Updated to newest 3.1 alpha

Posted on July 29, 2010 by shinji

I’ve updated to the new one. Let me know of any issue. :p

Posted in Uncategorized | Leave a comment

Server Configuration and updates

Posted on July 15, 2010 by shinji

I finally got pretty much everything going.  I’m using certificates from CA Cert which is very reliable.  Unfortunately you will need to install their root ca certificate to validate them.  You can get it at http://www.cacert.org.

The only other thing is that opera complains that the server does not support tls renegotiation.  This is due to a vulnerability in openssl.  Ubuntu is working on it still so hopefully I will be able to re-enable it later.

Here are a few things I am working on for the future:

  • SNI – Server Name Indication
    Would facilitate the ability to have name-based SSL that isn’t reliant on one SSL per IP.  I’m working around the limit of not using it by using wildcard certs instead but that’s still one IP per domain.
  • Multi-homed virtual servers (non-ssl only)
    Basically assign multiple ips to the same server address.  Probably not going to happen but an idea none the less.
  • IRC server
    I already had it setup once.  Just need to do it again.  Note that this server is not connected to a network.  It is private and isolated.  Offenders will be strictly dealt with.
  • Other potential background servers…

Reference:

http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-3555.html

http://www.ubuntu.com/usn/USN-860-1

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555

Posted in Uncategorized | Leave a comment

Welcome to the Elite Systems Minefield Blog

Posted on July 9, 2010 by shinji

This is a “minefield” server.  This means things can change and/or break at any time.  I will try my best to not break anything though now that I have gotten everything working exactly as it should.

Please note that I did discover a mis-configuration in regards to outgoing mail.  It should of had a return path that redirected to the fully qualified domain name server address but instead it showed just the basic hostname.  I’ve resolved that so the sender policy framework check passes.  I’ll also make it so that email does come back to somewhere for that domain eventually. :p

Posted in Uncategorized | Leave a comment

Hello world!

Posted on July 9, 2010 by shinji

Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!

Posted in Uncategorized | 1 Comment