Feed on
Posts
Comments

Category Archive for 'Technical'

Named pipes

Trivial to create: [email protected][~]$ mkfifo pipe1 [email protected][~]$ ls -l pipe1 prw-r–r– 1 ahoward ahoward 0 May 19 22:16 pipe1 [email protected][~]$   A bit trickier to use: [email protected][~]$ echo test > pipe1 (hangs…) ^C [email protected][~]$ cat pipe1 (also hangs…)   Any attempt to read or write from the pipe hangs. The problem here is that a […]

Read Full Post »

IPtables and NAT

By default, a linux machine will drop traffic that’s not destined for an IP bound locally. If you’re planning on receiving traffic not ultimately destined for you (ie: you’re behaving as a router along the path to the ultimate destination), then you’ll need to flip a couple flags in /etc/sysctl.conf to allow traffic forwarding: net.ipv4.ip_forward […]

Read Full Post »

Sender verification callouts

Here’s how a sender verification callout works. Let’s say I’m an innocent mail server, and some jerk is trying to send me a message. There’s a very strict procedure for how mail servers talk to each other. Here’s an example, with the sender’s (1.1.1.1) stuff in red, the receiver’s (2.2.2.2) stuff in blue, and an […]

Read Full Post »

How do I DNS?

Buy a domain.Any registrar will do. If someone else is going to host the DNS for your domain, skip to step 4. Otherwise, continue from here. The next few steps are how you make sure the registrar knows your server exists as a nameserver. Until the registrar is aware of your server’s existence, no domains […]

Read Full Post »

Reverse DNS

Despite the fact that it’s really not all that difficult, no one understands DNS. As such, it’s probably a good thing that you don’t need to understand DNS to properly configure reverse DNS for your server. So you’ve got a server up on an IP (1.2.3.4, for example) and now you need to set reverse […]

Read Full Post »

Windows tmpwatch

A lot of Windows services love to create log files (IIS for example), but when it comes to log rotation in Windows, the functionality is glaringly absent. In linux it’s as easy as “tmpwatch –mtime 24”. In Windows there actually is a solution, but it’s a bit more complicated. For Windows 2000 you’ll need to […]

Read Full Post »

Sending mail within bash

If you have a mail server installed it’s pretty easy. Every mail server is going to provide a sendmail binary, so that’s what we’ll use. The bare minimum is as follows: sendmail -t <<EOF To: [email protected] Subject: Test Body . EOF That’s probably not going to reach the destination, however. The problem with this is […]

Read Full Post »

IP blacklist on linux

My last post described in detail the steps to effectively block all network traffic from an attacking IP. Here’s how to block an IP in linux: iptables -A INPUT -s IP-To-Block -j DROP iptables -A INPUT -d IP-To-Block -j DROP Of course, that takes advantage of the built-in linux firewall. We didn’t use the built-in […]

Read Full Post »

IP blacklist on Windows

There’s probably a better way to do this – if you know of one, please comment on this post. I have a pretty high opinion of myself, but I’m not so stubborn as to think I already know the best way to do everything. Firewall options for a Windows server are kind of sparse. I’ve […]

Read Full Post »

Bash hot-keys 1

Granted, some of these are probably SSH or Putty hot-keys. I’m not certain there’s going to be a “Bash hot-keys 2” post, but there are probably plenty of combinations I’ve forgotten or have yet to learn, so we’ll call this post part 1, and there will most likely be more. ctrl+l That’s a lowercase L. […]

Read Full Post »