When people need to download their emails using IMAP,
fetchmail is probably the first
package that comes to mind. Fetchmail works very well, but there’s still a
problem: What to do if you have more than one client accessing the same
IMAP server, say a desktop at home and a laptop on the road?
I lived with this dilemma for a long time, until I finally found
Unlike fetchmail, offlineimap is an IMAP “synchronizer”. Instead of
downloading emails, it creates a “local copy” (using Maildir) of your remote
IMAP mailboxes. When a message arrives at the server, offlineimap downloads
the message to your local computer. If you delete a message locally,
offlineimap deletes the message from the IMAP server, and so forth.
I’ve been using offlineimap for a long time now, and aside from some minor
problems (nothing serious, really), I couldn’t be happier. I definitely
recommend it to anyone who needs to access a central email repository from
more than one computer.
Keywords: Daily Debian, offlineimap, imap, synchronizer, sync
Tracing network routing problems is a common task in the life of a
typical systems administrator. The “canonical” tool for this job is
is part of the default Debian installation. Traceroute follows the good
old Unix philosophy: Do your job (and only your job), and do it well. It
runs, prints the route, and quits. But what if you need a constant
visualization of the path to a server, including latency figures? That’s
where mtr enters the scene.
MTR displays the route to a given host in real-time, updating the figures
every second. The constantly updated display makes it easier to spot
intermittent routing problems. MTR uses ncurses to provide a full screen
display, but it can also use GTK+, if running under X.
Keywords: Daily debian, mtr, traceroute, networking, routing
Iftop is a “top” like tool that reports network usage instead of CPU
usage. Unlike most other tools, iftop provides a clear and practical curses
interfaces with the bandwidth utilization broken down by host/port. It also
shows your traffic averages over the last 2, 10 and 40 seconds, as well as
Iftop is definitely one of those programs wish you had known earlier.
Iftop can be found at
Keywords: Debian Daily, ntop, top, linux, network, ethernet
Most people these days use SSH to provide remote access to their servers.
Many times, however, you don’t want to give your users full shell access
to your system; all they really need is to transfer files and change
permissions. If you find yourself in this situation, then scponly may be for
With scponly your users can use SCP, SFTP, WinSCP and other similar programs
to copy files in and out of the system, but cannot use SSH to get a system
prompt. Scponly can also be configured as a chrooted environment, effectively
confining your users to their home directories.
Scponly can be found at
Keywords: Debian Daily, scponly, security, ssh, scp, sftp, winscp
I finally got tired of all the script-kiddies trying to guess my root and
other common user passwords by brute force attack. Even though I have SSH
configured to allow only a few selected users to login, their brute force
attempts create some quite large syslog files in my system.
I went around looking for a portknocker, but since many times we’re behind
restrictive firewalls, it becomes impossible to remotely “open” SSH to your
current IP address.
I then decided to write something myself, and
webknock is the result of it.
Webknock is a Perl program that sits idly in the background monitoring your
apache “access” logfile. Once a pre-determined sequence is hit, it executes
a configurable command, with the calling IP as an argument. A popular choice
here would be “iptables”, allowing access to your current IP.
After a pre-determined (but configurable) amount of time, another command is
executed, this time “closing” access to the previously used IP address.
Note that this is only useful if you already have Apache running in your
server, and port 80 or 443 can be accessed from anywhere in the net (my
case). Also, no modifications are required to the Apache configuration.
You can Download Webknock Here.
Documentation is available by executing “perldoc webknock”. Webknock
is free software, available under the terms of the
Gnu General Public License (GPL).
Keywords: webknock, apache, port knocking, port knocker