As anyone knows who has ever administered a server that is exposed to the web the Internet is a hostile place. Our servers are continually bombarded with a never ending stream of attempts to guess user ids and passwords. The source is from countless botnets and is constantly changing. I’ve tried a number of approaches to counter these attacks and I think I have come up with a solution that seems to be working.Continue reading “Blocking dictionary attacks with an adaptive iptables firewall. (CentOS)”
Recently our email servers have come under sustained brute force attacks by script kiddies doing dictionary attacks. These go on for 24 hours a day from a variety of sources including pools of IP addresses that alternate probes from a common dictionary. These were flooding the maillog with authentication errors at a rate in excess of one every 10 seconds or so.
Iptables in the Linux network stack has the ability to look inside of a packet and match a string. We’ll use that feature to pick out authentication errors on the outbound side in order to block them on the inbound side.Continue reading “Blocking SMTP brute force attacks with iptables on CentOS”
Windows Server Backup does a reasonably good job of backing up a Microsoft Server. But like any backup it’s good to have some sort of notification about the success or failure of the backup. I first started to use it with SBS Server 2011 and as part of that bundle the server emails a daily report summarizing the health of the server. When we virtualized and moved a number of SBS servers over to Hyper-V hosts the backup chore moved to the host machine. The summaries still arrived but the backup status was no longer part of it. Besides, it would be nice to be able to see in the subject of the email the status of the backup and not have to open the email if all is good.Continue reading “Windows Server Backup – Email backup status notifications”