Export Exchange recipients to Postfix server

When  you have an Exchange server in your organization and you also use a Postfix server as gateway, you need the list of all valid recipients of your organization at your gateway. In this way, you can reject invalid emails at the gateway, and what’s more important, when the sender address is forged, you don’t […]

,

Deja un comentario

fail2ban 0.9

With the recent release of fail2ban 0.9 there are very important improvements to the journal and firewalld integration. With these simple configurations, I get fail2ban working in Fedora 20 without a syslog daemon and avoiding being DOSed  by a local user. /etc/fail2ban/fail2ban.local [Definition] loglevel = INFO logtarget = SYSLOG In /etc/fail2ban/jail.local we set the backend […]

,

Deja un comentario

IPsec server in OpenWrt (II)

This is an update of my previous post about configuring IPsec in OpenWrt. The network scenario I’m describing is a central OpenWrt router with 2 internal LANs, plus 2 external hosts connected with VPN and some roadwarriors with all their traffic redirected through the IPsec tunnel. Because I’m going to use public key authentication, a […]

, , ,

1 Comentario

Configure fail2ban in Fedora 20 to use firewall-cmd and ipset

fail2ban is a handy daemon that monitors the log files to identify connection attempts and other kind of attacks and ban those IPs for a certain period of time. Currently, fail2ban upstream is adding support to firewalld and the use of ipset, so some modifications are needed at the stock config. First of all, install […]

, , ,

Deja un comentario

How to test a OCSP server

The other day, I installed a OCSP server in Windows 2012 R2 and got the need of testing it. I have found two different ways. In Windows, using the tool certutil: # certutil.exe -url cert.pem It will open a window where we can test all the revocation methods listed in the certificate. To test OCSP, […]

Deja un comentario

dnssec-tools and bind authoritative name server in Fedora

Some time ago, I wrote a post about using dnssec-tools for managing an authoritative name server in CentOS, now I’m going to extend it to cover their usage in a Fedora system. First of all, I’m going to use the latest versions which currently is not in the repositories. Download the source rpm, recompile and […]

, , , ,

Deja un comentario

New GPG key: DEEBD08B

For a number of reasons, i’ve recently set up a new OpenPGP key, and will be transitioning away from my old one. You can get the new key from: https://www.miceliux.com/~juan/pubkey.asc And the transition document from the old key is here: https://www.miceliux.com/~juan/key-transition-2013-09-11.txt.asc

Deja un comentario

Seguir

Recibe cada nueva publicación en tu buzón de correo electrónico.

Únete a otros 67 seguidores