How to Ban a country with iptables

Block a country with iptablesI’m stil lreceiving huge spam/unwanted traffic from russia.
I want to ban with iptables
I already tried to stop it using fail2ban but they continuosly change their IP Address so there is no repetitive behavior wich fail2ban can trace.
This means that even if i setup rules for fail2ban they can do the first connection anyway wasting a little of my server resources.
I want to stop it now, so i decided to do it the bad way:using iptables.
Continue reading “How to Ban a country with iptables”

Incoming search terms:

  • iptables mac osx block china ip (14)

[Solved] Apache2 access log browserToolbarGetData?v=2

Nagios3 as sentinel for your servers and clientsAs I wrote in a previous article, someone is buzzing my server with continuous requests for inexistent resources, just like /browserToolbarGetData?v=2. This could be related with a new ip address i just boght, i don’t know yet but there is no trace of this io address history, so i think i’m the first using it, so io’m prone to belive it is just a remote possibility… anyway let’s tale some countermeasures.
Continue reading “[Solved] Apache2 access log browserToolbarGetData?v=2”

Apache2 access.log problem mapi?query= cmd getCounters jsonPrefix _PHJSONPCallback_1046 &rnd=

fail2ban-in-action-for-wordpress-security-and-performancesThis webpage http://file.oboz.ua/files/vf4f51401192c57_20123223481.mail%5B1%5D is trying to make a fishing attack using this page to serve unprocessed html code in order to make something with user of mail.ru.
if you see a log entry like this:

37.147.118.211 - - [02/Jan/2013:08:53:31 +0000] "GET /mapi?query=%7B%22cmd%22%3A%22getCounters%22%2C%22jsonPrefix%22%3A%22__PHJSONPCallback_47%22%7D&rnd=1357116906112 HTTP/1.1" 403 507 "http://my.mail.ru/friends?" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.12 (KHTML, like Gecko) Maxthon/3.0 Chrome/18.0.966.0 Safari/535.12"

Continue reading “Apache2 access.log problem mapi?query= cmd getCounters jsonPrefix _PHJSONPCallback_1046 &rnd=”

Incoming search terms:

  • odnoklassniki ru/mapi?query={cmd:getcounters jsonprefix:__phjsonpcallback_2} (684)
  • odnoklassniki ru/mapi?query={cmd:getcounters} (258)
  • https://ok ru/mapi?query={\cmd\:\getCounters\} (24)
  • odnoklassniki ru/mapi?query={cmd:getCounters jsonPrefix:__PHJSONPCallback_3} (15)
  • odnoklassniki ru/mapi?query={cmd:getCounters jsonPrefix:__PHJSONPCallback_4} (10)

How to install and configure Nagios3 webadmin on ISPConfig3 website

This article will cover the steps needed for the correct installation and configuration of Nagios3 on a Linux Debian machine running Ispconfig3, and more important, to blatantly use the Nagios3 web interface (nagiosadmin) within one of the client domain websites.
Continue reading “How to install and configure Nagios3 webadmin on ISPConfig3 website”

Incoming search terms:

  • raspbmc web browser add on (32)
  • raspbmc install firefox (12)

ISPConfig3 client website CustomLog access log goes into other_vhosts_access.log

rounded_codeThis is a fast but durable and stable solution
The problem:

Client wesites on one of my ISPConfing Web Servers (actually I have to check the others yet) started or, better, stopped logging websites accesses into the expected access log file (the one into /var/log/ispconfig/httpd/blog.giuseppeurso.net/access.log), and start logging into the generic “other_vhosts_access.log” used for the “generic website” the one wich responds to all unmanaged virtualhost requests, the ones that comes by IP address instead of hostnames.

Ispconfig vhost config templates:

The solution is Continue reading “ISPConfig3 client website CustomLog access log goes into other_vhosts_access.log”

[ITA]Guida: Il perfetto mirror modulare di ISPConfig con Virtualbox

backup automatico con rsync ed shh per mirror di ISPConfig in ambiente virtualeQuesto è il log AGGIORNATO della mia prossima avventura nel paese delle meraviglie (che poi sarebbe Debian) in cui utilizzerò 2 Virtual Machines, una delle quali sarà ottenuta partendo da un clone della macchina originale da tenere sotto mirroring, ed agirà da mirror venendo aggiornata 4 volte al giorno.

La macchine clone, verrà aggiornata in tutto e per tutto, configurazioni ed utenti compresi. Inoltre la procedura può essere replicata N volte senza sovraccaricare la macchina master, potendo agganciare le nuove macchine a cascata.
Continue reading “[ITA]Guida: Il perfetto mirror modulare di ISPConfig con Virtualbox”

** SOLVED udev: renamed network interface eth to eth

matrix2_sentinel

I had and SOLVED some problems with network, precisely with network interfaces names, given by udev with the error “udev: renamed network interface eth …”.

Continue reading “** SOLVED udev: renamed network interface eth to eth”

Incoming search terms:

  • udev renamed network interface eth0 to eth1 (116)
  • udev renamed network interface (70)
  • udev renamed network interface eth0 to eth2 (24)
  • renamed network interface eth0 to eth1 (23)
  • udev: renamed network interface (19)
  • udev: renamed network interface eth0 to eth2 (16)
  • systemd-udev renamed network interface (13)
  • renamed network interface (13)
  • renamed network interface eth0 to eth2 (1)
  • heightbhq (1)

[ITA]Linux: Mirror di ISPConfig con Rsync, SSH, VirtualBox.

backup automatico con rsync ed shh per mirror di ISPConfig in ambiente virtualeQuesto è il log della mia prossima avventura nel paese delle meraviglie (che poi sarebbe Debian) in cui utilizzerò 2 Virtual Machines di cui una pubblicata sul web con server web, email, ftp, database e DNS ed un altra sulla stessa subnet privata della prima ma senza indirizzo ip pubblico.
Continue reading “[ITA]Linux: Mirror di ISPConfig con Rsync, SSH, VirtualBox.”

Replacing IP Address in Apache2 config files with SED

replacing ip address in all files with linux sedSuppose i just mirrored my vps machine (starting from a clone and then rsync-ing all needed files) with rsync. Obviously i need to change the IP Address value contained into all the config files, but I’m lazy.
So, let’s use “SED” to do it at once, with a single line command.
I need to replace the IP Address “192.168.100.5” with “192.168.100.4” in all files contained in /etc/apache2/*
Continue reading “Replacing IP Address in Apache2 config files with SED”