### Tek's Domain

#<NTA:NnT:SSrgS:H6.6-198:W200-90.72:CBWg>

# Narration for Posts, for You!

2022-01-08 5 min read Unable to load comment count

If you’ve clicked on this post itself, you’ll notice there’s a sound file at the top. That’s because if you click it, or hit the P key, you’ll hear… me, reading this! I’m working on adding this to old posts one by one, so you might see that popping up eventually. But, partially for accessibility, and partially just to make these sort of ramblings easier to take in while only half paying attention or just doing something else entirely, I’m putting audio narration on every post here that I can.

# Fail2Ban Behind a Reverse Proxy: The Almost-Correct Way

2022-01-07 7 min read Unable to load comment count

Fail2Ban is a wonderful tool for managing failed authentication or usage attempts for anything public facing. However, by default, it’s not without it’s drawbacks: Fail2Ban uses iptables to manage it’s bans, inserting a --reject-with icmp-port-unreachable rule for each banned host. The thing with this is that I use a fairly large amount of reverse-proxying on this network to handle things like TLS termination and just general upper-layer routing. Since it’s the proxy that’s accepting the client connections, the actual server host, even if its logging system understands what’s happening (say, with PROXY protocol) and logs the real client’s IP address, even if Fail2Ban puts that IP into the iptables rules, since that’s not the connecting IP, it means nothing. What I really need is some way for Fail2Ban to manage it’s ban list, effectively, remotely. Luckily, it’s not that hard to change it to do something like that, with a little fiddling.

# AbuseIPDB Checking With Postfix

2021-12-31 12 min read Unable to load comment count
Updated Dec 31, 2021

So if you’ve not heard, there’s this website called AbuseIPDB, which, no affiliation, is a website where webmasters can submit reports of abusive IP addresses, and then query those reports, either manually, or using their REST API. And this is how I did exactly that, to help cut down some of the spam on my email server. Let’s get started.

# What Exactly Is Federation, Anyways?

2021-07-03 7 min read Unable to load comment count

Federation, the driving name behind decentralized and self-hosted software. But what is ‘federation,’ really? Well, there’s the really complex answer, and the simple answer. The simple answer is that federation is when multiple unrelated instances of a piece of software are capable of communicating and sharing between one another. The long answer, well, if you want to see that, then…

# OTR: Encrypted Instant Messaging

2021-06-30 9 min read Unable to load comment count

Yes, for once, I have not just some app for secure messaging, this time, it’s a protocol. OTR, or Off-the-Record Messaging, is a protocol for establishing end-to-end encrypted messaging between two participants over a standard instant messaging channel like IRC or XMPP (Jabber). It also allows for deniable authentication, where during the conversation you can be assured that only you two are talking, but after the conversation, there is no way for an outside third party to 100% prove you talked, since it’s theoretically possible for an attacker to have forged the communications record. It’s complicated, but not too hard to wrap your head around.

# WebDAV Explained: Filesystems Over HTTP

2021-06-25 6 min read Unable to load comment count

So I take it some people reading this are familiar with what I’ll call a ‘remote filesystem protocol’ like NFS, SMB, or AFP. Well, did you know there’s one that’s found use in a few places and you’ve maybe heard of once or twice, and really… well, doesn’t sound like it should make any sense? Welcome to WebDAV. The remote filesystem that runs over HTTP.

# IRC Is an Insanely Simple Protocol

2021-06-23 5 min read Unable to load comment count

This is where I’d usually make some joke about “if you remember, back in the day…” but… given how Freenode and Libera have been in the news recently for Freenode’s rather hostile takeover (and suicide), You probably know what IRC is. So. IRC, or Internet Relay Chat, is a really old (as in, 1988) protocol for text-based communications between users on a network. And the cool part is, it’s so simple that it’s almost funny. Like, let’s take a look. You could actually, with only a few minutes of reading, just enter raw IRC protocol lines by hand and have a perfectly valid and functional session.

# Matrix: Decentralized, Federated Chat

2021-06-21 10 min read Unable to load comment count

Do you like secure chat apps? but actually secure, not like Telegram? And end-to-end encrypted, if selected? And ones that support sending media, and files, and even voice and video calls? And completely decentralized meaning you don’t need to rely on any one company or any one third-party server?

Well do I have a deal for you: Matrix.

# Giving My Sitemap Some Style

2021-03-03 6 min read Unable to load comment count

Now I know I’ve talked about sitemap.xml before, but quick summary: that’s an XML file that has a list of every (public) URL on your site, to make it easier for crawlers to index your entire site since that list (or, map) lays it out. Well as an XML file, it can take XML style sheets, in a format called XSLT, short for XSL Transformations, short for eXtensible Stylesheet Language. Yes, it’s XML all the way down. But, if you’ve looked at my sitemap, you’ll see I’ve gone and done it. This is how.