Showing headlines posted by topdog

Bonding allows you to aggregate multiple ports, providing redundancy, fault tolerance and load balancing. There are various types of bonding available but i will show how to bond in mode 1 which is active-backup. If your interested in the other available types please refer to the documentation. In this setup i have two connections to different switches in case one fails the other takes over and services are not disrupted.

Most people use TunnelBrick to setup OpenVPN client connections on Mac OSX, i prefer using the command line. To get OpenVPN up and running off the command line is a simple process. The commands below need to be run as a privileged user if your root account is not enabled use sudo to run the commands.

The Microsoft translator provides an API that you can use for automated translation. It currently supports about 39 languages. True to the nature of open source I found that someone had already written a python wrapper to the API. I extended the wrapper to use the requests and pofile packages.

Strongswan release 5.0.1 includes a XAuth PAM plugin which requests username/password XAuth credentials and verifies them against Pluggable Authentication Modules (PAM). This plugin is not enabled by default to enable it you need to add the following to your ./configure options

I previously wrote about setting up split tunneling on Strongswan using the attr-sql plugin. With the release of Strongswan 5.0.1 it is no longer the only way to support split tunneling. Strongswan 5.0.1 introduces the unity plugin which allows for the configuration of split tunneling either using a charon option or using the attr plugin which is enabled by default.

The Mac OSX IPSEC VPN client setup via "System preferences" only supports IPSEC/XAUTH and IPSEC/L2TP both of which give you a different IP address for your tunnel interface. System preferences on the backend uses Racoon so it is possible via the command line to setup a pure IPSEC connection.

The Debian and Ubuntu MailScanner packages have not been maintained for a long time. Recently both distributions dropped support for MailScanner within their repo's.

The Baruwa project provides up to date deb packages for both distributions.

In my previous post i described how to setup an IPSEC VPN for use with Iphone, Ipad and Mac OSX IPSEC VPN clients.

This post describes how to enable split tunneling which is supported by the Mac OSX IPSEC client. Although split tunneling is considered insecure there are cases where it is ideal to run split tunnels.

The scenario for this post is that you are connected to a LAN (10.128.0.0/24) with internet access via a gateway on the LAN, you want to connect to a different network 192.168.1.0/24 which is only accessible via VPN, but you want to retain access to resources on the LAN while accessing the remote 192.168.1.0/24 network.

I have just open sourced the source code to Baruwa 2.0 on Github. Baruwa 2.0 is a ground up rewrite of Baruwa which adds lots of new features.

This howto describes setting up an IPSEC VPN for use with the Iphone, Ipad and Mac OSX VPN clients on Centos/RHEL 6. I am using the 5.x branch of Strongswan which is now the mainline actively maintained branch.

Next in our series of Python modules you should know is PyGPGME. This package lets you sign, verify, encrypt and decrypt messages using the OpenPGP format. It is built on top of the GNU Privacy Guard and the GPGME library.

I previously wrote about how to block domains named in the ISPA Spam Hall of Shame using DNSBL at SMTP time, these domains have now resorted to using 3rd party senders to try and get their Junk through. Because they are using 3rd party senders the envelope from address is no longer the one that is listed on the hall of shame. In this post i will describe how you can catch the mail that has slipped through your SMTP DNSBL checks.

Next in our series of Python modules you should know is pydkim. This package is used to sign and verify email according to the DKIM standards from within Python programs.

Next in our series of Python modules you should know is dnspython. This package is a DNS toolkit, you can use it to perform DNS queries, Zone transfers and Dynamic Updates in Python programs.

Next in our series of Python modules you should know is IPy. This package is used to manipulate IPv4 and IPv6 addresses in Python programs.

Next in our series of Python modules you should know is PyClamd. This package is used integrate Clamav Virus detection in Python programs.

Next in our series of Python modules you should know is Pwtools. The package is used to generate and test passwords in Python programs.

Next in our series of Python modules you should know is SlimIt. I previously wrote about the minification of CSS files, the Slimit package is used for minification of Javascript files.

Next in our series of Python modules you should know is cssmin. Minification has recently gained prominence in the web 2.0 world due to the need to optimize web application performance.

The cssmin package is used to minify css files.

Next in our series of Python modules you should know is bcrypt. I previously wrote about the passlib package which you can use to manage passwords, in some cases a fully featured password management package is not what you want. The bcrypt package is small and allows you to manage passwords using OpenBSD's BCrypt hashing scheme. It is in fact used by passlib in the background to handle BCrypt hashes.