Blocking WordPress Pingback Verification DDoS

Recently one of the websites I host has come under a few reasonably sized DDoS attacks. The attacker has been (mis)using a WordPress feature, pingback verfications. The attacker sends requests to WordPress sites that have this feature enabled, the WordPress sites then send a HTTP request to the target site to verify the pingback. If […]

ExaBGP – BGP routing with health checks

ExaBGP is an excellent tool for playing around with BGP. It is feature rich, has an API and gives you the option to run scripts which can announce/withdraw routes. In my environment I use ExaBGP for certain services to ensure high availability (and load balancing using equal cost multipath, ECMP). To do this I wrote […]

PuppetDB: [400 Bad Request] Missing required query parameter ‘payload’

After upgrading the packages on my puppet master server with puppetdb I was getting this error when running the agent: May 23 19:15:45 test puppet-agent[15207]: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit ‘replace facts’ command for to PuppetDB at [400 Bad Request] Missing required query parameter […]

Nginx + Google Pagespeed Debian Package

The normal Debian mirrors do not carry the nginx package with the Google Pagespeed Module. These instructions will allow you to create your own package that includes Pagespeed. The nginx package is from wheezy-backports which has a newer copy of nginx than the normal wheezy repo, remove -backports from any commands you run if you […]

Debian ISCSI Oops

I upgraded a Debian Squeeze server to Wheezy recently which was running iSCSI with a Windows 7 initiator. When I started writing to the iSCSI device it would drop out and the server would show an oops message on screen like this: iscsi_trgt: BUG at /var/lib/dkms/iscsitarget/ assert(req->tio)

SSHFP records

I hate getting this prompt: root@home:~# ssh The authenticity of host ‘ (’ can’t be established. RSA key fingerprint is e6:fa:89:4d:c4:03:8e:09:1b:e5:b1:3c:ec:5f:8e:a3. Are you sure you want to continue connecting (yes/no)? If you see it often enough you probably ignore it – it then loses its purpose if you find yourself blindly typing yes. SSHFP […]

ESX/vSphere grow disk under Linux

If you are running VMware ESX/vSphere with a Linux VM that is running out of disk space it is usually a trivial task. Assuming you have a simple partition layout like this: /dev/sda1 – 128M – /boot /dev/sda2 – 2G – swap /dev/sda3 – 25G – / If you want to grow the root partition […]

StartSSL certificates with Apache mod_ssl

I have been using StartSSL for free SSL certificates for a while. They are great for personal projects – they are trusted by every device I have tried so far and they are issued almost immediately. You can test if the certificate is trusted by accessing this post as https – click here. Note that […]

Debian Multiple IPv6 Interfaces

I have been trying to figure out how to set up multiple IPv6 interfaces properly the “Debian” way but it seems like something is a bit broken now. Lets say I have two interfaces: eth0 and eth1. eth0 is on vlan 100 and eth1 on vlan 200. I would expect this to work in /etc/network/interfaces:

Debian Wheezy ipvsadm error

After upgrading some load balancers to Debian Wheezy I noticed this error (happens when dpkg-reconfigure ipvsadm) is ran: lb1:~# dpkg-reconfigure ipvsadm debconf: Unknown template field ‘__choices’, in stanza #1 of /var/lib/dpkg/info/ipvsadm.templates debconf: Unknown template field ‘_description’, in stanza #1 of /var/lib/dpkg/info/ipvsadm.templates debconf: Unknown template field ‘_description’, in stanza #2 of /var/lib/dpkg/info/ipvsadm.templates debconf: Unknown template field […]