never try to help anyone, give advice, or lend them anything... just general rules I keep failing to live by and constantly regretting it.
/shortrant
Today is not a good day to be blacklisted
4 hours ago
Sunday, January 31, 2010
Gentoo Netbook
Since i've been asked by a few people, here are the configuration specs for Gentoo on the ASUS eeepc 1000HA netbook.
Desktop environment - Fluxbox
Browser - Midori
e-mail client - Sylpheed
Networking - command line only (wpa supplicant script)
-----------------------
Kernel: linux-x86-2.6.30-gentoo-r8
-----------------------
Kernel config --> http://7x7.us/UV9
Desktop environment - Fluxbox
Browser - Midori
e-mail client - Sylpheed
Networking - command line only (wpa supplicant script)
-----------------------
Kernel: linux-x86-2.6.30-gentoo-r8
-----------------------
#/etc/make.conf#
CFLAGS="-O2 -march=core2 -mtune=generic -fomit-frame-pointer -pipe"
CXXFLAGS="${CFLAGS}"
CHOST="i686-pc-linux-gnu"
REDUX="-abiword -ipv6 -gnome -kde -xfce -qt"
USE="X sqlite sqlite3 bash-completion alsa ssl mmx mmxext sse sse2 sse3 ssse3 fluxbox ${REDUX} mssql mysql snmp vnc gtk nessus samba svg gnutls hal acpi truetype vim-syntax spell jpg jpeg png"
LINGUAS="en"
INPUT_DEVICES="evdev keyboard mouse synaptics"
VIDEO_CARDS="intel i915"
FEATURES="ccache"
CCACHE_DIR="/var/tmp/ccache"
CCACHE_SIZE="4G"
GENTOO_MIRRORS="rsync://192.168.168.144:873"
source /usr/local/portage/layman/make.conf
-------------------------------------------------#/usr/local/portage/layman/make.conf#
PORTDIR_OVERLAY="
/usr/local/portage/layman/sunrise
/usr/local/portage/layman/pentoo
$PORTDIR_OVERLAY
"
-------------------------------------------------Kernel config --> http://7x7.us/UV9
Saturday, January 30, 2010
Iptables Blacklist
Randomly decided to check on my home server's logs and general status, I haven't been using it for much lately so its just been sitting there open to the world.. of-course with some basic security running on it.
694 ip addresses have been added to the blacklist since sometime last fall via customized portsentry and iptables, which is both awesome and a little crazy.
Essentially all traffic to my network hits this box first (Gentoo Linux built on an old dell server), and portsentry is running in paranoid mode with the following ports on alert:
and set to execute:
Whenever an outside system hits any of those ports for any reason (portsentry actually calls a script called banhammer.sh that contains that command along with a few other minor details). That iptables script adds the source IP address to the blacklist chain (which all input other than ssh is sent to), which in turn logs and drops any matched IP address attempting to connect.
So, 694 attempted unauthorized connections or portscans in the last few months, not one successful intrusion, I suppose that's not a bad record to have for a development box sitting in my living-room thats not really being used for much right now.
-------
Note: I dont use this setup for any production boxes, just for fun security metrics. In production i recommend a little linux security daemon called "fail2ban"... but that's another story.
694 ip addresses have been added to the blacklist since sometime last fall via customized portsentry and iptables, which is both awesome and a little crazy.
Essentially all traffic to my network hits this box first (Gentoo Linux built on an old dell server), and portsentry is running in paranoid mode with the following ports on alert:
TCP_PORTS="11,15,21,23,79,110,111,119,135,143,161,445,540,635,1080,1524,2000,2222,3306,3389,5742,6667,11698,12345,12346,20034,27665,31337,32771,32772,32773,32774,35175,40421,43966,48618,43548,49655,49724,50070,50344,54320"
UDP_PORTS="1,7,9,69,161,162,513,635,640,641,700,37444,34555,31335,32770,32771,32772,32773,32774,31337,54321"
and set to execute:
#iptables -A INPUT -s $1 -j BLACKLIST
Whenever an outside system hits any of those ports for any reason (portsentry actually calls a script called banhammer.sh that contains that command along with a few other minor details). That iptables script adds the source IP address to the blacklist chain (which all input other than ssh is sent to), which in turn logs and drops any matched IP address attempting to connect.
So, 694 attempted unauthorized connections or portscans in the last few months, not one successful intrusion, I suppose that's not a bad record to have for a development box sitting in my living-room thats not really being used for much right now.
-------
Note: I dont use this setup for any production boxes, just for fun security metrics. In production i recommend a little linux security daemon called "fail2ban"... but that's another story.
Friday, January 29, 2010
Linux OCD #1
The moment I heard about the Droid phone was the moment I decided I needed a smartphone and no other option had a chance, after all it was pretty, powerful, and ran Linux...
So for a few months I enjoyed playing with the phone as it came, enjoying all the fancy features and its open development marketplace, but of-course it was only a matter of time before it began to become too normal, and the few limitations in the device began to stand out more and more; It made me have the familiar urge to try a different distro.. (or just run gentoo).. but ofcourse its a phone, it will run android, not normal Linux distros (yet).
Then I stumbled across the Droid hackers... salvation.
Rooting, kernel modding, flashing new roms, changing app sets... Now i can obsess over customizing my phone just like I do with any other Linux system, which is what i've been doing for the last couple of days in my spare time. My Droid is now rooted, has an awesome backup system, its prettier, its overclocked with the kernel cpu scaling governor, uses different system apps, can tether...
obsessive compulsive system tweaking status: temporarily satisfied.
Links:
http://alldroid.org/viewtopic.php?f=210&t=1556 [SmokedGlass Rom, my current favorite of the available roms]
http://alldroid.org/viewtopic.php?f=210&t=792 [DroidRootHelper, everything made insanely easy, its in the app market]
So for a few months I enjoyed playing with the phone as it came, enjoying all the fancy features and its open development marketplace, but of-course it was only a matter of time before it began to become too normal, and the few limitations in the device began to stand out more and more; It made me have the familiar urge to try a different distro.. (or just run gentoo).. but ofcourse its a phone, it will run android, not normal Linux distros (yet).
Then I stumbled across the Droid hackers... salvation.
Rooting, kernel modding, flashing new roms, changing app sets... Now i can obsess over customizing my phone just like I do with any other Linux system, which is what i've been doing for the last couple of days in my spare time. My Droid is now rooted, has an awesome backup system, its prettier, its overclocked with the kernel cpu scaling governor, uses different system apps, can tether...
obsessive compulsive system tweaking status: temporarily satisfied.
Links:
http://alldroid.org/viewtopic.php?f=210&t=1556 [SmokedGlass Rom, my current favorite of the available roms]
http://alldroid.org/viewtopic.php?f=210&t=792 [DroidRootHelper, everything made insanely easy, its in the app market]
Thursday, January 28, 2010
blag
So, this being the first post it can not be useful or meaningful in any way, therefor the obligatory first post statement follows:
This will be a place for me to dump random info that pops into my head... mostly tech junk, but we'll see.
This will be a place for me to dump random info that pops into my head... mostly tech junk, but we'll see.
Subscribe to:
Posts (Atom)
