Protecting ownCloud with Fail2Ban

Efficiently prevent (or at least slow down) brute-force attacks on your private cloud

Brute-force is the process of simply trying all possible username and password combinations in order to gain access to a service — finding valid credentials by force. Any publicly accessible service could become target of such assaults, with public web sites and servers on the very top of the list. This article briefly describes the security risk associated with such type of password guessing attacks, and it gives concrete guidance on possible counter-measures. While the sample refers to popular Open Source software ownCloud, the underlying concepts apply to any modern web application running on your Linux server.

Enhancing IP Network Performance with LACP

Transmit Hash Policy explained

With the advent of high-performance Ethernet network technology, such as 10 GbE and 40 GbE, more and more performance critical workloads are being migrated to such Ethernet-based IP networks. While traditionally this was the domain of (Fibre Channel based) SAN infrastructure in the past, more and more new workloads are being deployed on high-speed IP networks today. I receive an increasing number of questions on enhancing performance of solutions based on such IP networks. 10 Gb Ethernet being the de facto standard for performance critical environments today (with 40 GbE on the horizon), more and more applications exceed the bandwidth which a single link can provide. To further enhance performance in such situations multiple links can be combined into one logical connection. However, utilizing the full potential of this requires a deeper understanding of the available options. This is what I'm trying to explain in this article.