One of the awesome features of the last several Ubuntu releases is support for ecryptfs, an encrypted filesystem. At Talia we depend heavily on GPG, OTR, SSH keys and other forms of encryption and secure identification. Loss of those keys and other confidential data to laptop theft, corporate espionage, or the US Customs Service is a big concern for us. This week I secured my laptop, as a prototype of our new corporate laptop setup. Here is how I did it.
You are currently browsing articles tagged security.
Tags: encryption, karmic, security, ubuntu
Firefox has a very annoying “feature” – it remembers any HTTP authentication tokens for as long as Firefox remains open. Any by “open”, I mean “the browser is running”, not “the tab/window is open”.
Why is this bad? For several reasons. Read the rest of this entry »
In the last 3 weeks our company mail servers have been slammed with a massive increase in spam relay attempts. Logs showed many failures like so.
Jul 12 14:15:26 mailserver.example.com postfix/smtpd[19885]: NOQUEUE: reject: RCPT from 206.12.0.10.in-addr.arpa[10.0.12.206]: 554 5.7.1 <symons@yahoo.co.uk>: Relay access denied; from=<yyjaqveh@lpsb.com> to=<symons@yahoo.co.uk> proto=ESMTP helo=<206.12.0.10.in-addr.arpa>
IP addresses have been obscured to protect the guilty (or ignorant, as this is certainly a botnet). Unfortunately, a large number of the IP addresses in question belonged to my own satellite customers. Mail servers for our other domains were almost entirely unaffected. Which tells me that some bastard has written a botnet spam client that looks up its own public IP, finds the reverse DNS entry, looks up the MX record of the corresponding domain, and then attempts to relay mail through that server. This is particularly mean, as it will encourage your own ISP to shut you down.
Tags: networking, security
Recent Comments