request: invalid user daniele [preauth]
pam_unix(sshd:auth): check pass; user unknown
pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=(attacker ip)
Failed password for invalid user daniele from (attacker ip) port 28710 ssh2
Received disconnect from (attacker ip): 11: Bye Bye [preauth]
reverse mapping checking getaddrinfo for (attacker host) [(attacker ip)] failed - POSSIBLE BREAK-IN ATTEMPT!



Of course, I wanted this to stop. After a quick google search I found two good ways of preventing this: change the ssh server port number to something else than 22 or to use fail2ban to ban the ip address of the attacker with iptables.

I didn't want to change the SSH port, since I've configured it on multiple computers and applications, so fail2ban was my solution of choice.

I'm using ubuntu, so fail2ban could be installed with the commands
apt-get update
apt-get install fail2ban

After the installation, running the command
fail2ban-client status
showed me that fail2ban was running with the default settings (ssh jail was active).

Typing
fail2ban-client status ssh 
showed that one IP address was already blocked by the program.

The "BREAK-IN ATTEMPT!" messages stopped appearing /var/log/auth.log, and the iptables directive list
iptables -L
showed that the attacker's IP was automatically added to the firewall table.

You can also monitor the fail2ban log at /var/log/fail2ban.log

I didn't stop there, though. I edited the fail2ban configuration file /etc/fail2ban/jail.conf so that also some of the apache-related jails were enabled, and I changed the maxretries to a lower value and the ban time to be longer.

In addition, I added a line to /etc/fail2ban/action.d/iptables-multiport.conf that notifies badips.com of each ip that gets banned. This way I get nice graphs and the ips are added to badips.com blocklist, automatically blocking them from other sites as well. Here's a nice tutorial on how to do that.