| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
Since a few years ago, it is beginning to be very common to have hundreds of connection attempts to SSH port, trying common usernames and passwords.
This has several drawbacks: log files can be filled up, SSH service can be irresponsible and, what is worst, some of the attacks could be successful if one of your users has a weak password.
To prevent those attacks, you can use these simple iptables rules that forbid establishing more than 6 connections per minute from every IP:
iptables -N SSH_CHECK iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK iptables -A SSH_CHECK -m recent --set --name SSH iptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 6 --name SSH -j DROP
I have just finished a quick pop-before-smtp implementation in C... I needed it in a hurry, to make my brother able to send e-mails from his laptop (with Win*!) from everywhere without having to change the configuration, and without having an open relay :-)
It is basically a quick-and-dirty hack: it execs "tail -f /var/log/syslog" to see which lines from the logs come from the POP server I am using (teapop), it reads the IP address and stores it in a list, next to a timeout. When some IP in the list changes, it modifies the list of IP addresses that the SMTP server relays (in my case, I use qmail with tcpserver; therefore I exec "tcprules").
Many weeks after its launch, I finally managed to make someone
invite me to an account in gmail.
Marielle Fois was the one who sent the invitation to me. Thank you, Marielle :-)
I spent most of the day redesigning and writting my new home page.
It is XHTML 1.1 Strict compliant and CSS compliant, and it is finally integrating my (several) other pages, such as my pictures page and my blog (yes, *this* blog ;-)), but it isn't quite finished yet.
A few hours ago, Amaya invited me to join a new "online community" called orkut. I did it, and I must say that it is very interesting. It has a lot of members and it is growing at a very impressive rate. If you still don't know what I am talking about, ask me or find someone else who is already an orkut member; there is currently no way to join the community without being invited from someone inside it.
If you are inside orkut, this is a link to my profile.