Viewing posts by Arty Caiado
Logwatch is a useful utility to parse your log files and get emailed a somewhat concise report. I'll add a page about configuring it at a later date, but here is an example of the type of information you get. You see a lot of people trying to brute force ssh, which luckily fail2ban kicks off pretty quickly and root login is not permitted via ssh so those attempts are in vain anyway. Also seems like a lot of people trying to connect to exim, probably trying to send spam via my server. Reverse DNS shows domains from Russia, Australia, China, Germany and Italy. Anyway, this type of stuff is normal for any server with a public address. You can also parse out some of the biggest offenders and block them in your firewall. You can also contact their ISP but they typically don't really bother with this or care. Especially when the attempt is international or you're just a regular guy like me reporting it.
Randomly, I find my content mysteriously changing, and I'm wondering when, why and how the content changed. Seems to happen on my photoblog.
We have a folder /backups on your server that you want to syncronize to an AWS S3 Storage bucket. First thing is first, we'll want to install the aws command line tools. I'll use python virtual environments specific to functions or django webapps, etc. So first, create a virtualenv and source it (if it's successfully created using &&).
So, anyone that's had a server online with a public IP will know that there are a lot of people out there that will flood you with malicious requests almost immediately. People with malicious intent will put together scripts that scan public network addresses and attempt to exploit known services, or brute force them. Usually looking at the logs of attempts to brute force ssh, I see patterns that are obvious usernames from some db of common usernames. (Note to self, update listening port for ssh from default 22.)
Use openssl to first generate an ssl key if you don't already have one to create the request for. We'll make it a 2048-bit rsa key in this case.