XMPP (aka Jabber) in combination with OTR is a secure way to chat with others. There are some public servers available, but their popularity centralizes the infrastructure and leaves single points of failure. A recent example is Chaos Computer Club’s Jabber server (jabber.ccc.de) which was down for some days between Christmas and New Years 2014/2015, as a consequence of a DOS attack.
I’ve been setting up a Jabber server of my own on my Raspberry Pi. Here is how you can too:
Continue reading HOWTO setup your very own Jabber server…
I was lucky enough to seize a “Raspberry Pi Colocation“-slot for my Raspberry Pi.
To secure it further I just recently installed fail2ban.
The software basically detects login attempts and blocks the IP for some limited time in the future. This prevents a depletive password guessing for server logins.
I was interested in the password-guessers` country of origin. Now I can confirm, at least for my Raspberry Pi, that most attacks come from China.
the quick and dirty command for this looks like this: (you need to have ‘whois’ installed)
for i in `sudo cat /var/log/fail2ban.log | sed 's/.*[Bb]an \(.*\)/\1/' | sort | uniq | cut -d ' ' -f 1 | grep "\."`; do
echo $i; whois $i | grep country\: |head -n 1 >> fail2ban_ctry.log ;
cat fail2ban_ctry.log fail2bancry2.log | sed 's/country: //g' |sort | uniq -c |sort -nr
also ich hab mir heute ausgerechnet dass wir mit unserem server eigentlich nicht sooo schlecht liegen.
wir haben 0,239% downtime.
das heisst 99,76% availability!!!
in anbetracht unseres knappen budgets, keine sooo schlechte leistung.
ich hoffe das geht so weiter. spenden sind natürlich willkommen…