Category: Server


Virtual once more: VPN

Remote access to servers should be secure. I guess we all agree on that.
Still there sometimes is no way around potentially insecure services like Remote Desktop or VNC. Or maybe you have servers that are not publicly accessible, because they are hidden behind a second firewall.

In order to both secure potentially insecure services and allow access to otherwise inaccessible servers you can use a Virtual Private Network, or VPN.

First of all I want to say that I think there are too many different implementations of VPNs out there. Windows seems to favor PPTP as it’s way to connect to VPNs. Aside from that there is L2TP, IPSec, OpenVPN and, if you want to count it as VPN, tunneling through SSH. And possibly a few more nobody really cares about.
Thus, when being given the opportunity to use such an encrypted connection the first question has to be what kind of VPN it actually is, because there is no one-size-fits-all configuration.
With IPSec being part of IPv6, and not just glued on top as in IPv4, there is hope, albeit little, that maybe, and just maybe, IPSec may establish itself as “the one VPN solution”.

Continue reading

Working as a Network Administrator I, sadly, also have to deal with Windows servers. While this is bad enough in itself this article is not written as a way to rant about my general dislike of Windows, or even the lack of security often attributed to the Windows operating system.

This article, as the title states, tries to explain why I think that using Windows as a web server is an outrageously stupid idea.

Websites nowadays are not only tools where individuals and organizations present themselves, they are not pure advertising anymore, but often enough part of the product. But even when they are purely informational, no matter of what kind this information may be, they play a valuable part in corporate strategy. For this reason a website has to be available 25 hours a day, 8 days a week.

Continue reading

screen is a very useful tool. It enables you to run tasks in the background without actually sending them to the background.
What this means it that you do not have the annoying side-effects of sending a process to the background using myterriblylongrunningprogram &, but you get a complete session that you can disconnect from and it will keep happily working away.

Now the problem with screen is that it opens the possibility to circumvent authentication.
Continue reading

A while ago these two articles popped up in my Google Reader, and I figured I should keep them so I wouldn’t forget to blog about this.
The Perfect Server – Fedora 14 x86_64 [ISPConfig 2]
The Perfect Server – Fedora 14 x86_64 [ISPConfig 3]

I like Fedora. It’s the system that runs my desktop and my notebook, but, quite honestly, I wouldn’t consider using it for a server and there is a very simple reason for that: support time.

Continue reading