Aug 24 2008
On August 18th 2008, I founded Opcode Solutions Inc. Opcode Solutions is based in Montreal and helps enterprises build, enhance and maintain mission-critical Java applications. Corporative website is under construction.
Aug 04 2008
I am currently looking for work. Here is my CV. Sorry, it is in french; the english version will come soon.
Mar 14 2008
If you are like me and you have a server with ssh port opened to the internet, you probably know that many crackers regularly attempt to gain access to your server. For me, there are on average 4 to 6 attacks from different IPs each day on my ssh port. I’ve seen automated brute force attacks last for several hours before giving up. This is annoying because it uses bandwidth and also because every time an attempt is made, it is written in the auth.log file and my hard disk is actually a little noisy.
While I know it is very improbable that a cracker would successfully brute force my passwords (because they are not trivial at all), I still wanted to do something about it. I searched and found DenyHosts. DenyHosts is a python script that will run as a daemon and will monitor in real-time the ssh log file (/var/log/auth.log on Debian) to find attacks. When an attack is found, it will be blocked by adding the IP to the hosts.deny file for ssh only.
To install it on Debian:
# apt-get install denyhosts
An interesting feature is that it can download a list of IP from a central database that are known to be crackers so those will actually be blocked before the cracker even does a first attempt. If you wish, the script can also automatically contribute to that list by uploading IPs that attempted to crack your server. There are other nice config options like the number of attempts before the IP is flagged as a cracker, the number of days that the IP will remain blocked, etc.
To change the configuration:
# vi /etc/denyhosts.conf
Then restart it:
# /etc/init.d/denyhosts stop# /etc/init.d/denyhosts start
As soon as I installed it, it started to block crackers and my hears had a little break. After few weeks with it, it also reduced the size of the auth.log file quite a lot. This is a sample of a deny.hosts file with entries added by DenyHosts:
# DenyHosts: Mon Mar 10 01:52:13 2008 | sshd: 200.25.207.210 sshd: 200.25.207.210 # DenyHosts: Mon Mar 10 02:17:16 2008 | sshd: 200.13.255.32 sshd: 200.13.255.32 # DenyHosts: Mon Mar 10 14:47:45 2008 | sshd: 190.144.140.83 sshd: 190.144.140.83
Mar 14 2008
I was pleasantly surprised the other day when I realized that when I type my full name in Google, Jonathan Demers, the first result now points to this site. For sure this is good because it gives me more visibility. However, this also means that any employer doing a simple Google search on me will easily find my site and forge his opinion according to it. I guess I’ll have to be careful about what I write here. Anyways, still good stuff for me. Thank you Google.
Feb 11 2008
 |
Yes, me too, I admit it, I wrote a Sudoku solver. It is written in Java and it uses brute force with optimized guessing. It is pretty fast, it will solve any Sudoku in few milliseconds. It will also tell you if your sudoku does not have any solution or if it has more than one solution. Here it is: Good Camel’s Sudoku Solver! Enjoy!! |