Having an Open DNS resolver (that’s recursive) out there on the internet is a bad thing. Many of you are using DNSMasq as a client-side cache, but the recursion issue effectively turns your machine into a security threat. (Like having an open mail-relay). So here’s how to fix it quickly for your openvpn servers. All(…)
In my infinite wisdom, I decided to backup my Mailserver which is an Instance Store based AMI. It should have been a completely straight-forward task, but the reality is, nothing ever is. Somewhere along the EC2-Bundle-Vol process, the rsync process decided to go into uninterruptible sleep. Ahh the fun of EC2! rsync to the loopback(…)
Well, it would seem that ClamAV has a wonderful Milter feature. How good is it? Exceptionally good. How much of a pain in the ass is it? Well, If you have to ask, you haven’t installed it. Here are some gotchas and how to solve them. SSN Heuristics: This is very Valuable, but leads to(…)
You have an Asterisk server and it probably isn’t secured properly. Here is how to do it using iptables. These commands don’t address SIP rtp ports, because we don’t need to worry about them. RTP traffic is dependent on SIP signaling to make it work. If we can’t get the SIP signaling messages, asterisk doesn’t(…)
For the past few months, I’ve been experimenting with Fail2ban and SPAM filtering with Postfix. I thought I’d write an update with some preliminary results. They’re pretty impressive and I would have to say it’s been quite a success. I’ve tuned the filters to the point where I have very few false positives (less than(…)
Problem: You have multiple virtual named hosts in apache and when there’s a 404 or 403 error, it seems to redirect all your visitors to one particular virtual host. It’s annoying isn’t it? Of course, it’s not documented anywhere on how to fix the problem so I thought I’d share the solution. Solution and the(…)
