Category: tech

OpenVPN tricks and traps

Why Recently I had to update my certificates. As things go, I decided to do a 2 tier CA. Of course, this compilcates the config of systems like OpenVPN. This needed some bending of the configs to get what I wanted. How Critical config enrties to make this all work – with comments ca /etc/openvpn/root-ca.cert …

Continue reading

Debian 8 (Jessie) updates are coming

Debian 8 “Jessie” As most of you most likely already know, Debian Linux 8 aka “Jessie” has been released in the last few weeks. This release brings us a host of significant updates: Xen 4.4, apache 2.4, php 5.6.x, postfix 2.11.x and perhaps most controversially a new parallel service start-up utilitiy called systemd The Linux …

Continue reading

About efficacy of the fail2ban daemon:

As many of you know we have been using various countermeasures to stop unwanted individuals  from getting into our servers.  Especially the kind that attempt to brute-force a username/password combination. To that end we have recently deployed the ‘wp fail2ban’ plugin . The question is does it work? The answer is below: ——————— fail2ban-messages Begin …

Continue reading

Updated Xen Hypervisor, Linux kernel and more

Vandrad Research Labs have carried out major work last night. Between 21:30 and 22:30 on 14 August 2013 AEST, the main server was upgraded and the following work was done: the Xen server was upgraded to Debian 7.0 new version of Xen Hypervisor (Xen 4.1.4) was installed a new Linux kernel (3.2.46) and modules was …

Continue reading

email server upgrade

Our main mail email server has been upgraded: Linux distribution was upgraded from rom Debian Squeeze (Debian 6.0.7) to Debian Wheezy (Debian 7.0). This means: new libc, kernel new postfix, courier POP and Courier IMAP daemons new bind daemon new ssh daemon We used this upgrade as an opportunity to migrate the email domains and …

Continue reading

Upgrade to Debian 6.0.7 installed

An upgrade to Debian 6.0.7 was installed last night across all servers. This work  appears to have been successful and no adverse side-effects have been observed as at this time. Debian 6.0.7 includes an update to the Xen hypervisor and Linux kernel binaries. To activate these, a reboot of the Xen server stack  will be …

Continue reading

mysql backup script updates

The VRL servers now have a new backup script that does: dump of all of the databases from a mysql instance sha256 checksumming of db backups sha256 checksumming tarballs of multiple db backups gpg encryption of the tarballs once they are assembled deletion of backup files and other files older than 14 days The script …

Continue reading

RKHunter upgrade

Today we have rolled out a new version of the rkhunter package – RKHunter 1.4.0  – to all of our managed hosts. Its a relatively simple process on the Debian hosts: Downlaod the rkhunter 1.4.0  (at this time it is 1.4.0-2)  Debain package from your local Debian project mirror. Verify package hashes and signatures (There …

Continue reading

Debian Linux 6.0.6 stable release update

Debian foundation have advised that the stable Debian release, Debian 6.0 (aka “Squeeze”) has been released to public. Vandrad Research Labs staff are in the process of updating our servers. A list of updated packages and the offcial write can be found in the official announcement on the Debian foundation web page.

New IP addresses for servers

Our upstream provider have advised that they need to migrate us to a different IP subnet. Much fun is about to be had by all… some VM reboots required. Check back on this page for more information…

April server reboot.

A scheduled reboot of the Vandrad Research Labs Xen server stack has been successful. All servers appear to have come back on-line without a problem. The reboot was necessary to update the kernel and to distribute new modules to all Xen hosted instances.

Debian 5.0 aka “Squeeze” Security support terminated

The Debian foundation have announced that as of 6 FEB 2012 they are terminating the ongoing security support for  Debian 5.0 aka “Squeeze”.  All customers using this release of Debian Linux are requested to upgrade to current stable distribution of Debian Linux – Debian 6.0  aka Debian “Lenny”. The full text of the advisory can …

Continue reading

Fixing Australian time zones in plone

One of our clients, the Ancient Arts Fellowship have requested a new Plone site. After some deliberation and several futile attempts to upgrade their current Plone 2.5.5 to a plone 3.x instance we made a collective decision to run with a new Plone 4 setup. Of course the “curse of the time zone” reared its …

Continue reading