In a few days I will start providing this site via an IPv6 address (normal IPv4 support will stay in place, of course). If you should experience problems accessing my blog, please drop me a mail.
Archive for the ‘Network’ Category
Enabling IPv6 for This Site
Thursday, December 17th, 2009Speedport Routers Eat Your DNS SOA Requests in Modem-Mode
Wednesday, November 25th, 2009Some years ago I switched to using a Speedport W701V from Deutsche Telekom on my ADSL line at home. I set it up in modem-mode and let a small Linux box handle everything else. This setup had worked fine with other modems but shortly after switching to the Speedport I noticed that my local caching [...]
cyrus_sasl patch for Exim 4
Tuesday, March 22nd, 2005The Exim 4 source code supports authentication with SASL since version 4.43. Debian started enabling this feature in exim4_4.50-2. After I’ve had upgraded to that version and replaced my saslauthd authenticators with brand-new cyrus_sasl authenticators, I’ve noticed that auth.log got flooded with entries like ‘exim4: OTP unavailable because can’t read/write key database /etc/opiekeys: No such [...]
Exim 4 and Dynamic IP-Addresses
Saturday, February 26th, 2005I’ve recently changed my network connection at home to a provider which assigns dynamic addresses. Exim always provided a broken HELO/EHLO name to my smarthost since then because my externally visible hostname changes each time I connect. I’m now using Exim’s Perl interface to lookup the assigned hostname when connecting my smarthost: /etc/exim4/exim.pl: Don’t forget [...]
Mitigating SSH Brute Force Attacks with ipt_recent
Friday, February 18th, 2005As my SSH server only accepts public key based authentication, I’m not really worried about brute force password attacks. But these scans tend to clobber my auth.log. So after some discussion with Andrew Pollock, I’ve written a few custom actions for my shorewall setup. They use the ipt_recent module which allows to track seen IP [...]
