secured site

 A new redirect function has been activated on Stargate.
To prevent 404 error messages to users having found links about my old site, I decided to implement a redirection function which notifies the user-browser with a little 301 messages. A 301 Moved Permanently message will be returned to the browser including the new URL on where the original data was, and if the browser is handling this correctly, will automatically redirect the request to the local resource.
The 301 message is...  

 the timesheet module for phobos has been released. Even though it's in early stage development, most features are already available. It actually is the attempt to port the PAZE for OpenOffice from Uwe Schoeler to a Web-Based interface, by adding some lacking features due to the nature of Spreadsheets, like multi-entries per day, translations and replicate existing functionality like statistics and analysis views, dedicate pront view...  

 After some time of tweaking, I came to the conclusion to get a new router for my home-network.
Wanting to keep the old infrastructure and compatibility to my scripts etc. - I decided to go to use the RB493AH router from routerboard. It's similar to the old RB153 - however has 9 Ethernet ports (10/100), and a way faster CPU (can be configured to run at up to 800MHz, 640MHz default). It actually took me around 15Minutes this week-end to adapt the configuration (Ethernet interfaces and firew...  

 after having initiated several actions to decrease spam-level, the results have been very positive.
Despit the increased number of Bot-drones on the Internet, the spam level has decreased considerable (more than 25%). The actions taken were notably:

• Instore Greylisting
• Configure Postfix to be very restrictive in SMTP-Header and enforce Communication protocol
• make the solsys.org domain a secret-registered domain - this to prevent everyone to see my details on r...  

 SSH Access to stargate systems has been disabled. There are still methods to access the servers behind the firewall, but these will only be communicated to the granted persons.

There are simply too many ssh-brute force attack attempts going on (Average of 7/day) with peaks of 25. The old defensive techniques (self developed dynamic blacklisting) are still valid, raising the security a little higher. 

 as the rejected spam level has increased heavily in the last months - I started to investigate where my E-Mail address was published. The most common place I actually have no control over - was the Whois Data entry at the Domain registration.
However DynDns has a service called secret registration. After registering to that service - people will have to contact DynDns to actually get my details.

Nice, simple and efficie...  

 well - the SolSys systems where actually not affected. The Ubuntu LTS 6.06.1 running in here are way to old for that bug. However - as every admin should do it - I have checked all keys and not found a single vulnerable key.
So - for all of you wanting to know how I did that - I actually use a smal guideline found on the Heise pages. Sorry - german version only - however any security expert would understand...  

 some code cleanups have been performed - as some users sent me Mails about the site certificate not being valid etc. So I checked why these requests came in - and noticed that actually some public non critical links on phpPhobos were still using the LOGIN_URL variable which points to an encrypted page.

I was also told that my certificate is not valid - thus my site was not secure. Please consider that a self signed certificate is for me - by far more secure. The reason - I have written...  

 The line upgrade has worked flawlessly. DNS system has been updated too - as I could not keep my old IP-Address. Seems the Automated systems at Nefkom are not able to perform certain changes by keeping some of the old data.
Anyway - a speed test shows that we have a constant Downstream of 12MBit and 1mBit upstream - which seem to work correctly. So - outside accesses to Stargate should be even faster now. 

 Some development happened on phpPhobos. Notably a part of the Systat Module has been ported - and adapted to the new ACL schema as used inside phpPhobos. Some Bugfixes (functional) and fine-tuning was done in some of the Admin modules.