hacked

Hetzner Hacked!

I have been complaining about Hetzner regarding their retarded support system as well as their bandwidth and security issues. I remember once that when I asked for remote console they gave me another customer’s server. I could reboot it, mount my own ISO and change the root password. Now comes this: Dear Client At the …

ipv6

Tunneling IPv4 over IPv6 VPN

Tunnels are often used to encapsulate IPv6 traffic over IPv4 links. This time we are going to do the reverse. Imagine that you have native IPv6 on two endpoints. Behind those two endpoints you also have non routable IPv4 addresses. We are going to create a IPv6 tunnel for IPv4 traffic and we are going …

World_IPv6_launch

IPv6 Facts

The IPv6 world launch day has come and gone. But how ready are we for IPv6? According to google we are not that ready yet. The fact is that goolge is not fully ready either! Their ads do not display over an IPv6 only network. This post is the beginning of a series regarding a full dual stack implementation …

net-security

Securing hosts with PF

PF is OPENBSD’S default Packet filtering for TCP/IP packets and NAT. PF has been ported to FreeBSD and it is currently at version 4.5 on FreeBSD 9.0-RELEASE. Today, we will see how we can use PF to effectively secure a FreeBSD host on the Internet. Before we even start talking about PF, it is essential …

web-security

Securing web application servers

Contrary to popular belief, firewalls are useless when it comes to securing web applications. I used the general term firewall because most people in the IT field, generally relate to.  But the correct term would be network firewall and that’s the one I will use in this post from now on. A network firewall like …

computer-hackers

Monitor systems using Munin Part II

We saw earlier how easy it is to set up munin in FreeBSD. Now, what if a system that you wish to monitor is located somewhere beyond your firewall(s) perimeter ? You could install munin-node and let the whole world to grab your system statistics or become a victim of a future exploit! You could …