Archive for May 2009

Arch Linux Info Script

I wrote this script because I’m on so many different Arch machines, sometimes it’s hard to keep track :) Plus, it gives me a handy way to find all of my information I’m looking for with one simple command. It outputs something like this:
Continue reading ‘Arch Linux Info Script’ »

NEW ROUTER !!!!

Ok, FINALLY have a new router !

Things should be closer to normal again…. I hope.
New router is in place and functioning , woot !
Also, added in “Add to Any” Plugin :)
Ok, back to work for me.

Router died.

Looks like my expensive gigabit router bit the dust today….. NOT cool. :(

Ah well, such is life, I had it replaced once already, pretty sure it’s out of warranty now.

Anyway, an update on the blogs, everything is running. I have noticed

that the main page hangs when choosing a blog, unless I double click

it now. I’m guessing this has something to do with the the router being gone

and me being plugged directly into the modem instead of through a

router. I had to do some quick changes last night,

I may have to look at those settings again in the network configuration.

Double Clicking the blog, lets me in very fast, it’s weird…….

anyone else experiencing the same pain ?

Anyway, if things seem a bit weird, it’s probably the settings changes

and lack of a router…….sorry. I will probably get a new router

tonight.

This appears to be a case of nameserver resolution.

When the router failed, I ended up cycling the modem…..which gave me a new ip.

I changed all the dns stuff to point to the new domain.

This “could” be a case of the nameservers not catching up yet….but i

don’t think so, not positive about that.

If that “is” the case, it should clear up by itself in about 24 hours.

My resolv.conf file changed, which isn’t a good thing….. it may be

the root cause of this as well….

Anyway, have heard back from some of you, you have the same “double

click” issue I do…….. so at least I know I’m

not going crazy :)

Hopefully I can get this resolved soon, otherwise I will move it to a

virtual host somewhere , where I don’t have this routing issue.

Edit Figured it out finally……. was a routing table. Reset the route, rebooted the server and violia , it’s much more responsive now :)

dns entry creator – python3

This is a python application I made to create large dns entries that could be cut and pasted.
Eventually, I’d like to get this into a gui format, so I can use it in gui mode. It’s not finished,
just wanted to show the new plugin that was installed.
Thought it might be useful ;)
Continue reading ‘dns entry creator – python3’ »

ArchLinux.us Email

ArchLinux.us Email Sample

ArchLinux.us Email Sample

The Archlinux.us email now has themes available.

I don’t know which theme this is in particular, but it’s how I have my arch email setup to look.  One of the members made the Arch Linux logo transparent, it looks much nicer now with themes.
Continue reading ‘ArchLinux.us Email’ »

Blogs – Day 2

Finally getting used to some of the admin stuff, had a scare yesterday when I disabled the / account… yeah, that was stupid lol. ALL the blogs dissappeared, luckily I was still logged in, and the cookies held, used the firefox history to get back to the admin section and re-enable things…. that was close lol.

There was quite a bit of interest in the blogs in general, and we have about 20 users. Fixed a couple bugs, figured out avatars… so far so good, at least I didn’t blow it up yet lol. Users can of course export their blogs as an added protective measure against my screw ups. (Hey, this is why we test …)

So, for day #2, not to bad :D

Testing out new blog system.

Well, hopefully this works out the way I expect it too.

I now have a few guni….. err voluteers ;)

We will see how it goes from here.

To the volunteers, post comments HERE :)

Thanks again.

Crouse

Edit —– BUGS:

Fixed Import system.. edited php config file to allow ssl.

Fixed image path for logo on right. Wasn’t showing on article links.

Figured out the AVATAR thing :)

Sign up on gravatar.com … upload your avatar, based on your email ! :) Very cool.

enable gravatars in your SETTINGS > DISCUSSION at the bottom of your control panel.

My url was here: http://archlinux.me/crouse/wp-admin/options-discussion.php

Why you should change your ssh default port.

Wednesday, July 23, 2008
Why you should change your ssh default port.
Thought some of you might find this interesting. No one gets in, but it’s funny how just changing the port number on ssh will stop 99.99% of the stupid attacks (some random bot repeatedly attempting to gain access) . Several other things SHOULD be changed in the ssh config file also, not just the port number, but this one provides the most eye opening reasons to be secure.

Installed server on Jul 17th ….. less than 5 days later, well, you get the idea.
wtmp begins Thu Jul 17 21:57:08 2008

[root@VistaCrusher1 ~]# lastb | wc -l
25349

For the less command line oriented peeps, that means I had 25,349 attempts to breach my machine via the ssh login. Bad logins recorded, along with IP’s and other cool stuff.
Needless to say, I’ll go change that shortly, along with several other security precautions. I just wanted to see how many hits I’d get in 5 days. That, and I wanted to see who came back.

Imagine that…..

[root@VistaCrusher1 ~]# lastb | grep 125.164.202.240
clamav ssh:notty 125.164.202.240 Mon Jul 21 16:40 – 16:40 (00:00)
clamav ssh:notty 125.164.202.240 Mon Jul 21 16:39 – 16:39 (00:00)

Someone is STILL trying.

Here is a list of WHO tried.

[root@VistaCrusher1 ~]# lastb | awk ‘{print $3}’ | sort –unique

121.14.5.209
123.140.215.92
124.42.50.54
125.164.202.240
193.23.52.17
193.33.171.66
208.65.156.53
210.146.9.109
210.176.26.185
210.221.148.223
210.51.171.74
211.160.40.29
211.33.57.138
212.90.168.161
217.199.186.93
218.38.56.181
219.122.33.3
222.195.137.249
52.26.222.203.st
61.114.236.22
74.10.24.182
83.103.170.158
83.168.89.246
89.238.203.66
Sun
c-24-5-182-18.hs
mail.zdr.ru
mail3.gus.net
martinjajcaj.vps
mvx-200-201-183-
n220246012106.ne
security.isd.com
[root@VistaCrusher1 ~]#

As someone mentioned to me on the Archlinux forums, iptables can be used to help prevent this as well.

### START SECURITY RULES ###
# Don’t limit SSH from known addreses
# xxx.xxx.xxx.xxx
iptables -A forwarding_wan -p tcp –dport 22 -s xxx.xxx.xxx.xxx -j ACCEPT

# SSH rate limiting from unknown IP addresses
# Allow 2 chances in 10 minutes to connect, reject after that
iptables -A forwarding_wan -p tcp –dport 22 -m state –state NEW -m recent –set
iptables -A forwarding_wan -p tcp –dport 22 -m state –state NEW -m recent –update –seconds 600 –hitcount 3 -j DROP

Attempting to setup blog system

Welcome to Arch User Blogs. I have been attempting to setup a multi-user blogging system for Arch Users, this is test 1 ;)