yippieh, we got the key to our new flat. awesome!

having sshd on default port 22 will cause a lot of ssh brute-force attacks - every sysadmin knows this nuisance. so far i used freebsd's "pf" firewall with "max-src-conn-rate" and overloading the blacklisting table. to remove the banned ips after a while i used "expiretable". so far this worked fine, but it was for ssh connections only. to also address other brute-force attacks, i tried "fail2ban", and added rules to block imaps bruteforce attacks. while doing research on the internet i came across a site that combines ip banning with reporting the ip to badips.com. so i included this one too, and now have a graphical representation of all the reported attacker ips. see it here. isn't that lovely? also notice the cool ninja in the 8-bit style logo. strangely enough, since i set this all up, there are not many brute-force attacks. what's wrong with the internetz? so far i like "fail2ban", except for it's really crappy documentation. it makes use of the power of regex to scan all kind of logfiles you feed to it. so this is really a powerful tool.

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaw, look what i got! another one of nina's awesome kitty-cat cakes! a super-delicious, self made, crumble cake with strawberry layers and a raspberry topping, with a little marzipan cat sitting on top of it - nomnomnom... thanks so much again, nina! i love those cakes