How to setup iptables firewall effortlessly using ‘recent’ triggering and ipset

In this article are shown example instructions for a simple firewall disallowing new connections if the remote host initiates a connection too often. This is especially the case with SSH brute force attacks. Most administrators know the feeling of annoyance when they look at the system security logs and notice the enormous amounts of failed SSH logins.  What makes the described solution effortless is that there is no need to install and configure a separate log watcher daemon – just bring in some firewall rules. The setup might be most useful in the context of security-sensitive hosts where additional security measures would be justified, even more so if, for some reason, strong (e.g. key based) authentication can’t be used. Read the article over at Upcloud here .

The DNS Camel

This led me to propose a last-minute talk to the DNSOP Working Group, which I tentatively called ‘ The DNS Camel, or, how many features can we add to this protocol before it breaks ’. This ended up on the agenda as ‘The DNS Camel’ (with no further explanation), which intrigued everyone greatly. I want to thank DNSOP chairs Suzanne and Tim for accommodating my talk, which was submitted at the last moment!

Troubleshooting VoIP

  sngrep is a tool for displaying SIP calls message flows from terminal. It supports live capture to display realtime SIP packets and can also be used as PCAP viewer.

16 Steps to Securing Your Data (and Life)

Attackers look for the path of least resistance. Recently, that path has shifted from enterprise networks to you and your devices for two reasons. First, as we have built more secure software and systems, it has made it harder to attack enterprise networks. At the same time, we have started to access more sensitive information, both personal and professional, on our phones. Read the article here .

Aricles on Linked by Ronald Bartels on SD-WAN use cases

SD-WAN use cases: Work from home SD-WAN use cases: Kiosk SD-WAN use cases: Network and traffic visualization   SD-WAN use cases: Cloud acceleration SD-WAN use cases: Threat management SD-WAN use cases: Disaster recovery   SD-WAN use cases: 100% uptime on last mile SD-WAN use cases: Centralized firewalls SD-WAN use cases: MPLS migration

16 Minutes #53 Anatomy of a Hack: SolarWinds and Ripples Beyond

 In this special “3x”-long episode of our (otherwise shortform) news analysis show 16 Minutes — past such 2-3X explainer episodes have covered section 230 , Tiktok , GPT-3 , the opioid crisis , more — we cover the SolarWinds hack , one of the largest (if not the largest!) publicly known hacks of all time… and the ripple effects are only now starting to be revealed. Just this week, the U.S. Cybersecurity and Infrastructure Security Agency shared ( as reported in the Wall Street Journal) that approximately 30% of both private-sector and government victims linked to the hack had no direct connection to SolarWinds. So who was compromised, do they even know, can they even know?!