Geek Style

CCIE Secrets Revealed is an e-book from James Irwin (CCIE #9569).
He explained his success secrets is passing his CCIE exam.
The entire e-book is free to download.

For all certification geeks:

• From CCBootCamp.com
• RouterIE.com
• VoiceIE.com
• SecurityIE.com
• From LittleRack.com
• CertForum.com
• And others:
• CCStudy.com
• StudyLabs.org
• CertificationTalk.com

FYI: CCIE Global Presense

First of all, thanks to Chris Scott and Hamid Hashemi for their comments on my last post about Postfix and RBL. According to Chris, I’ve updated my RBL blocklist as follows:

relays.ordb.org
sbl.spamhaus.org
proxies.relays.monkeys.com
opm.blitzed.org
dnsbl.njabl.org
blackholes.easynet.nl
list.dsbl.org


The reason I use Postfix is its speed and configurability. It is highly configurable. I enjoy its integration with MySQL and other mailers. It can work with DRAC and SASL too. And to make the long story short, it has nothing less than all other mailers out there.
I personally do not like Qmail because of its creator, DJB (You can guess why).

During past couple of days I was working on Postfix + Mysql + Perl to make a suitable solution for hosting virtual mail domains equipped with a good web interface. Around 50% of work is done now. I made a web interface, configured postfix to read virutal domain/user information from Mysql database and also integrated a third party POP3 server into it. It is almost fine, but not done yet.
I planned to write a HOW-TO for it as soon as I finish the project. OpenWebmail is also going to be an important part of this project, for the user side.

I first tried to use PAM to unify authentication and to use pam-mysql for this reason. But I quickly figured out that most of existing programs (like qpopper) does not support PAM as they should do. So the PAM is not a good choice for authentication if you are planning to do virtual mail hosting.

Last minutes notes: Dan Langille has HOW-TO documents on postfix and virtual hosting. Very useful.

Fyodor:

We have all seen many movies like Hackers which pass off ridiculous 3D animated eye-candy scenes as hacking. So I was shocked to find that Trinity does it properly in The Matrix Reloaded. She whips out Nmap, uses it to find a vulnerable SSH server, and then proceeds to exploit it using the SSH1 CRC32 exploit from 2001. Shame on them for still being vulnerable. Congratulations to everyone who has helped make Nmap successful! And thanks to Jason Algol, Titney, and some anonymous contributors for sending pics!

More photos here.

Fyodor has published the 2003 version of security tools servey. 75 of the best network security tools has been selected by network security geeks.

My favorites are Nessus, Netcat, TCPDump, Ettercap and Network Stumbler and of course Nmap.

I was heard that there is a relation between JUNOS and FreeBSD but I have never seen a proof. So here is the proof:

John Stewart, marketing engineer for Juniper Networks, confirmed that Juniper began with FreeBSD and modified that product to fit its own requirements. The product is known as Junos. “We had to modify FreeBSD a fair amount,” he says. “We took the networking part in the Free BSD software, threw it away, and replaced it with our own specialized software. That way, we don’t have to worry about file systems and process management and all the operating features that the OS community is better at doing. We focus on adding our value to the networking part.”

Original article can be found here.

Where do you report spam? Do you report it directly to provider or you just simply ignore them?
I use SpamCop to report spam. It automatically analyzes mail header/content and reports it to provider if it is a real spam. SpamSource plug-in makes life even easier. It integrates into Microsoft Outlook 2000/XP and reports spam to spamcop with a single click.

Mail Admins:

Telnet to relay-test.mail-abuse.org or mach3.osirusoft.com from your mail server. It will get back to you with a SMTP connection and checks your mail servers for known relay problems.

I am using two servers (FreeBSD and Linux) as mail servers running postfix. They are running now for some years without any problem.

I was always thinking of setting up spam blocking and antivirus solutions on postfix, but most solutions were not the thing I really wanted. Most of the blocking solutions were not reliable enough to be implemented in a production environment. Losing even one email by mistake may cause serious troubles for my organization. It was why I did not implement one of those available softwares.
But with Postfix you can easily block emails coming from open-relays. The implementation in postfix is easy and very accurate. It has blocked 90% of spams on our network!

The trick is using Postfix’s internal UCE handling mechanism.
Jim Seymour’s page on Postfix anti-UCE is a valuable resourse in this way.
You only need to add some lines to your main.cf file and postfix checks all incoming connections against RBL servers:

smtpd_recipient_restrictions =
reject_rbl_client relays.ordb.org
reject_rbl_client sbl.spamhaus.org
reject_rbl_client proxies.relays.monkeys.com
reject_rbl_client opm.blitzed.org
reject_rbl_client dnsbl.njabl.org
reject_rbl_client blackholes.wirehub.net
reject_rbl_client list.dsbl.org
permit_mynetworks
check_sender_access hash:/usr/local/etc/postfix/sender_access
reject_unauth_destination


Done. You are now protected against 90% of spams. But don’t forget Jim Seymour’s advice:

Think about your use of DNSbl’s carefully. If you use a DNSbl to block/reject email, you are effectively giving some outside party control over your mail server. This is not *necessarily* a Bad Thing–it’s just something to keep in mind. Choose wisely.

Here is also the list of servers that I am using happily:

relays.ordb.org
sbl.spamhaus.org
proxies.relays.monkeys.com
opm.blitzed.org
dnsbl.njabl.org
blackholes.wirehub.net
list.dsbl.org


Good luck blocking spam in your network!

BlogShares is cool. Especially when you learn Ken Coar of Apache Group is one of your shareholders!
This really encourages me to write more.

Wise idea from O’Reilly to put some books online for free.
OpenBooks are out of date for most people, but still has something for others.
My favorite was Eric Raymond’s “The Cathedral and the Bazaar”.

Link: O’Reilly OpenBook