Paramecium - My personal space on the world wide web.

Why Paramecium.org?

Curious about the name? It is a fresh water protozoan but also the name of an operating system I built as part of my doctoral thesis. At the time it was a cute pun on Amoeba, a system I had worked on before I wrote my own. By the time I was no longer a starving student and decided to setup my own domain name (back in 1998) this was one of the few names that was still available.

My Infrastructure

My personal infrastructure set up is kind of complicated. I have multiple sites, each with their own 19" rack(s) and multiple Cloud VM's in different countries. The VM's are mainly used as VPN access points and/or function as web/mail server.

All of these "sites" are connected to each other through VPN's and they route IPv4 as well as IPv6 addresses. This allows me to jump onto my infrastructure anywhere in the world. Since my infrastructure is built on home network capabilities, its challenging to work around NAT-ing issues. I guess I could have gone the fully professional route and got myself ASNs but I'm trying to balance the practical and affordable. To keep my family's sanity, their networks are strictly separated from mine and operate independently, although they are reachable from my world.

My infrastructure consists of physical and virtual machines running Fedora Core, Ubuntu, Windows, MacOS and a variety of experimental OSes. Its all tied together with Kerberos, LDAP, and Kerberized encrypted NFSv4. VPN authentication is all based on certificates and depending on your origin you also have use 2FA to login. Everything is excessively logged and its fascinating to watch and analyze the various scanning/attack attempts.

Of course, like any other nerd, I run my own Asterisk PBX in a docker container and it hooks into Voip providers in different countries.

Over time I will write how-to's for each of these topics. How I run my network, how I manage my VM's, how I do authentication & LDAP, how I PXE boot my machines, including Windows from a Linux box, how I manage this infrastructure in a low-touch automated manner, etc. Stay tuned.