Recently one of the websites I host has come under a few reasonably sized DDoS attacks. The attacker has been (mis)using a WordPress feature, pingback verfications. The attacker sends requests to WordPress sites that have this feature enabled, the WordPress sites then send a HTTP request to the target site to verify the pingback. If […]
ExaBGP is an excellent tool for playing around with BGP. It is feature rich, has an API and gives you the option to run scripts which can announce/withdraw routes. In my environment I use ExaBGP for certain services to ensure high availability (and load balancing using equal cost multipath, ECMP). To do this I wrote […]
After upgrading the packages on my puppet master server with puppetdb I was getting this error when running the agent:
May 23 19:15:45 test puppet-agent: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for test.server.com to PuppetDB at puppet.server.com:8081: [400 Bad Request] Missing required query parameter 'payload'
During the package upgrade puppetdb was restarted, but the restart didn’t work (a new process was started but the port was already in use). To fix this, kill the puppetdb process and then start […]
The normal Debian mirrors do not carry the nginx package with the Google Pagespeed Module. These instructions will allow you to create your own package that includes Pagespeed. The nginx package is from wheezy-backports which has a newer copy of nginx than the normal wheezy repo, remove -backports from any commands you run if you […]
I upgraded a Debian Squeeze server to Wheezy recently which was running iSCSI with a Windows 7 initiator. When I started writing to the iSCSI device it would drop out and the server would show an oops message on screen like this:
iscsi_trgt: BUG at /var/lib/dkms/iscsitarget/184.108.40.206/build/kernel/iscsi.c:392 assert(req->tio)
I hate getting this prompt:
root@home:~# ssh server.somehost.com
The authenticity of host 'server.somehost.com (220.127.116.11)' can't be established.
RSA key fingerprint is e6:fa:89:4d:c4:03:8e:09:1b:e5:b1:3c:ec:5f:8e:a3.
Are you sure you want to continue connecting (yes/no)?
If you see it often enough you probably ignore it – it then loses its purpose if you find yourself blindly typing yes. SSHFP records stop that happening. As I secure my DNS zone with DNSSEC already I think this is an acceptable way of verifying the host at […]
If you are running VMware ESX/vSphere with a Linux VM that is running out of disk space it is usually a trivial task. Assuming you have a simple partition layout like this:
/dev/sda1 - 128M - /boot
/dev/sda2 - 2G - swap
/dev/sda3 - 25G - /
If you want to grow the root partition follow these instructions. If you are growing a block device that has no partitions […]
I have been using StartSSL for free SSL certificates for a while. They are great for personal projects – they are trusted by every device I have tried so far and they are issued almost immediately. You can test if the certificate is trusted by accessing this post as https – click here. Note that […]
I have been trying to figure out how to set up multiple IPv6 interfaces properly the “Debian” way but it seems like something is a bit broken now. Lets say I have two interfaces: eth0 and eth1. eth0 is on vlan 100 and eth1 on vlan 200. I would expect this to work in /etc/network/interfaces:
After upgrading some load balancers to Debian Wheezy I noticed this error (happens when dpkg-reconfigure ipvsadm) is ran:
lb1:~# dpkg-reconfigure ipvsadm
debconf: Unknown template field '__choices', in stanza #1 of /var/lib/dpkg/info/ipvsadm.templates
debconf: Unknown template field '_description', in stanza #1 of /var/lib/dpkg/info/ipvsadm.templates
debconf: Unknown template field '_description', in stanza #2 of /var/lib/dpkg/info/ipvsadm.templates
debconf: Unknown template field '_description', in stanza #3 of /var/lib/dpkg/info/ipvsadm.templates
debconf: Unknown template field '_description', in stanza #4 of /var/lib/dpkg/info/ipvsadm.templates
If you encounter this error you can run this sed command to fix up the template: sed -i -r ‘s/^_+//’ /var/lib/dpkg/info/ipvsadm.templates