Support

Blog

Browsing all articles from April, 2013

Flattr this!

As one of the main contention points people have with mail service is either the amount of spam they receive, or the amount of legitimate email we block, we’ve decided to put the solution in your hands.

We’ve added user access to the blocking implementation we use at Computer Solutions.

For a quite rerun on this our incoming mail rules are as follows:

  • Sending Server has a valid Reverse DNS Entry
  • Sending Server conforms to mail RFC’s
  • Sending Server is not listed in any of the following Antispam Service Lists zen.spamhaus.org cblplus.anti-spam.org.cn cdl.anti-spam.org.cn bl.spamcop.net dnsbl.njabl.org
  • Mail does not contain a virus, malware or similar content.
  • Mail is addressed to a valid sender.
  • Recipients mailbox is not full.

We’re giving you access to do what you want with regards to incoming spam blocks.
If you decide that our heinous blocking of senders who’s servers are _definitely_ listed in spam listings is not to your taste, then you can change that.

If you want to whitelist any incoming mail you can do the following:

1) Login as the postmaster account for your domain at http://rules.computersolutions.cn (in the example below, I’m editing my own account, you’ll need to use YOUR postmaster@yourdomain.com / password!)

Screen Shot 2013-04-24 at 8.31.18 PM

2) Select Domain Wide Focus

Screen Shot 2013-04-24 at 8.31.47 PM

3) Click Add a domain specific rule (this will apply to all messages received for your domain – i.e. anything @yourdomainname.com)

Screen Shot 2013-04-24 at 8.31.56 PM

4) Setup appropriate rules (there are a number of options – in the example below I’m whitelisting all incoming mail).

Screen Shot 2013-04-24 at 8.32.13 PM

5) Note that the System rules below are now greyed out (assuming you whitelisted as per example above).
Thats because they no longer apply!

Screen Shot 2013-04-24 at 8.35.39 PM

In future we will be pushing clients to use this interface for their unblocking / blocking requirements, so that the needs of the few outvote the needs of the many, and your incoming email can go where no wo/man has gone before.

Lawrence.

Flattr this!

Over the last few weeks, we’ve been noticing an increase on hack attempts on wordpress installs and other CMS’s (eg joomla).

Most of these attack attempts are from Russian IP space (typically Ukraine), although there are also a lot of botnet attacks from hosed windows computers also (these come from a variety of countries).

To counter this, we have been pro-actively implementing a number of different mitigation solutions, ranging from upgrading clients CMS installs and adding captcha plugins where possible to prevent brute force password attacks, through to scanning for vulnerable files throughout all clients website, and updating them to non-vulnerable versions (timthumb.php being the major issue/problem child that we’ve found to be vulnerable/exploitable).

We have also implemented server-wide lockout systems for failed logins for wordpress using one of our existing protection mechanisms (fail2ban).

Some of you may already have noticed an additional question or captcha being asked during login to your systems.

(example below)

Screen Shot 2013-04-12 at 10.42.02 PM

This is for your safety – if someone hacks into an install, they typically then attempt to run additional items within an install such as malware.

We also have live monitoring for malware running on all servers, and have been quite proactive in upgrading installs which are capable of being compromised.

In the case of a site being compromised and malware being dropped into the site, our live scanner sends us an automated email and we actively investigate.

If we cannot resolve the immediate issue, and find the security hole, we disable the clients site and inform them of an issue, and the need to take further action.
(To date, we haven’t had to go that far though).

We’re not the only people seeing this, although its not well known outside of the web hosting community at this present time.

We believe in proactive solutions for these kinds of attacks, and our multilayered approach appears to have spared us from most of the problems facing others at this time.

Lawrence.

References:

http://blog.hostgator.com/2013/04/11/global-wordpress-brute-force-flood/
http://blog.sucuri.net/2013/04/protecting-against-wordpress-brute-force-attacks.html
http://blog.cloudflare.com/patching-the-internet-fixing-the-wordpress-br

Flattr this!

We often have clients that complain about wifi in different area’s of their apartment being weak.

While there are a number of solutions to that, such as running additional cabling, adding additional routers via WDS, using 电力猫 (ethernet over power) adaptors etc, we decided to try out a newish all in one solution from TP Link.

TP Link HomeAV packaging

This ties together 2 paired mini wifi routers via power over ethernet (HomeAV).
See the Chinese diagram below for a clear example.

T2NSW.XcBaXXXXXXXX_!!1040450854

What does it do?

Well, you can plug one router in where your internet connection is, then plug the other router where your signal isn’t 😉 With a bit of luck, it will connect successfully over your power lines automagically, and there is no configuration needed other than adding in your internet settings at the router side.

The units provide both Ethernet and Wifi at both ends, so they’re a good solution for both wired and wireless access.

The units we bought only have Chinese firmware at the moment, but its pretty much set, and forget for most users.

They also come reasonably well documented – each unit has a sticker with its ip address and user/pass. Yay!

TP Link HomeAV

As you can see below, one unit has 2 ethernet connectors, and the other has 1 ethernet connector.

TP Link HomeAV

The unit with 2 connectors sits at your modem side (it can also extend an existing network if you have another wifi router already).
The WAN port plugs into your modem or network (as appropriate for your needs).
The LAN port provides a network port for use.

The other unit plugs in elsewhere (eg in a suitable location where you need wifi or wired connection).

I initially thought our initial unit was faulty, as it would only pair to the second adaptor for a few seconds, then stop pinging its ip address (192.168.1.254 as per its label)

TPLink HomeAV adaptor

Turns out that once its booted up and paired, it gets an address via DHCP from the main
device, so whats written on the back of the unit no longer applies. Stumped me for a few seconds till I realised and went doh!

Here is our suitable test bed.
TPLink HomeAV adaptors

I’m pinging one device from the other –
upload

..and it works.

The units are a bit flimsy, but seem to work fine in our limited testing.

Price – RMB258 + shipping for a paired set via http://tp-link.tmall.com/ online store (price correct at time of writing)

Extra units – RMB133 (you can have up to 7 units tied together to extend your network).

I’d give these a rating of 7/10 – they’re cheap, and they work.

Further reading (and tools):
http://www.zibri.org/2009/03/powerline-ethernet-fun-and-secrets.html

Flattr this!

As most of the posts out there are horribly outdated, or provide incorrect information for the current versions in use, here are my quick notes on setting up a time machine share.

First up –

apt-get install netatalk

Check /etc/netatalk/afpd.conf has something similarish to this:

# This line goes in /etc/netatalk/afpd.conf
- -tcp -noddp -uamlist uams_guest.so,uams_dhx.so,uams_dhx2.so -nosavepassword

Add a line for your required shares into /etc/netatalk/AppleVolumes.default

# Time machine share
/nas/backup/timemachine "TimeMachine" cnidscheme:dbd options:usedots,upriv,tm allow:lawrence,eugene,janice

Change the folder / names / users to your own ones obviously!
If its not going to be a time machine share, remove the “,tm”

Restart Netatalk

/etc/init.d/netatalk restart

You should be able to see the share in Time Machine Preferences.
See if you can backup. If you get a failure eg “Error 2”, make sure that the folder you use has write privileges for your user, then try again.

All in all pretty painless.

Proof it works –

Screen Shot 2013-04-01 at 1.43.08 PM

Archives

Categories

Tags

PHOTOSTREAM