Technical Update

Current Services

Now my internet connection is quite fast, as I am wired into my university’s network. However, my incoming port 80 (http) is blocked, as is my incoming and outgoing port 25 (smtp). Given that I own my own domains and more specifically the email to them, smtp service is quite important to me. Malice lives at a friend’s house, and relays mail in and out of my home via a non-standard port (powered by qmail). At the moment, only two websites of any content exist in my domain space, those are EGBT (powered by vBulletin & MySQL) and this blog (powered by Moveable Type & MySQL); these both run on malice, which I believe is connected upstream by a 6/2 dsl line. Nameservice to the domains is provided by technics (master) and malice (slave); malice is the ‘primary’ in the whois records.

On technics, my gateway/server at home, sendmail acts as MTA, relaying outgoing mail to qmail on malice, and receiving mail which is delivered to the imap/imaps server (powered by Cyrus). I use Apple’s ‘mail’ client as my primary email client, regularly falling back on Horde/Imp, which runs on a small httpd process on technics, and is only available via https.


Planned Services

This is what I’m moving towards, this will replace all current services

email – Primary MX will be a hosting company that has a satisfactory implementation of greylisting, because that’s just damn cool tech. Most email will be hosted by same company, and accessed via imap over ssl. One account, and possibly more, receive mostly large (>100k) files, so they will forward on to a small email server hosted at my house, for speedy access.

web

  • egbt.us will remain in perpetuity, or at least as long as it has traffic. I would like to shift the paradigm of the community into something new, but it is low on the priority list. It will continue to run vbulletin until such time as I find software that will serve the group’s needs better.
  • crcon.net will host my resume, source code, technical information, and other professional / real-life stuff.
  • fryballs.net will continue to exist, since it’s only $8/yr to keep it, but will probably not have any webservice to speak of in the future.
  • kaigen.us will be my new baby. This domain will host my blog, of which there will be two versions. The first (and default) version, will be the standard fare, my comments on tech, politics, science, etc.. The second version will include entries that are hidden by default. These entries will be blunt and blatant truth about my life. On occasion I find myself distorting or obscuring the truth in my communications with others. Most of the time this is unintentional, and it is almost always benign, but I endeavor to become a more straightforward person, so I would like to use this as a device to practice complete honesty in my life, and I’m hoping that it will spill over into my meatspace (I love that word) relations.
    In addition, I plan to start a small community site for friends old & new to socialize with respect to personal development and such. ( From WWWJDIC, kaigen【かいげん】: 改元 (n) change of era;
    戒厳 (n) martial law;
    開眼 (n,vs) enlightenment; spiritual awakening; opening one’s eyes to the truth )

  • mail.something will be webmail for all the domains, and will only run over ssl. I will have a hosted installation of SquirrelMail or Horde/IMP, possibly both, for email access when not using one of my machines. The main decision making factor will be gpg support. I’ve used both of these applications for webmail in the past, and I’m equally happy with both of them. It is, however, important to me that I be able to send encrypted email from anywhere.

network – I will break the home network into separate networks, for security. Since I have two cable modems (and so effectively two internet connections), I will have one connection in a public network which will contain the 802.11b wireless (open wap, no wep) and other untrusted/unimportant traffic like P2P. The other connection will pass through technics, reconfigured as an OpenBSD firewall (pf gives me a big rubbery one), and into a cisco layer 3 switch. I will have a few different networks inside, one for the 802.11b/g wireless and untrusted internal clients, which will be secured as much as it can be, but still ultimately ‘untrusted’, one for the servers, and another for the known internal clients.

LDAP – I would like to have an OpenLDAP implementation, integrating with the local servers, radius for the networking gear, etc.. Single-signon is just plain sweet. If I can integrate it with all the various pieces of software I use, that would be dead sexy.

ns – This won’t really change, but I’d like to set up dynamic dns, so that when I’m roaming with my laptop, it will automatically update the ns records, so something like sente.kaigen.us will resolve to my laptop if I’m online. I can imagine uses for it, but actually I want to do it because it’s reet.


Currently Implemented Assets:

Home:

  • technics – P3/512MB/20GB running Fedora; services include ns, https, smtp, imap(s), dhcp, NAT/firewalling via iptables
  • melchior – P3/512MB/~700GB running Debian; runs smb for network file sharing and has video out to TV
  • koto – P4/1GB/120GB running XP Pro, desktop for administration, coding, gaming
  • senteG4/512MB/60GB running OSX.3, laptop for administration, coding, email, web, mobile access, etc.
  • netgear MR814 802.11b wireless router (w00t-B)
  • netgear WG602v2 802.11b/g wireless access point (w00t-G)
  • netgear 10/100 unmanaged 8 port switch
  • (2) toshiba cable modems, running into technics and the MR814

Offsite:

  • malice – P3/512MB/80GB running OpenBSD; services http, smtp
  • gina – K6/1GB/40GB running Fedora, status unknown; service counter-strike

Domains:

  • crcon.net – main public domain, work email goes here. No web service.
  • fryballs.net – legacy domain, kept for nostalgia
  • egbt.us – domain for video gaming clan cum online community
  • kaigen.us – newest domain, will be used for future projects, both technical and personal


This list is more for my own record keeping than your amusement, but if you find it amusing, send me an email or comment and let me know. ;]

Leave a Reply