Configuring fail2ban on Debian – Part 1

If you are administering a Linux server on a publicly accessible IP address then you have no-doubt already noticed your log files filling up with repeated failed login attempts against all common protocols. While it may be possible to protected services to some extent with firewalls, nothing is going to protect you from weak password policies and software vulnerabilities.

There is, however, a great Open Source product that can do away with some of the noise and frustrate the spammers; fail2ban.

Continue reading “Configuring fail2ban on Debian – Part 1”

Ipsec on a small LAN

Most tutorials cover implementing IPsec as a VPN solution between two sites, but what if you want to secure communications on one site representing a not atypical home LAN with a couple of machines: some wireless, some Linux, some Android, some Windows, and a dual ipv6/ipv4 stack (courtesy of Hurricane Electric’s free TunnelBroker service)?  And to make life more difficult, there are some devices that don’t support IPsec at all.  Obviously, you need at least two IPsec capable machines for this to make much sense.

Does it work, and how well?

Continue reading “Ipsec on a small LAN”