On Irresponsible ISPs
This month David covers everything from spam to calculating your body mass.
by David A. Bandel
Just thought I'd touch on a subject near and dear to my heart this month: irresponsible ISPs—seems there's a number of them out there. I see them every day in my server logs and e-mail. Not long ago, with the court case in Australia, I found it necessary to remove my RBL entry in sendmail—a mistake. I generally receive around 200 e-mails per day. After removing the RBL entry, I received so many spams it drowned my e-mail. I had a choice: delete everything or waste all day deleting spam as I replied to the few legitimate e-mails I received. So if any of you have e-mailed me and not received a reply, try again. I'm methodically blocking the IPs of every spam I receive. I've already blocked 90% of Korea and Japan. I also have had to block what I understand is 80% of Germany, but for another reason: massive attacks on my servers by script kiddies and the intransigence of <@url>t-online.net (<@url>t-online.de) to do anything about them. I'm getting ready to do the same to wanadoo.fr. I almost blocked sympatico.ca, but when I told them I was about to block them, they took action. It shouldn't have to be this way. If I had time, I'd put up an SQL server with a list of IPs/IP blocks/domains that condone criminal behavior (spam relays and attacks on servers). Both steal resources that I (and you) pay for. Don't expect legislation to help until lawmakers begin to depend on e-mail and are buried in spam. Until then, my blocked list grows by the day. Too bad for legitimate users.
For those of you firewall buffs out there, this utility should interest you. The biggest problem with using it is that it requires you to compile iptables with Rusty Russell's patch-o-matic because according to the documentation, the iptables NETLINK target is forever consigned to experimental status. You'll need the kernel netlink device module also. After that, you can craft a nonterminating rule for any filter table chain with the target -j NETLINK. Then run fwmon. Watching packets flow on the screen is amazing. And because it writes to stdout, you can pipe it to any program for almost any purpose. Requires: iptables w/NETLINK, kernel compiled with NETLINK device, glibc.
This utility will do connection monitoring similar to netwatch. However, with a kernel patch, you can have statistical tracking (bandwidth usage) monitoring with it. ConnMon uses the adns package, which is an extremely fast set of asynchronous resolver libraries and tools. Requires: libadns, libncurses, glibc.
If you want to know your body mass index, this little utility will calculate it for you. If you're used to the US standards of height and weight in feet and inches and pounds, you'll want to make sure you have the units utility to convert. I'd note that this is body mass (not body fat) because it doesn't take into account muscle mass (which is denser) vs. fat. So you'll need a little more information than simply the numbers presented, but if you know what your target body mass index is, this can help you monitor your results. Requires: libstdc++, libm, glibc.
For those of you who remember (and perhaps even used) ROT-13, and noticed that it's missing from most, if not all modern distros, Rotix will make a nice replacement. By default, Rotix performs rot-13 rotation but can be told to perform other rotations as well. Based on some of the mailing-list postings I've seen, Rotix would be a good addition to the repertoire of a number of posters. Requires: glibc.
Noguska On-Line Accounting System nola.noguska.com
Calcoo is a very easy-to-read and use scientific calculator. You also can choose between standard and RPN (reverse polish notation) for doing the calculations. About the only thing this calculator lacks is the ability to switch from decimal to hex to octal to binary. Requires: libgtk, libgdk, libgmodule, libglib, libdl, libXext, libX11, libm, glibc.
Ministry of Truth mot.sourceforge.net
I looked at several apps from three years ago, and while some of you may have liked GABY or Gentoo better, this is my pick. I can't say that it's changed a lot, but then, I didn't see a need for it to change. I continue to use this little jewel. What more needs be said? Track hardware, software, users and jobs. While it appears to be in maintainer mode, it works and works well. Requires: Apache, PHP, MySQL. Until next month.
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems
Join editor Bill Childers and Bit9's Paul Riegle on April 27 at 12pm Central to learn how to keep your Linux systems secure.
Free to Linux Journal readers.Register Now!
|diff -u: What's New in Kernel Development||Aug 20, 2014|
|Security Hardening with Ansible||Aug 18, 2014|
|Monitoring Android Traffic with Wireshark||Aug 14, 2014|
|IndieBox: for Gamers Who Miss Boxes!||Aug 13, 2014|
|Non-Linux FOSS: a Virtualized Cisco Infrastructure?||Aug 11, 2014|
|Linux Security Threats on the Rise||Aug 08, 2014|
- diff -u: What's New in Kernel Development
- Security Hardening with Ansible
- NSA: Linux Journal is an "extremist forum" and its readers get flagged for extra surveillance
- New Products
- Tech Tip: Really Simple HTTP Server with Python
- [<Megashare>] Watch Mrs Brown's Boys Movie Online Full Movie HD 2014
- Monitoring Android Traffic with Wireshark
- Returning Values from Bash Functions
- RSS Feeds
- Raspberry Pi: the Perfect Home Server