LinuxQuestions.org - Musings on technology, philosophy, and life in the corporate world

Hi. I'm jon.404, a Unix/Linux/Database/Openstack/Kubernetes Administrator, AWS/GCP/Azure Engineer, mathematics enthusiast, and amateur philosopher. This is where I rant about that which upsets me, laugh about that which amuses me, and jabber about that which holds my interest most: *nix.

Automated OpenBSD-STABLE build

Posted 10-08-2012 at 04:54 PM by rocket357 (Musings on technology, philosophy, and life in the corporate world)
Updated 10-08-2012 at 05:14 PM by rocket357 (refactoring?)

It's ugly. But it works.

Code:

#!/bin/sh

set -e

export LOGFILE=/var/log/build_stable.log
export ARCH=`machine`

# DEFAULT: BUILD -STABLE (UPGRADE TO LATEST -RELEASE FIRST!!)
export BUILDVER=OPENBSD_`uname -r | tr '.' '_'`

cat > ${LOGFILE} << EOF


STABLE BUILD - `date` - `uname -a`


EOF

echo "Updating Sources for ${BUILDVER}"

...

rocket357

Member

Posted in Uncategorized

Views 1438 Comments 0 rocket357 is offline

I am a networking idiot

Posted 10-01-2012 at 10:36 PM by rocket357 (Musings on technology, philosophy, and life in the corporate world)
Updated 10-02-2012 at 09:22 AM by rocket357

So a while back I got my hands on a Cisco 2948 for my home network. Sure, it's only 10/100. Sure, it's an older model. Sure, it's EOL.

But damn it's sexy in my livingroom...48 ports of Cisco goodness. Port security! VLANS! So much more than my other "dumb" switches! Imagine the possibilities! I set off flipping knobs and tweaking everything as tight as I can. Months of restful sleep ensue, with my world protected by pf and a locked down switch.

Then...

rocket357

Member

Posted in Uncategorized

Views 1450 Comments 0 rocket357 is offline

Auto-block ssh brute force attacks using built-in tools (OpenBSD and Linux)

Posted 08-30-2012 at 01:28 AM by rocket357 (Musings on technology, philosophy, and life in the corporate world)

I've run a cool trick for a while on my OpenBSD firewall at home, where traffic from any given ip address and port 22 on the firewall is rate limited. If an ip exceeds the given rate, it is put into a ban list (table, actually) that the firewall is configured to drop all traffic from. It works well, and the same functionality can be setup in Linux, too.

To set it up on OpenBSD (this is lifted verbatim from the OpenBSD website pf manual, hence port www instead of port ssh):
...

rocket357

Member

Posted in Uncategorized

Views 2046 Comments 0 rocket357 is offline

Boredom gets the best of me...twice.

Posted 08-22-2012 at 04:58 PM by rocket357 (Musings on technology, philosophy, and life in the corporate world)

Woke up this morning feeling a bit groggy. I'd stayed up entirely too late last night debating different human interactions with my wife and a friend of ours. People are not like computers. They are not predictable...at least, that's my story and I'm sticking to it.

I stumbled through my morning routine, wandered out to the kitchen to grab my lunch, threw the work laptop under my arm and walked out to the car. Bird poo on the driver's side window...again. Not just any bird poo,...

rocket357

Member

Posted in Uncategorized

Views 1549 Comments 2 rocket357 is offline

Ante up

Posted 07-04-2012 at 03:47 PM by rocket357 (Musings on technology, philosophy, and life in the corporate world)
Updated 07-04-2012 at 04:05 PM by rocket357

I used to work for a software/hosting company that half-a$$ed every expenditure they could. They put in a residential cooling unit in one of their datacenters because it was considerably cheaper than the industrial units, they ran all traffic over a single, flat network rather than spend the cash to build proper service/backup networks, they purchased Dell switches instead of Cisco switches, no bonding/teaming on production connections, etc...

During that time, I designed what I...

rocket357

Member

Posted in Uncategorized

Views 1411 Comments 0 rocket357 is offline

Page 24 of 38

« First

Last »