A few days ago we unfortunately had some abuse reports regarding customers with DNS resolvers being abused in order to participate in a distributed denial of service attack. Amongst other issues, DNS servers which are misconfigured to allow arbitrary hosts to do recursive queries through them can be used by attackers to launch an amplified [...]
I’m needing to work out the IPv6 reverse zone for a given IPv6 CIDR prefix, that is a prefix with number of bits in the network on the end after a forward slash. e.g.: 2001:ba8:1f1:f004::/64 → 4.0.0.f.1.f.1.0.8.a.b.0.1.0.0.2.ip6.arpa 4:2::/32 → 2.0.0.0.4.0.0.0.ip6.arpa 2001:ba8:1f1:400::/56 → 0.0.4.0.1.f.1.0.8.a.b.0.1.0.0.2.ip6.arpa I had a quick look for a module that does it, but [...]
By default, a Linux host on an IPv6 network will listen for and solicit router advertisements in order to choose an IPv6 address for itself and to set up its default route. This is referred to as stateless address autoconfiguration (SLAAC). If you don’t want a host to automatically configure an address and route then [...]
The saga so far I have a phone line from BT. I only use it for ADSL (which I get from Zen Internet). I gave my email address to BT because they offered to tell me useful things about my account via email. I now wish I had never done this. I use extension addresses [...]
I had an interesting support ticket yesterday. Someone was trying to do an apt-get update via BitFolk‘s apt cache and was ending up connecting to 2607:f0d0:1003:85::c40a:2942, where it was failing to update. This is not a BitFolk IPv6 address, nor is it the IPv6 address of a Debian mirror. Where was it coming from? I’d [...]
Recently it came to my attention that many of BitFolk‘s customers were finding our Cacti install confusing. The main problem was that upon logging in they were confronted with the default graph view – the “Tree View” – and they didn’t understand where they might find the relevant graphs within this tree. Experienced Cacti users [...]
I’ve been wondering what the downsides are with StartCom’s free SSL certificates. At the moment those seem to be: You can only renew them for 1 year – could be tedious if you have lots of them. Windows XP users need to have installed at least Service Pack 2 to have the CA. Blackberry and [...]
I’ve been following a thread on NANOG about why the first versions of the Internet Protocol supported only a maximum of 256 different networks. Back then, every organisation on the fledgling Internet got a range of IP addresses starting with a digit 0-255 and used the next three digits to number their hosts. eg. 192.168.3.4. [...]
BitFolk