Block unauthorized OpenVPN logins using fail2ban

fail2ban.pngMonitoring a server can be a lot of work, but handy tools like fail2ban or logwatch make the task considerably easier. Fail2ban, for one thing, monitors services running on your system and blocks incoming connections from a certain IP addresses (using iptables or hosts.deny) when it detects a break-in attempt. It does so by analysing log files and acting upon suspicious events. These need to be defined using a regex filter, and while a great number of templates are already available for the most-used services, OpenVPN thus far has not been included. Setting this up isn’t too difficult, though … [...]

Open XMPP Alternatives to Google Talk

xmpp.pngAfter Google’s much-publicised decision to replace Google Talk with Hangouts and drop XMPP support in the process, many people have been looking for alternative XMPP servers that allow connecting through standards-based clients and support federation with other servers. I figured this would be a good time to list a few servers I have used and recommend. Naturally, this is only a small subset of all publicly available XMPP servers. Which is best for you pretty much depends on what you want and what you need … [...]

GnuPG-encrypted mail forwarding for remote systems

Ever since I started using Fail2ban and Logwatch to monitor unauthorized login attempts and system logs on my server, I have been looking for an easy way to regularly receive encrypted status reports from both programmes by email. After playing around with gpg-mailgate for some time (useful tutorial here), I decided to opt for a simpler solution and told both programmes to send their reports to a specific user on my system. These messages are then retrieved by a simple cron script and emailed to me at regular intervals. Here is how I did it … [...]