Hi All,
I received several ssh attacks over the past week, and wonder how, if at all, to
deal with them.
Are they just script kiddies?
One address resolves to 'server.pamperedpawsdogboutique.com', a domain
registered with godaddy. Do I contact godaddy? This attack did not start until
7pm on a Friday...
I might create a blacklist of IP addresses... for example, to filter
/var/log/auth.log into /etc/hosts.deny... (but that might grow too large)
Or if I have confidence that my passwords are secure, do I simply ignore them as
a fact of life?
My aim here is to do productive work, not to fart around with nuisances.
Any help appreciated!
Cheers,
Max
Further to my earlier question today I have a netbook which connects over
wireless to a pptp vpn on my vps's 3rd IP. When I try to connect to apache
running on my vps's first IP address rather than appearing to come from my
vps's 3rd IP it instead comes from the netbook's 'local' address. (Numbers
below if this is not clear).
It would appear that in order to get this working how I want that I need to
tell SNAT to use eth? rather than eth?:?. Am I missing something or do I
need to ask Andy about linking that IP to a second virtual NIC.
It works just fine for IPs not on my VPS so I think I'm missing something o
tell ubuntu not to try being efficient (ie only use 192.168.254.x when I
enter a 192.168.254.0 destination address).
Netbook:
WLAN IP: x.x.x.x
IP on VPN: 192.168.254.x
VPS:
Apache runs on y.y.y.73
VPN runs on y.y.y.75
Running a simple CGI to report the remote IP (from apache's perspective)
reports 192.168.254.x where I'm after it being y.y.y.75
--
Robert Gauld
http://www.robertgauld.co.uk
You will need to use the vpn endpoint address, essentially one that is dedicated to the vpn anyway.
Routing can.only be done per ip so.you can't add a route over the vpn.
If you don't want to have to enter another address, you could probably proxy it locally and send over the vpn to it's internal address.
--
Dee Earley
----- Reply message -----
From: "Robert Gauld" <robert(a)robertgauld.co.uk>
Date: Thu, Oct 7, 2010 09:18
Subject: [bitfolk] HTTP via PPTP to same host
To: "Bitfolk Users List" <users(a)lists.bitfolk.com>
What I would like to do is route all traffic via a VPN connection, even that
which is destined for my vps (except of course the actual vpn connection).
How can I do this.
My setup:
Netbook (Ubuntu 10,04)
connects via a WLAN to
VPS (Ubuntu 10.04 via a PPTP VPN)
and then onto the rest of the internet.
Browsing (either http or https) to any other site works fine. However trying
to connect to my vps (using http or https) results in connection timed out -
the WLAN firewalls ports 80 and 443 to force use of a proxy.
Is there a way to do this (ie all traffic except the PPTP connection goes
through the PPTP connection) by tweaking the config at one end or the other,
or do I have to essentially have an IP address dedicated to the VPN?
--
Robert Gauld
http://www.robertgauld.co.uk
Hello,
A wiki is now available at:
https://tools.bitfolk.com/wiki/
At the moment, only logged in users may create or edit articles -
log in with your usual BitFolk credentials (the same ones you use to
log in to https://panel.bitfolk.com, Cacti, Nagios. etc.). We'll see
how it goes on that setting for a while.
I am probably going to move some of the pages on http://bitfolk.com/
over to the wiki in the near future, and if that's all that happens
then so be it. A customer wiki was far and away the most-wanted
feature on the tracker though (http://is.gd/fL41D), so I hope you
will make some use of it. :)
I have also been doing some work on the next issue down, the reverse
DNS editing, and hope to be able to have something to show for it
this week.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Hi All,
I'm puzzled, and hope you all can help - the machine is almost ready, so I'll
stop bothering you soon, promise!
So I seem to have set up my bind9 and sendmail software.
% host -a exoco.net
% dig +short -t mx exoco.net @212.13.195.120
% nslookup exoco.net
all work fine.
% telnet exoco.net 587
does too.
Why does
% telnet exoco.net 25
from an external machine not work (it hangs), while it does function at the
local?
What am I missing??
TIA,
Max
Hi All,
well, I found some errors in my reverse DNS zone file, which is appended. I'm
certain not to have eliminated all of them, so if anyone has comments, I'd be
glad to receive them.
This file resides in </etc/bind/zones/master/212.13.195.rev>.
TIA,
Max
$TTL 1d ;
$ORIGIN 195.13.212.IN-ADDR.ARPA.
@ IN SOA ns.exoco.net. admin.exoco.net. (
2007011501
7200
120
2419200
604800
)
IN NS ns.exoco.net.
; IN NS ns2.exoco.net.
1 IN PTR ns.exoco.net.
;2 IN PTR ns2.exoco.net.
I've posted a suggestion in the issue tracker to allow nagios to monitor
both the used bandwidth and the usage of backup space. If like me you'd like
to check everything on one page rather than having to login to both nagios
and the panel then please take the time to vote it up so that Andy can tell
how many people would like it.
https://tools.bitfolk.com/redmine/issues/41
--
Robert Gauld
http://www.robertgauld.co.uk
Hi
I have a functional mail server on my new VPS.
Now I want to propagate mydomainname.com to email servers through the MX record,
so that people can find 'me(a)mydomainname.com'.
The domain registry has default values of 'mailstore1.secureserver.net' and
'smtp.secureserver.net'.
I would like them to point at my VPS, but am unaware of the correct strings,
which would replace 'mailstore1...' and 'smtp...' above..
I would also like to minimise my sysadmin time, and so would like to avoid to be
forced to use bind etc on my VPS.
Can anyone help? TIA.
Cheers,
Max