HOWTO setup your very own Jabber server…

XMPP (aka Jabber) in combination with OTR is a secure way to chat with others. There are some public servers available, but their popularity centralizes the infrastructure and leaves single points of failure. A recent example is Chaos Computer Club’s Jabber server ( which was down for some days between Christmas and New Years 2014/2015, as a consequence of a DOS attack.

I’ve been setting up a Jabber server of my own on my Raspberry Pi. Here is how you can too:
Continue reading HOWTO setup your very own Jabber server…

Flattr this!

Fail2ban country statistics…

I was lucky enough to seize a “Raspberry Pi Colocation“-slot for my Raspberry Pi.

To secure it further I just recently installed fail2ban.
The software basically detects login attempts and blocks the IP for some limited time in the future. This prevents a depletive password guessing for server logins.

I was interested in the password-guessers` country of origin. Now I can confirm, at least for my Raspberry Pi, that most attacks come from China.
110 CN
2 UA
2 RU
2 DE
1 VN
1 PE
1 KR
1 CZ
1 BD

the quick and dirty command for this looks like this: (you need to have ‘whois’ installed)

for i in `sudo cat /var/log/fail2ban.log | sed 's/.*[Bb]an \(.*\)/\1/' | sort | uniq | cut -d ' ' -f 1 | grep "\."`; do
echo $i; whois $i | grep country\: |head -n 1 >> fail2ban_ctry.log ;
cat fail2ban_ctry.log fail2bancry2.log | sed 's/country: //g' |sort | uniq -c |sort -nr

Flattr this!

Murstrom Podcast…

Nur eine kurze Ankündigung:

Ich habe angefangen zu podcasten.
Der Podcast an dem ich mitwirke heisst mur.strom. Wir besprechen diverse Themen zu Technik und Gesellschaft und senden in unregelmässigen Abständen. Die erste Folge mit meiner Komoderation ist Folge 13. In Folge 3 war ich einmal als Gast vertreten. Unsere Werke sind unter der CC-BY Creative Commons Lizenz auf der Webseite herunterzuladen und dürfen natürlich frei (unter Namensnennung) im Netz verteilt werden. So sehen wir es natürlich gerne wenn ihr unseren Podcast per BitTorrent herunterladet und zum download anbietet. 🙂

Wer gerne regelmässig zuhören möchte, dem kann ich die Android App AntennaPod empfehlen. Hier kann man unserem Podcast-Feed automatisch ‘zuhören’. Einfach die mur.strom URL eingeben und abonnieren. In den Einstellungen das automatische Herunterladen aktivieren und die neuesten Episoden sind dann automatisch auf dem Handy und lassen sich abspielen wenn man Zeit hat sich diese anzuhören.

Die aktuelle Episode, die erste mit mir, behandelte Bitcoin, das derzeit sehr gefragte online Geld. Die Folge kann man sich auf der Podcast Webseite herunterladen. Hier der direkte Link zur Bitcoin Episode. Und für alle Torrent Freunde: hier ist der icon-magnet Magnet Link zur aktuellen Bitcoin Episode. Wer Themenvorschläge hat oder Interviewpartner zu einem spannenden Thema sein will, darf sich gerne bei mir melden.

Die nächste Episode ist auch schon im Kasten und sollte demnächst erscheinen. Viel Spass beim hören.

Hetzner Root Server Networking Configuration…

I’ve been setting up a new server at
I ran into problems when configuring the network. The server is running Debian (wheezy).

hetzner network info
note the last line: “The additional route to the gateway is now no longer necessary.” not only that: it will not work.

The basic configuration looked like this:

## /etc/network/interfaces example Hetzner root server
# Loopback-Adapter
auto lo
iface lo inet loopback
# LAN interface
auto eth0
iface eth0 inet static
# Main IP address of the server
# Netmask (/32) independent from the
# real subnet size (e.g. /27)
# explicit host route to the gateway

This should work, as mentioned in the Hetzner DokuWiki.

I added DNS servers at the end (use your DNS servers here or pick an open DNS server)

dns-nameservers X.X.X.X Y.Y.Y.Y

at the end since I’ve resolvconf installed.
eth0 did not come up correctly.

When trying ‘ifdown eth0; ifup eth0’ I kept getting:
ifdown: interface eth0 not configured
RTNETLINK answers: File exists
Failed to bring up eth0.

This error would show up at boot time or when trying to start eth0 by hand.
The setup would look fine otherwise, IP was correct network seemed to work, but the DNS-servers were not added correctly. Weird!

‘ifdown –force eth0; ifup eth0’ worked. Server went off for a second but came back. with DNS-servers setup correctly. Interesting!

I started to comment out lines from /etc/network/interfaces.
Et voilá!

It turns out: It is deadly to try to configure ‘gateway’ in /etc/network/interfaces!

Finally I used this:

## /etc/network/interfaces working Hetzner root server
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
# next line optional
## never EVER use the next line! you have been warned!
## gateway
dns-nameservers X.X.X.X Y.Y.Y.Y

I hope this post will save others some time to fix this issue with their setup.

Flattr this!

Bitcoin Paper Wallet Treasure Chest…

The Bitcoin Paper Wallet Treasure Chest
The Bitcoin Paper Wallet Treasure Chest
One of the challenges with bitcoin is to store them securely. There have been several well known incidents where Bitcoins have been stolen. It is no mystery. Bitcoin IS money! It’s the same with Euros or Dollars, when you have it lying around it will eventually be missing.

There is a twist with bitcoin to regular money. With Bitcoin one single piece of information is enough for the thief to steal your Bitcoins: Your private key. With Bitcoin it’s about keeping this piece of information secret.

Continue reading Bitcoin Paper Wallet Treasure Chest…

Flattr this!

Tech, Food, Life