IPv6 route table limits under Linux
I have been experimenting with IPv6 addressing and routing under different Linux flavors. Addressing in LANs is quite easy with Auto/Zero-Conf, however for Auto/Zero-Conf you need to use /64 network, which could lead to memory exhaustion due to a Neighbor Discovery attack (I will write more on this later, so check below for related articles). [...]
Fixing xen-create-image for CentOS guests
I have been trying to install a para-virtualized CentOS guest on my Debian machine using Xen 3.2.1. The xen-create-image script comes with support for rinse, which in turn can install CentOS and Fedora. Unfortunately the list of packages installed during setup is incomplete.
IPv6 network conifguration on RedHat / CentOS
When I last used some RedHat operating system nobody ever mentioned IPv6, I cannot even remember that saw any of the configuration option mentioned in this article. So now I need to figure out how to have Xen configure IPv6 for my guest systems :-/
Getting back to RedHat style network configuration
It’s quite some years ago when I last used a RedHat style operating system, so I was happy that I found this article to remind me of some network configuration basics. Actually the syntax hasn’t really changed since RedHat 7, but I was using Debian based operating systems for the at least the last 5 [...]
Using vif-route with multiple IPs for a Xen domU
This article at ModernAdmin saved me alot of time. I was looking how to add multiple IPs to a Xen DomU in routed mode, this requires routes to be added on the Dom0. One way was to add multiple interfaces to the DomU, the other way is to add the addresses as aliases to an [...]
How To Solve DNS and EMail Validation Problems
This article was initially published by Mr Roger Buck on 01 Aug 2001. As the original URL http://www.saas.nsw.edu.au/solutions/dns.html does not provide the article anymore, I temporary provide the text here.
A archive version of this article is also available here.
Query the root servers via IPv6
I did some DNS debugging and noticed that my server wasn’t querying the root-servers via IPv6. I checked the root hint zone file delivered with my Bind9 binary package, the file was from 1998! So I downloaded the latest version from http://www.internic.net/zones/named.root. Of course IPv6 queries to the root-servers work like a charm now, however [...]
fail2ban another tool to stop brute force attacks
My colleague Ben at Datacenter Luxembourg has referred to another tool to reduce brute force attacks. The tool is called fail2ban.
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2ban [...]
