amuck-landowner

Search results

  1. howardsl2

    Securing Your Server using IPset and Dynamic Blocklists

    Hello beast5, I have used the approach on CentOS 6.5, Ubuntu 14.04 and 12.04 LTS without any problem. May also work on Debian. No I have not yet tested it on a big server with a lot of traffic, although my guess is that it can scale well. Someone had done some experiments on this. Please see...
  2. howardsl2

    Securing Your Server using IPset and Dynamic Blocklists

    As a dedicated server or Virtual Private Server (VPS) owner, one of the important tasks is to defend against online attacks. In this tutorial I will discuss how to use IPset with dynamic blocklists to better secure your server. IP sets are a framework inside the Linux kernel, administered by the...
  3. howardsl2

    Congratulations Nikki, wlanboy and peterw!

    Congratulations to all of the winners! And a sincere thank you to the members who voted for me. I am glad that those tutorials were helpful.
  4. howardsl2

    VPS failover?

    You need cloudflare, and a third server with the program "monit" to monitor the two servers. See details here: http://blog.booru.org/?p=12
  5. howardsl2

    [Tutorial] Install Ghost 0.4.2 with Nginx and ModSecurity on Ubuntu 14.04 (Trusty)

    I have just updated my tutorial on how to install Ghost blog 0.4.2 on Ubuntu 14.04 (Trusty) or 12.04 (Precise), with Nginx as a reverse proxy and the ModSecurity web application firewall. The following extra topics are also covered (via links to original posts where appropriate): Example...
  6. howardsl2

    VoIP and Phone Numbers

    Now I understand your question better... In that case you can create one Asterisk extension for each of your frequent contacts, no phone number is required and all calls between these will be free. That's what I do for my family. For example, create extension 101 for yourself and 102 for your...
  7. howardsl2

    VoIP and Phone Numbers

    I'd say use PBX in a Flash (Asterisk+FreePBX+Extras), follow guide in my signature to install on your VPS. For getting a DID phone number you can use Anveo (or Anveo Direct, may be cheaper). They support SMS. And for Android VoIP client try Zoiper. It works great for me and they recently added...
  8. howardsl2

    $200 if somebody can solve this IP problem.

    So many experts on servers and networking in this forum. Very impressed indeed.
  9. howardsl2

    What do you use your servers for?

    I maintain a personal PBX server for my family to make free or very cheap VoIP calls - see tutorial in my signature. (You may have seen my response at LET... Reposting it here.)
  10. howardsl2

    Might wanna recompile or patch that OpenSSL, buddy (4/7/2014)

    Related new announcement - http://seclists.org/bugtraq/2014/Apr/34 Quoted from link: "In case of doubt a full system restart is recommended."
  11. howardsl2

    Might wanna recompile or patch that OpenSSL, buddy (4/7/2014)

    Relevant changelog for Ubuntu openssl package: https://launchpad.net/ubuntu/+source/openssl/+changelog Run "apt-get update; apt-get upgrade" to see other software that have been updated in the Ubuntu repos. Before doing that, make sure you have "deb http://security.ubuntu.com/ubuntu ... " in...
  12. howardsl2

    Synchronised Home Directory / Workspace

    Have a look at my SSHFS tutorial for CentOS and Ubuntu (using FUSE). It is quick and easy. https://blog.ls20.com/using-sshfs-to-share-folders-between-your-servers/
  13. howardsl2

    IPTables GeoIP, Port Scan Detection and Port Knocking using xtables-addons

    CORRECTION: It seems that xtables-addons (version 1.47.1) does not compile on the latest CentOS 6.5 kernel. There is a workaround as stated in this comment. Basically, that commenter says you need to do the following: Edit file /lib/modules/your_kernel_version/build/include/linux/autoconf.h...
  14. howardsl2

    Yet another scan for open relays

    Yes I have seen the exact thing on my servers. Let me show you what I did to stop this. I noticed that this particular scanner always start with "EHLO 192.168.2.33". So I implemented these: iptables -t raw -A PREROUTING -i eth+ -p tcp --dport 25 -m string --string "192.168.2.33" --algo bm -m...
  15. howardsl2

    What cool and useful things would you do with your Windows VPS?

    If you only run Linux at home, you can use that idle Windows VPS to remotely run some windows-only software, such as minesweeper and 3d pinball space cadet.
  16. howardsl2

    IPTables GeoIP, Port Scan Detection and Port Knocking using xtables-addons

    Thank you for pointing that out. It is indeed less secure to run SSH on a port >= 1024. I've just found this answer on serverfault that confirms your point. With that said, if we choose a port < 1024, combined with the IPTables "psd" module, we can still make the port scanning difficult.
  17. howardsl2

    IPTables GeoIP, Port Scan Detection and Port Knocking using xtables-addons

    CORRECTION: For Ubuntu, you can use the commands below to install packages required for compiling "xtables-addons":     apt-get update     apt-get install libtext-csv-xs-perl linux-headers-`uname -r` \             iptables-dev xz-utils build-essential automake unzip zip  
  18. howardsl2

    IPTables GeoIP, Port Scan Detection and Port Knocking using xtables-addons

    A quick tutorial on how to enable extra IPTables functionality such as geoip, port scan detection, port knocking and "tarpit" using the "xtables-addons" package. Full list of available modules can be found here. Note 1: Does NOT work on OpenVZ VPS (unless the host node provides the modules).  ...
  19. howardsl2

    Fully Automated IPsec/L2TP VPN Setup with Libreswan

    Just want to make a correction to my previous post regarding IPsec/L2TP VPN behind NAT and Windows users. Someone reminded me yesterday that different registry changes are needed for XP users, and for those running later versions. For XP users, see: http://support.microsoft.com/kb/885407     ...
Top
amuck-landowner