Month: January 2008

maintenance: late changes

Posted by Eric – January 22, 2008

New Features

install bittorrent

It’s six minutes past midnight but I’m gonna install bittorrent anyway.

0 Comments – Feed

I first considered logsurfer+, but when I discovered that it didn’t come with any rules ready to go immediately. I switched to logsentry instead. While logsurfer+ has more gee-wiz options and capabilities; logsentry is dead simple to get going. logsentry starts out being overly verbose but it’s simple to customize it. logsentry combined with some custom shell magic is a good choice for me. Inspiration came from Dave Taylor‘s LinuxJournal column Work the Shell

#!/bin/sh

ACCESSLOG="/var/log/kernel/*"
/bin/egrep -h 'SRC=[0-9]{1,3}' $ACCESSLOG |
        /bin/awk '{print $8}' |
        /bin/sed 's/SRC=//g' |
        /bin/sort |
        /usr/bin/uniq -c |
        /bin/sort -rn

Don’t trust any code you see here. WordPress’s editor is too smart for it’s own good. There’s supposed to be a backslash at the end of each line except the last one, but the editor insists on escaping my escape sequences.

Category: Computing, Linux
0 Comments – Feed

Woohoo! iptables works

Posted by Eric – January 20, 2008

I got iptables properly configured where I set the policy for INPUT, FORWARD, and OUTPUT to DROP. Amazingly everything appears to still work. I set the server to be in the DMZ. Despite this I’m still totally stealthy according to GRC’s Shields Up!. I’ve got logging setup and working well. It only catches the surprise portscans coming from chinese hackers. The next thing will be parsing the data I’m collecting into some interesting information. I haven’t got logsurfer+ setup yet, maybe I can do that tomorrow.

Category: Linux
0 Comments – Feed

Maintenance: 1/17/2008

Posted by Eric – January 17, 2008

New Features

Add log monitoring with logsurfer+.
Add filtering with iptables.

With iptables I could safely put the machine in the DMZ and have a grand ole time watching portscans and other crud coming from the Internet. Learning iptables will definitely be a interesting mental challenge.

Package Updates

These are the packages that would be merged, in order:

Calculating world dependencies . … done!
[ebuild U ] sys-apps/man-pages-2.75 [2.70] USE=”nls” 1,815 kB
[ebuild U ] sys-apps/busybox-1.8.2 [1.7.4] USE=”pam -debug -make-symlinks -savedconfig (-selinux) -static” 1,725 kB
[ebuild U ] app-arch/tar-1.19-r1 [1.19] USE=”nls -static” 0 kB

Total: 3 packages (3 upgrades), Size of downloads: 3,539 kB

0 Comments – Feed

!Danger! Will Robinson

Posted by Eric – January 15, 2008

Setup a logging daemon. Check.
Setup crond. Check.
Setup ssmtp. Check.
Setup a log watching script. hmm… There are more than a few options as usual.

logsurfer+
swatch
logsentry

Category: Linux
0 Comments – Feed

Maintenance: package update

Posted by Eric – January 14, 2008

These are the packages that would be merged, in order:

Calculating world dependencies . … done!
[ebuild U ] sys-apps/man-pages-2.70 [2.69] USE=”nls” 1,814 kB
[ebuild U ] dev-libs/libxml2-2.6.30-r1 [2.6.30] USE=”python readline -debug -doc -ipv6 -test” 0 kB
[ebuild N ] app-admin/webapp-config-1.50.16-r1 102 kB
[ebuild U ] sys-power/apcupsd-3.12.4 [3.10.18-r1] USE=”ncurses nls usb -cgi -doc -snmp -threads -vhosts% (-apache2%)” 4,125 kB

Total: 4 packages (3 upgrades, 1 new), Size of downloads: 6,040 kB

0 Comments – Feed

cost of a server

Posted by Eric – January 11, 2008

Using the P3 Kill-a-Watt I got for Christmas, I know that the tower, SimpleTech NAS, monitor, printer, switch, and the UPS itself all drew a total of 1.43 KwH in 24 hours. So lets consider what it would cost to run this setup for a year.

1.43 KwH * 365 days = 521.95 KwH/year
Electric Rates for each KwH after the first 800 KwH: $0.06535
521.95 KwH/year * $0.06535 = $34.11/year or
1.43 * 30 days = 42.9 KwH/month * $0.06535 = $2.80/month