Those of you who have NetFlix, I’d like to recommend a film there called “Terms and Conditions May Apply“. It’s a very excellent documentary regarding privacy and the lack thereof.
I am experimenting with RoundCube as a possible replacement for SquirrelMail. The reason for considering an alternative is primarily the need to provide a mail client that is responsive, that is that adapts to the display and device that it’s being used with. SquirrelMail is good for desktops but not so good for tablets and smartphones.
Just after midnight tonight I will be rebooting first the main file server which will make everything that depends upon files halt for several minutes. Then I will be rebooting other servers. This is to make recent updates to glibc take effect.
Since putting fail2ban in place, nearly all of the brute force password attacks have been out of China, a handful from Viet Nam.
Hi, The IP 220.127.116.11 has just been banned by Fail2Ban after 5 attempts against SSH. Here are more information about 18.104.22.168: [Querying whois.apnic.net] [whois.apnic.net] % [whois.apnic.net] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html % Information related to '22.214.171.124 - 126.96.36.199' inetnum: 188.8.131.52 - 184.108.40.206 netname: CHINANET-JS descr: CHINANET jiangsu province network descr: China Telecom descr: A12,Xin-Jie-Kou-Wai Street descr: Beijing 100088 country: CN admin-c: CH93-AP tech-c: CJ186-AP mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-JS mnt-routes: MAINT-CHINANET-JS remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+ remarks: This object can only be updated by APNIC hostmasters. remarks: To update this object, please contact APNIC remarks: hostmasters and include your organisation's account remarks: name in the subject line. remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+ status: ALLOCATED PORTABLE changed: email@example.com 20050624 source: APNIC role: CHINANET JIANGSU address: 260 Zhongyang Road,Nanjing 210037 country: CN phone: +86-25-86588231 phone: +86-25-86588745 fax-no: +86-25-86588104 e-mail: firstname.lastname@example.org remarks: send anti-spam reports to email@example.com remarks: send abuse reports to firstname.lastname@example.org remarks: times in GMT+8 admin-c: CH360-AP tech-c: CS306-AP tech-c: CN142-AP nic-hdl: CJ186-AP remarks: www.jsinfo.net notify: email@example.com mnt-by: MAINT-CHINANET-JS changed: firstname.lastname@example.org 20090831 changed: email@example.com 20090831 changed: firstname.lastname@example.org 20090901 source: APNIC changed: email@example.com 20111114 person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: firstname.lastname@example.org address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN changed: email@example.com 20070416 changed: firstname.lastname@example.org 20140227 mnt-by: MAINT-CHINANET source: APNIC % This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1) Regards, Fail2Ban
I will be rebooting various servers tonight in order to switch NFS back to version 4 which now appears to be fixed in CentOS 6.5.
NFS version 4 supports mandatory locking, provides better overall performance, and can mutually co-exist with firewalls allowing for greater system security.
Clam-AV has been updated on all servers and the queues flushed so mail is no longer backed up in queue with the exception of mail destined to sites that are currently down.
There is a new virus propagating that until just now, clam-av was unaware of, and as a result there may be copies in your INBOX.
If you have an e-mail with an attachment eskimo.com.zip, DO NOT OPEN THE ZIP ATTACHMENT.
Two of three servers now have updated clam-AV database and will no longer accept this virus but I am having problems with a third server that is so choked with viruses I can’t get command line responses to update clam-AV.
This has caused outgoing mail to get stuck in queue, presently the two servers that are working are cleared and I am working on getting this one to update and clear itself.
Tonight’s maintenance work is done. Tomorrow I will be taking down Debian and UUCP as well as a number of servers that are replicated and thus won’t affect service. Other than Debian and UUCP, all of the service affecting work is done for the night.
I will be rebooting and taking machines down for imaging tonight shortly after midnight. I should be finished by approximately 2AM.
This is necessary to install kernel upgrades that fix a possible privilege escalation exploit in the kernel as well as to image the machines after adding fail2ban so that if a restoration is necessary at some point, that will get included in the restoration.
In short, these outages will enable us to make some improvements in site security as well as to backup some recently put in place.