Recently in Announcements Category
This is to users to ssh to gigo.com.
Last year, I enabled countermeasures to help keep the SSH hack attempts against gigo.com down to a minimum. We automatically block the IP address of systems trying to log in to gigo.com and repeatedly failing.
The problems are getting worse; as such I'm making these changes:
- Attempts to log in as a valid ID: unchanged; 10 attempts and you're banned 15 minutes
- Unknown accounts and daemon accounts: immediately blocked for 150 minutes
If you log in from another account with a different account name, make sure that you always remember to specify your gigo.com account name (correctly!) or the machine you are connecting from will be blocked for everything but the web server, for 150 minutes. If this regularly affects you, I *can* whitelist specific IP addresses to be immune to this behavior.
This blog will have a green header if you're visiting from ipv4, and a blue header from ipv6.
I've made some changes on the system; more are coming. Specifically so far:
- goat.gigo.com is now accessible on ipv6.
- irc.gigo.com is now accessible on ipv6.
- mail primary MX is on ipv6; secondaries will be soon.
- I changed from djbdns to bind. Lemme know if you see anything funky. If you edit zones here on gigo.com, I'll only install them if it passes a basic "will it load" test (using named-checkzone).
- ns3 and ns4.gigo.com are deprecated; they are currently aliased to ns1.gigo.com
- I'm not publishing IPv6 NS records - waiting for word on whether I can get "glue" records published to .com for that.
I'm in the process of simplifying my DNS setup. I'm reducing the number of DNS servers I maintain down to two. Most of the domains are hosted by me for web/email as well - and if the host is down, the DNS isn't gonna matter quite so much. If *.gigo.com servers are hosting your dns domain, please update your domains to point at these two name servers:
- ns1.gigo.com (Located in Fremont, CA using HE.NET)
- ns2.gigo.com (Located in Sacramento, CA using CWO.COM)
I will still keep ns3 and ns4 around, but they won't be unique from the first two.
