Search results

@blergh that seems like more of an argument for Pure IPSec tunnels than against it. Transmission in plaintext for security critical data should be avoided. GRE & IP-in-IP (the standard for tunneling protocols) are un-encrypted unless IPSec transport is used, an IPSec Tunnel is another method...

@Francisco Windows has two modes of operation IPSec + L2TP (one API) and plain IPSec (one almost undocumented API). Plain IPSec is almost impossible to find details on, even within MSDN. Its a part of a MCP certification, so there is some basic details around but nothing relevant to Linux...

Nothing to see here, just some much needed self-gratification. Geek content ahead. Finally got pure IPSec tunnels working at X4B. Woot Woot! (Ok so probably not all that exciting to many people) For those who arent aware "pure ipsec tunnel" is referring to the tunnel mode of IPSec, as apposed...

You cant lie about a airy term that many people in the industry cant even agree on. Its a buzz word nothing else.

Quite nice, btw your current/old design has a major usability issue. Can anyone else read that?

@ Looking at the attack you have just a bunch of open connections, i.e likely a Layer 4 connection flood. Event based web servers are great for resolving Layer 4 floods against a HTTP Server (Layer 7 server). However you still need the ram (nginx 4-32kb per connection) to track the connection...

Err, but why does the content matter? Or am I not understanding something. What your client stores on their VPS should be none of your business (ex abuse complaints / legal requirements etc).

Whiteboard for immediate (week) tasks. Notes and longer term / later tasks into a Notepad++ document.

Vultr has always struck me as 'meh'. Ive experienced a few Interface issues, and all the 'cloud' features remain in beta after many many months. The main selling point of Vultr for me is Windows support, unfortunately the option to use purchased licences is not available unless you build an...

Are you using SPDY and a Windows client? There was a bug fixed in nginx that caused an extra round trip... often causing a 200ms delay. Something to do with SSL record alignment or something, I cant remember exactly (we never ran that version as a result). Also 1.7.8 fixes tcp nodelay -...

Windows does not support GRE or IP-in-IP. What we (X4B) offer is developed in-house primarily for the benefit of our customers, specifically so they can do what you are asking with us. A basic free for non-commercial use version is floating around on this forum (and others). Features relating...

Its too little data to be any facial recognition algorithm I am familiar with. It could just be a blur function, or a really basic facial recognition algorithm based off simple metrics (i.e distance between eyes). Source: 6-12 months work on a project in the Computer Vision area. Not an expert...

The OpenVZ name has a lot of traction, I think its going to take a lot of work to make this name change happen and stick.

Nice to see the NBN money being well spent!

Mostly smooth on our end. A small interruption / packet loss incident in Denver over Cogent for ~2-5 minutes at 2AM on the 25th but other than that everything ran nice and easy. We had a few pre-sales tickets too, I must admit honestly in most cases I wouldn't have a problem delaying them...

Honestly I didn't think much of it. Got bored after about an hour. Although I didn't really know what to expect from it when downloading, just wanted to see what the hype was all about.

use system()/exec()/proc_open() and just call bash? https://github.com/splitice/bulkdnsblcheck

Not that I would encourage illegal activity but... There is likely a high correlation between those administrators who have not disabled MONLIST and those not updated, or going to update...  It could be even considered an act of garbage removal, a public service for the internet. Of course...

Hopefully this decreases the number of people with MONLIST enabled...

For me it is a must if the provider charges for server to server traffic. Even if this is not the case, an internal network can provide additional security depending on the setup - or just be easier than setting up GRE + IPSec on a public WAN for private communication. I view it as a must have...