Setting Up An iptables Firewall: Part 3

In Part 1, we created a very basic firewall setup that only allowed traffic to the services our server actually provides. In Part 2, we took it up a notch by proactively blocking traffic that had no business reaching our server in the first place. Now, we’re going to augment our configuration to be even more proactive, introducing the limit module to slow down potential attackers. Continue reading

Posted in How-to | Tagged , , , , , | Leave a comment

Setting Up An iptables Firewall: Part 2

In Part 1 of this series, we set up a very basic firewall that essentially just restricts what ports we can connect to without doing much else to defend our server. In this part, we’re going to build from there and add additional restrictions to block a substantial portion of potentially malicious traffic that simply has no business being on the internet at all. Continue reading

Posted in How-to | Tagged , , , , , | Leave a comment

Setting Up An iptables Firewall: Part 1

This is the first in a series of blog posts that will walk you through how to set up a secure firewall to help protect your internet-facing Linux machines. All you have to know to be able to follow along is how to log into your machine and run command line programs, including how to use sudo; everything else we do will be explained along the way. Continue reading

Posted in How-to | Tagged , , , , , | Leave a comment

Blocking httpoxy Requests In nginx

With the httpoxy vulnerability making headlines in the security circles right now, I decided to get more aggressive in guarding my own sites against it, specifically by outright blocking any such requests. Turns out, it’s not hard to do at all! Continue reading

Posted in Security | Tagged , , , , | Leave a comment

Using a Raspberry Pi as a Network Gateway

The Raspberry Pi is an amazing little piece of hardware, an entire computer in a form factor not much larger than your wallet. While not boasting specs to make it the envy of your household, it is nonetheless quite the capable little device, and with just a couple of simple accessories you can even use it to run your entire home network!

I’ve done precisely that, and in this lengthy, record-setting post, I’m going to share precisely how I turned a Raspberry Pi B+, with nothing more than a power supply and USB-to-Ethernet adapter, into the “Command & Control” center of my entire home network. Continue reading

Posted in How-to | Tagged , , , , , , | Leave a comment

Exchange 2013 CU9: KB3087126 won’t install?

Microsoft has released update KB3087126 to address some important security flaws in OWA. Upon installing this update into my Exchange 2013 CU9 environment, however, I encountered some significant problems that left some of my servers in a completely non-working state! Continue reading

Posted in How-to | Tagged , , , | 4 Comments

PyPi Doesn’t Like Your Markdown

I’ve been putting all my projects onto GitHub, and as part of that I’ve gotten used to using (GitHub-flavored) Markdown to produce my README files. And it was good!

Now I have a project that I’m getting ready to publish to PyPi. Which is a great service, but it comes with a significant handicap: Your documentation needs to be in reStructuredText. Continue reading

Posted in How-to | Tagged , , | 1 Comment

“Grow a pair” isn’t sexist — it’s stupid

The phrase “grow a pair” (of testes) is a common one, usually used to mean that one needs to toughen up in the face of some minor adversity. “What if I ask her out and she rejects me?” “Grow a pair, man!” Because of the overt link to male genitalia, it is often claimed that this phrase is sexist, with the go-to argument being that it implies that only men can be tough, and for a woman to be tough she has to — if you’ll pardon the mixed metaphor — “man up”.

But that’s wrong. Because the phrase is not sexist — it’s just stupid. Continue reading

Posted in Random | Tagged , | 1 Comment

Creating a DAG in Exchange 2013 on Server 2012 R2

If you try and create a Database Availability Group using the EAC — and hope to use that new-fangled feature of creating one without an IP address — you will fail, and neither Microsoft’s documentation nor any of the myriad TechNet blogs will help you one whit.

Worse, your entire AD structure will be in such a state that manual intervention and cleanup of the garbage Exchange created will be necessary — but, again, no one will bother to tell you that! Continue reading

Posted in How-to | Tagged , , , , , | 4 Comments

Install Dropbox on Ubuntu Server 12.04 LTS

I love Dropbox. I’ve previously posted about how it can be used to help back up your files. But what about backing up Dropbox itself?

Well, since I happen to have a file server running automated backups, I decided I wanted my Dropbox files backed up on it as well. Unfortunately, setting that up wasn’t as easy as it should have been… Continue reading

Posted in How-to | Tagged , , , | 1 Comment