Today, I upgraded fail2ban from 0.8.0-r1 to 0.8.3 and started seeing “Unexpected communication error” in the logs like what I have listed below.

I recently upgraded kernel on one of my servers from hardened-sources-2.6.28-r7 to hardened-sources-2.6.28-r9 and immediately had problems after reboot. Rebooting that server, I was greeted with the following message: Booting 'Gentoo (bzImage-2.6.28-hardened-r9)' root (hd0,0) Filesystem type is ext2fs, partition type 0x83 kernel (hd0,0)/boot/bzImage-2.6.28-hardened-r9 root=/dev/sda4 [Linux-bzImaeg, setup=0x2a00, size=0x165990] Decompressing Linux… Parsing ELF… done. Booting the kernel.… Continue reading Issues with hardened-sources-2.6.28-r9

So I’ve seen the commercials on TV about GoToMeeting for a while, but I never had a opportunity to try it out. Yesterday, I had a conference call with a web client about a application we’re developing and going over some server requirements to pull it off. Early in the call, the client recommend that… Continue reading My first time with GoToMeeting

A few weeks ago, I saw that snort needs to update to 2.8.4.1 (up from 2.6.1.3-r1), but with this update, it no longer has support for snortsam. This sucks! I posted a thread about this on the Gentoo forums, but no response yet. Because of this I’m not updating my production boxes, that use snortsam… Continue reading Recent package updates are making me nervous (Snort and Mod_Security)

I started seeing emails posted via contact forms with this message body. All sites on multiple servers starting experiencing this. I believe this is just a probe to test if contact forms are requiring captcha or this could be a initial set up for backscatter, etc. Either way, I don’t like it. The first piece… Continue reading Good site, admin

After seeing a increase in image spam, I decided to add the Fuzzy OCR plugin for spamassassin. Basically, it will read the image and see if there are any words or phrases that are labeled as spam and append a score to it. I was surprised that I didn’t see any how tos for Gentoo,… Continue reading How to set up Spamassasin-FuzzyOcr for Gentoo

Here is a sweet trick I learned to day to grab the line you’re looking for as well as the line after or before. It’s using the -A or -B flag within grep. Glad I found this before writing a stupid script using awk, etc. grep 'some value in a line' -B 1 /var/log/messages This… Continue reading Grep the line and the line before or after.

Today I had to do some work on my qmail, which I hate to work with. Basically, I needed to go through the logs and and verify some deliveries, etc. Well, the timestamps for qmail is using TAI64N (which I just learned about). You can use tai64nlocal to convert them to readable timestamps. Again, this… Continue reading Dealing with Qmail’s TAI64N format

I started getting a ton of these in my DNS logs a few days ago: Jan 19 05:33:47 comp named[4488]: client 76.9.31.42#55056: query (cache) './NS/IN' denied Jan 19 05:33:53 comp named[4488]: client 76.9.31.42#30931: query (cache) './NS/IN' denied Jan 19 05:33:59 comp named[4488]: client 76.9.31.42#31789: query (cache) './NS/IN' denied Jan 19 05:34:06 comp named[4488]: client 76.9.31.42#38458:… Continue reading Potential DNS DDoS (query (cache) ‘./NS/IN’ denied)

So my woes with Apache-2.2.10 and chroot is continuing. Now I can start Apache in the chroot environment, and I thought all was well, but after additional testing, I found out that cURL does not work. Basically, cURL will return a empty string while it’s chroot’d. This is very weird to me, since the jail… Continue reading Apache-2.2.10 / Chroot and cURL is giving me some grief (SOLVED)