Spent some time upgrading my linux machines today. The Ubuntu network upgrade from 8.04 to 9.04 went smooth on one of the machines. I had to do the intermediate 8.10 first though. On the other machine (Armada M700), it ran into a kernel bug (specific to 9.04) that caused the machine to hang during startup, so I kept it at xubuntu (XFCE desktop) 8.10. Here’s the bug reference:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/393262
Also, in order to get the nomachines nx client to work here are the settings:
- Select Desktop = Unix/Custom, and then
- under Settings, “Run the following command” = /usr/bin/startxfce4
- and also Options = New Virtual Desktop.
written by varun
Found a good article on the subject of using vmstat to monitor virtual memory on a linux system. Here’s a link to the man page for vmstat.
written by varun
It was high time to retire the nine year old 433 MHz box that was faithfully serving varun.org for all these years. The new “server” is a 1.6 GHz laptop running Ubuntu 8.04. While I was at it, decided to give it a new look as well.
written by varun
A good article on virtual hosting with Apache 2 that I used.
written by varun
Thought I’ll start blogging about Linux software that I tinkered around with and found useful. Few months back when I started hosting this site, I noticed my /var/log/auth/auth.info being flooded with entries like:
vplinux sshd[3227]: Connection from 218.14.146.205 port 44543
vplinux sshd[3227]: Failed password for root from 218.14.146.205 port 44543 ssh2
vplinux sshd[3236]: Connection from 218.14.146.205 port 44620
vplinux sshd[3236]: Failed password for root from 218.14.146.205 port 44620 ssh2
This indicates bute force attacks on the ssh service. These attacks are based on a rather simple idea: use an automated program for trying, one after the other, many combinations of standard or frequently used account names and likewise frequently used passwords. In my search to prevent such attacks, I found fail2ban that works rather well. It monitors (in daemon mode) or just scans log files (e.g. /var/log/auth/auth.info, /var/log/apache/access.log) and temporarily bans failure-prone addresses by updating existing firewall rules.
written by varun
