- Jan 08, 2008 by the_angry_angel
- Geek, Windows, Work and Daily HTF
If you're having trouble with networking on both the host and guest machines, and are running Microsoft Virtual Server 2005 on a broadcom network card, the chances are that you're running old drivers. Update them directly from the broadcom website and you should be good to go.
Interestingly it appears that IBM, and Dell, are still distributing installation aids with the older drivers, which cause issues in this situation.
To be relatively technical it appears that arp packets aren't responded to or sent out correctly. [1]
[1] I say this, but I have no network dumps to back this hypothesis up. At present all I have is the experience of debugging the problem and watching the ARP cache of each machine affected fill with invalid entries.
I've used fail2ban on various machines for quite some time, usually only to guard SSH. Sadly this morning I woke up to another couple of gig gone in futile trackback spamming attempts and decided to write a quick regex to cover myself as it was starting to become more than a slight annoyance.
If you're unfamiliar with fail2ban's filter conf files, then I suggest you take a look at some of the other existing files as these steps aren't exactly verbose.
I quickly crafted the following regex, and placed it into a new conf within the fail2ban filter.d directory (name however you like):
[Definition]
failregex = ^<HOST> -.*"(GET|POST) /comment.php\?type=trackback.*" [0-9]+ [0-9]+$
ignoreregex =
And then added the relevant entry to jail.local, and restarted fail2ban. Since these "attacks" (I use that word lightly) only appear to happen at the evening I've had to wait until now to see how well this works. I've since tweaked my bantime, increasing it over my default and things are looking much better.
I also took this opportunity to setup the badbots and a few other of the default filters that I've never really touched previously. They've not yet been triggered, so I may well leave them for a few days and see whether or not they're actually worth while.
- Jan 02, 2008 by the_angry_angel
- Geek, Windows, Personal, Work and Daily HTF
Able to connect, but appear not to beable to recieve any packets? Go into the properties of the VPN, go to security and untick "Require data encryption (disconnect if none)". In XP < SP3 this has always been ticked for my tunnels and I've never had a disconnection, but it appears that something in SP3 RC0 makes some behaviour change, but doesn't actually disconnect the tunnel.
I've not discovered why this happens, but this has fixed it on my main desktop and on my virtual machines. I've only had a moment to test this on a PPTP VPN at the moment, but you may find it works for L2TP/ipsec.
