Archive for the ‘IPv6’ Category

An IPv6 MTU path discovery bug

Thursday, October 24th, 2013

While installing a new server last week, my (SSH / TCP) connection seemed to suffer from some sort of hanging; randomly. I tried to figure out what was going on and it didn’t take long to find… (more…)

IP addresses for your Hetzner machine

Wednesday, October 23rd, 2013

We lease a couple of machines at Hetzner.de and recently, I looked to improve my initial Easy Setup manual, so I could also use the IPv4 “main” address for a virtual machine. This leaves the main server (the “host”) without an IPv4 address. Please read below how to proceed. (more…)

Syslog-ng intrusion detection

Tuesday, August 27th, 2013

There seems to be a problem using the file() destination for /proc files in Linux. When implementing Securing Your Server With Syslog-NG you will run into it. Please read below.
(more…)

Securing your server with Syslog-ng

Sunday, February 20th, 2011

There are many programs that help you secure your servers. There are simple firewalling programs and there are complex network intrusion detection systems. Depending on your demands, there seems to be a solution for everyone. Unless you’re picky and you think you can do better – like I did, when I wrote my own combination of syslog-ng and Linux iptables, skipping the middle man.

August 2013 update. There seems to be a problem using the syslog-ng file() destination on /proc in Linux. See http://valentijn.sessink.nl/?p=458 for more information.

(more…)