Dynamic DNS updates for a RaspberryPi server

I posted about how I setup a RespberryPi for a work experiment. That server has a DNS name using the service https://dyn.com/ where they will keep my hostname pointed at the IP address my server is on. I need this because I have a residential cable modem connection to the Internet so my IP address can change at random. I wasn’t sure how easy or hard it would be to find a client to keep my record updated, but it turns out you only need 3 commands to configure this in the Terminal app or via SSH;

sudo apt-get update
sudo apt-get install libio-socket-ssl-perl
sudo apt-get install ddclient

When you type the third line above it will step through a simple wizard that asks what Dynamic DNS service you are using, and then asks for the username and password to use. Everything was up and running in about a minute. You can then tail /var/log/syslog to see status messages or look at /etc/init.d/ddclient or /etc/ddclient.conf if you want to adjust how it starts or is configured, but the defaults seem fine.

Protecting a RespberryPi

So I had a need for work to setup an Apache server to test a feature of our product. It was easy enough to get it going;

1. Install Noobs to SD card
2. Boot up RaspberryPi 3B+ with Noobs
3. Install Raspian
4. Use apt-get to install apache2
5. Port Forward 80 and 443 to my RPi
6. Use DynDNS to direct a DNS name to my home IP

So all that was super easy. Next I started to worry about protecting my little pocket computer. I looked at DenyHosts, but it seems like the version in apt-get was super old and even the latest seems not maintained. So I did “apt-get install fail2ban” because that seems fairly current. So this is more of a question post than a helpful post for others. My question is if fail2ban via apt-get needs certain config changes or if it is good with default settings? If you read this and can comment with guidance it would help me, and hopefully others. If the steps above seem complicated and anyone wants a step by step posted then I’m happy to do so. If you’d like to try to beat up on my little computer that’s cool too. Nothing private is on it. http://absolute.jnux.net is the Apache2 instance.

Getting started with Blogging using WordPress.com

So you’ve decided that you wanted a platform to write. Why not use FaceBook, Google+, or even MySpace? In my opinion those platforms are good for argume…. Err.. I mean conversations, but they aren’t really the best place to publish a review of a piece of software, or articles to help configure routers, or most things that are more information than a blurb or rant. Blogging gives you the ability to categorize, tag, provide permanent links, and control formatting on your writing. It lets you share what you want, in the way that you want. For me I’m sharing links to my blog through other platforms so that anyone who finds an article will find it, but that’s about all. I will say that I do like the way that LinkedIn has approached writing articles, but not all of mine will be worth sharing there so I’ll opt to write it all here, and share to LinkedIn as appropriate.

Continue reading “Getting started with Blogging using WordPress.com” →

YouTube black screen

If you go to YouTube and you see a black screen when you want to see a video it’s because YouTube seems to be having problems. We searched Twitter and found many others with the same problem today. The workaround seems to be to use SSL. So instead of “http://whatever” you should make it “https://whatever” and then you correctly get the video.

Moved away from Squarespace

If things look different.. and probably a little messy right now… it’s because I’ve decided that the $14/month I was paying for Squarespace was not really something I needed to be spending. They are of course one of the best CMS systems out there, but we’re trying to cut back so I’ve moved back to Blogger. Hopefully Google will re-index me and folks will find any articles they care about.

Website for BBS operators

I have always loved BBS’ and have run one forever. I still have telnet:haz-matiii.com running but I don’t take care of it the way I should. In the near future I’m going to spiff it up so it’s nicer. Anyway I had a thought to build a community for BBS enthusiasts past and present. Today folks run web based forums and I consider those to be the BBS of today. The website is http://www.sysopnation.com if you want to check it out. If it takes off I’ll keep it going.

Hack attempts from Afghanistan

I have a couple of servers that sit out on the Internet, and every day I get a little report on how they are doing, and if someone is trying to break in to them. Today I got this report;

sshd:
Authentication Failures:
root (121.100.48.130): 1353 Time(s)
unknown (121.100.48.130): 1148 Time(s)
root (61.168.227.12): 582 Time(s)
root (125.141.237.100): 165 Time(s)
root (180.68.206.31): 99 Time(s)
unknown (125.141.237.100): 93 Time(s)
unknown (61.168.227.12): 60 Time(s)
unknown (180.68.206.31): 42 Time(s)
root (222.211.78.20): 23 Time(s)
adm (121.100.48.130): 6 Time(s)
bin (121.100.48.130): 3 Time(s)
dbus (121.100.48.130): 3 Time(s)
ftp (121.100.48.130): 3 Time(s)
games (121.100.48.130): 3 Time(s)
gopher (121.100.48.130): 3 Time(s)
halt (121.100.48.130): 3 Time(s)
lp (121.100.48.130): 3 Time(s)
mail (121.100.48.130): 3 Time(s)
mailnull (121.100.48.130): 3 Time(s)
mysql (121.100.48.130): 3 Time(s)
mysql (125.141.237.100): 3 Time(s)
named (121.100.48.130): 3 Time(s)
news (121.100.48.130): 3 Time(s)
nobody (121.100.48.130): 3 Time(s)
nscd (121.100.48.130): 3 Time(s)
operator (121.100.48.130): 3 Time(s)
pcap (121.100.48.130): 3 Time(s)
root (123.30.98.50): 3 Time(s)
rpc (121.100.48.130): 3 Time(s)
shutdown (121.100.48.130): 3 Time(s)
smmsp (121.100.48.130): 3 Time(s)
sshd (121.100.48.130): 3 Time(s)
sync (121.100.48.130): 3 Time(s)
unknown (222.211.78.20): 3 Time(s)
uucp (121.100.48.130): 3 Time(s)
nfsnobody (121.100.48.130): 2 Time(s)
rpcuser (121.100.48.130): 2 Time(s)
haldaemon (121.100.48.130): 1 Time(s)
unknown (123.30.98.50): 1 Time(s)

Continue reading “Hack attempts from Afghanistan” →

GoDaddy Cash Parking vs. AdSense for Domains

The other day I posted about how I was trying out GoDaddy Cash Parking for a few domains I wasn’t doing anything with. Since then I have looked at Google AdSense quite a bit. Google has AdSense for Domains which is essentially the same thing GoDaddy sells, but for free. As an experiment I have moved some domains from GoDaddy to Google, and the result is pretty interesting. I was getting some page impressions, but no clicks on the Cash Parking solution, but with AdSense I seem to actually be earning some money. Even though it’s not very much, GoDaddy charges almost $4/month so each month I have to earn at least $4 before I make anything. In Google’s case if I earn $2 then I’ve earned $2 without the overhead of a monthly fee. Here is a breakdown of the features;

Continue reading “GoDaddy Cash Parking vs. AdSense for Domains” →

SmoothWall vs. PlayStation 3

A few days ago I wrote about my installation of SmoothWall on my home network. Tonight I guess was the first time I tried to use my PlayStation 3 because I saw an ad that the demo of MAG was posted on the PlayStation store for public beta. I couldn’t login to the PlayStation store with error 8002A535 and it was not clear why. A Google search didn’t help me out. Eventually I found a reference to the IM Proxy in SmoothWall being the source of the issue. Through elimination I found that it is the “Jabber and Gtalk” filtering specifically that breaks the ability to login to the PlayStation store. You may leave the other filters on although I do not use the man in the middle option so I did not test if enabling that breaks things. If you use it and this doesn’t fix you then turn off the man in the middle option and it will definitely fix you.

I had been playing my XBox 360 a lot since the SmoothWall. The XBox does not have the same issue. It should be noted that for either system you want to enable UPnP support in Networking -> Advanced or I suspect neither system will work.