For those wondering why I have such a low postcount the past few months, I was ill for a week twice, I’ve had holidays, and furthermore, I do a lot of webdevelopment using the Zend Framework (</spam)
I recently bought myself a new server which fit easily in the meter cupboard that I’m now using as a gateway. The specs are a AMD Athlon 64 X2,BE-2400, Socket AM2 (35 Watt), 2x Seagate Barracuda 320 Gb configured in software-raid, MSI K9AGM3-F motherboard and 4 Gb Kingston DDR2 PC5300 @667 MHz RAM. This server – especially due to the low-power cpu – consumes when idling only 65 Watt 
I currently use it mostly/mainly for web-caching and proxying, as well as NAT-firewall. Because I do not use it for many other purposes, it wouldn’t be that much of a problem if something happened to it. Guess what, it happened 
There was a user configured who had a password that was the same as the username, while ssh running on port 22. Weird he, that someone guessed it After a couple of hours I discovered an unwanted user, who ran an irc server (I discovered an open port a minute after it was opened), and was able to lock the unwanted visitor out. New lesson: Make sure a user is simply not able to have a password that equals the username.
For anyone interested I suffixed my iptables-config that I use for proxying/masquerading.
(more…)