On Irresponsible ISPs
This month David covers everything from spam to calculating your body mass.
by David A. Bandel
Just thought I'd touch on a subject near and dear to my heart this month: irresponsible ISPs—seems there's a number of them out there. I see them every day in my server logs and e-mail. Not long ago, with the court case in Australia, I found it necessary to remove my RBL entry in sendmail—a mistake. I generally receive around 200 e-mails per day. After removing the RBL entry, I received so many spams it drowned my e-mail. I had a choice: delete everything or waste all day deleting spam as I replied to the few legitimate e-mails I received. So if any of you have e-mailed me and not received a reply, try again. I'm methodically blocking the IPs of every spam I receive. I've already blocked 90% of Korea and Japan. I also have had to block what I understand is 80% of Germany, but for another reason: massive attacks on my servers by script kiddies and the intransigence of <@url>t-online.net (<@url>t-online.de) to do anything about them. I'm getting ready to do the same to wanadoo.fr. I almost blocked sympatico.ca, but when I told them I was about to block them, they took action. It shouldn't have to be this way. If I had time, I'd put up an SQL server with a list of IPs/IP blocks/domains that condone criminal behavior (spam relays and attacks on servers). Both steal resources that I (and you) pay for. Don't expect legislation to help until lawmakers begin to depend on e-mail and are buried in spam. Until then, my blocked list grows by the day. Too bad for legitimate users.
For those of you firewall buffs out there, this utility should interest you. The biggest problem with using it is that it requires you to compile iptables with Rusty Russell's patch-o-matic because according to the documentation, the iptables NETLINK target is forever consigned to experimental status. You'll need the kernel netlink device module also. After that, you can craft a nonterminating rule for any filter table chain with the target -j NETLINK. Then run fwmon. Watching packets flow on the screen is amazing. And because it writes to stdout, you can pipe it to any program for almost any purpose. Requires: iptables w/NETLINK, kernel compiled with NETLINK device, glibc.
This utility will do connection monitoring similar to netwatch. However, with a kernel patch, you can have statistical tracking (bandwidth usage) monitoring with it. ConnMon uses the adns package, which is an extremely fast set of asynchronous resolver libraries and tools. Requires: libadns, libncurses, glibc.
If you want to know your body mass index, this little utility will calculate it for you. If you're used to the US standards of height and weight in feet and inches and pounds, you'll want to make sure you have the units utility to convert. I'd note that this is body mass (not body fat) because it doesn't take into account muscle mass (which is denser) vs. fat. So you'll need a little more information than simply the numbers presented, but if you know what your target body mass index is, this can help you monitor your results. Requires: libstdc++, libm, glibc.
For those of you who remember (and perhaps even used) ROT-13, and noticed that it's missing from most, if not all modern distros, Rotix will make a nice replacement. By default, Rotix performs rot-13 rotation but can be told to perform other rotations as well. Based on some of the mailing-list postings I've seen, Rotix would be a good addition to the repertoire of a number of posters. Requires: glibc.
Noguska On-Line Accounting System nola.noguska.com
Calcoo is a very easy-to-read and use scientific calculator. You also can choose between standard and RPN (reverse polish notation) for doing the calculations. About the only thing this calculator lacks is the ability to switch from decimal to hex to octal to binary. Requires: libgtk, libgdk, libgmodule, libglib, libdl, libXext, libX11, libm, glibc.
Ministry of Truth mot.sourceforge.net
I looked at several apps from three years ago, and while some of you may have liked GABY or Gentoo better, this is my pick. I can't say that it's changed a lot, but then, I didn't see a need for it to change. I continue to use this little jewel. What more needs be said? Track hardware, software, users and jobs. While it appears to be in maintainer mode, it works and works well. Requires: Apache, PHP, MySQL. Until next month.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- The Humble Hacker?
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- ACI Worldwide's UP Retail Payments
- Canonical and BQ's Aquaris M10 Ubuntu Edition Tablet
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide