Displaying 20 results from an estimated 900 matches for "bans".
Did you mean:
band
2009 Jul 31
0
CTDB Node unnecessarily banning other nodes
.../07/29 23:23:37.748263 [22371]: self ban - lowering our election
priority
2009/07/29 23:23:37.748503 [22275]: This node has been banned - forcing
freeze and recovery
Now other nodes part of CTDB cluster receives the ban message, but even
though the ID does not belong to its CURRENT ID, other nodes bans itself and
goes into recovery mode. I guess this is not supposed to happen?
node2 (should not ban itself):
2009/07/29 23:23:37.748659 [19905]: Got a ban request for pnn:0 but our pnn
is 1. Ignoring ban request
2009/07/29 23:23:37.748994 [19776]: This node has been banned - forcing
freeze and reco...
2019 Aug 05
4
[OT] odd network question
...d file to a web-server and block the bad IP
> addresses completely from my network. I like this as if a system is
> brute-forcing my SSH server, I can now block it from all resources on the
> network, and stop the attempts even reaching the internal hosts.
I've found the default 10min bans hardly bother some attackers.
So I've added the "recidive" feature of fail2ban. After the
second 10min ban, the attacker is blocked for 1 week.
jon
--
Jon H. LaBadie jon at jgcomp.com
11226 South Shore Rd. (703) 787-0688 (H)
Reston, VA 20190...
2019 Apr 19
2
faI2ban detecting and banning but nothing happens
On Friday 19 April 2019 15:19:26 Pete Biggs wrote:
> > I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested
> > on another page:
>
> The standard exim.conf already has a 535 filter. Was that not working
> for you?
I was following the instructions as shown on the page. I did find after
sending my post that there was already a regex in the standard
2019 Aug 05
2
[OT] odd network question
On 05/08/2019 09:18, Pete Biggs wrote:
>> I've found the default 10min bans hardly bother some attackers.
>> So I've added the "recidive" feature of fail2ban. After the
>> second 10min ban, the attacker is blocked for 1 week.
>>
> Oh definitely. My systems are set to "3 bans and you're out" - a
> recidive ban is permanen...
2012 Mar 01
9
Banned web site / banned topic ?
Why are you replacing known spammers with these "banned" strings ?
This forbids anti-spam filters & programs to do their jobs properly.
2019 Apr 19
4
faI2ban detecting and banning but nothing happens
I've followed one of the pages on line specifically for installing fail2ban on
Centos 7 and all looks fine.
I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested on
another page:
\[<HOST>\]: 535 Incorrect authentication data
which appears to be successfully matchnig lines in /var/log/exim/mail.log such
as
2019-04-19 13:06:10 dovecot_plain
2001 Sep 25
61
Report to Recipient(s)
Incident Information:-
Originator: "G Lalithambika"<lalithambika@mumbai.tcs.co.in>
Recipients: samba@samba.org
Subject: FOCHAP06
WARNING: The file FOCHAP06.DOC.pif you received was infected with the
W32/SirCam@MM virus. The file attachment was not successfully cleaned.
2009 Mar 22
4
Requesting unban from irc channel
man_in_shack banned me during a casual conversation where i was explaining my dual x server wine setup, saying I was contradicting myself. I obviously wasn't trying to contradict myself, if I did, and I don't see how this is ban-worthy under any circumstance.
2019 Apr 26
2
faI2ban detecting and banning but nothing happens
On Saturday 20 April 2019 00:32:43 Pete Biggs wrote:
> What ban action do you use? If it's something like iptables-multiport,
> then I wonder if the fact that it's detecting the failures as
> '[dovecot]' means that it's using the dovecot ports, not the exim
> ports, when applying the iptable rule.
>
> When a host has been banned, can you look at the
2019 Apr 19
0
faI2ban detecting and banning but nothing happens
> I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested on
> another page:
The standard exim.conf already has a 535 filter. Was that not working
for you?
>
> \[<HOST>\]: 535 Incorrect authentication data
>
> which appears to be successfully matchnig lines in /var/log/exim/mail.log such
> as
>
> 2019-04-19 13:06:10 dovecot_plain
2019 Apr 19
0
faI2ban detecting and banning but nothing happens
I find csf/lfd much easier to configure and can be used in combination with fail2ban.
Gary Stainburn <gary.stainburn at ringways.co.uk> wrote:
>I've followed one of the pages on line specifically for installing fail2ban on
>Centos 7 and all looks fine.
>
>I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested on
>another page:
>
>
2008 Mar 28
1
I'm banned from the IRC
Hello, I'm Ziyu Yu, a gsoc applier.
I'm banned from the irc:
* alapagos.oftc.net NOTICE AUTH :*** Looking up your hostname...
* *** Checking Ident
* *** Your forward and reverse DNS do not match, ignoring hostname.
* *** No Ident response
* *** Banned autokilled: We suspect this host of participating in a
botnet. Mail support at oftc.net if you feel this in error. (2008-03-15
16:29:08)
*
2020 Apr 07
3
fail2ban ban not working
I have fail2ban on my mail server monitoring Dovecot and Exim.
I have noticed that it has stopped banning IP's. I have seen in /var/log/fail2ban.log:
2020-04-07 09:42:05,875 fail2ban.filter [16138]: INFO [dovecot] Found 77.40.61.224 - 2020-04-07 09:42:05
2020-04-07 09:42:06,408 fail2ban.actions [16138]: NOTICE [dovecot] Ban 77.40.61.224
2020-04-07 09:42:06,981
2011 Mar 28
8
asterisk and fail2ban
Is anyone using asterisk with fail2ban? I have it working except it takes
way more break-in attempts than what is set in "maxretry" in jail.conf
For example, I get an email saying:
"The IP 199.204.45.19 has just been banned by Fail2Ban after 181 attempts
against ASTERISK."
when "maxretry = 5" in jail.conf
Perhaps someone else is experiencing this or has resolved it,
2006 Apr 27
12
Stealing users IP address
Is there a functiaon to take the IP address of person who submits to a
form
example:
<input id="user_ip" name="user[ip]" type="hidden" value="<%=
some_ip_call %>" />
--
Posted via http://www.ruby-forum.com/.
2014 Feb 08
0
Asterisk intrusion detection/prevention, georgaphic IP banning, etc. (new software)
I'm looking for some beta testers to provide feedback on an Asterisk intrusion detection & prevention program we're releasing soon.
As a quick overview, the program provides:
- banning based on geographic location of source IP (Continent, country, region, city, etc)
- detection and banning based on channels in use by a user
- detection and banning based on rate of dialing
- detection
2010 Aug 10
5
Iptables questions
Hello,
I have read and seen many options for additions to Iptables as a firewall
and security system. All seem to react to logs and not to incoming packets
(as far as I have seen)
I am interested in doing a number of security ideas to the firewall,
iptables, on my webserver. If you have a program you would suggest or
believe iptables is the proper solution, please feel free to post that.
Here
2019 Apr 19
0
faI2ban detecting and banning but nothing happens
>
> The event that triggers the ban does complete as normal, which is what I would
> expect as the ban is triggered by the log entry which is *after* the failed
> attempt.
>
> However, after the /var/log/fail2ban.log showed the IP as banned, I continue
> to see entries in /var/log/exim/main.log
What ban action do you use? If it's something like iptables-multiport,
2009 Jun 21
6
Program to ban sniffers
So I have been reading the ssh attack thread and finally want to ask about
something.
I doubt there is a program like this, but I would love to have a program
that listens at common ports that I do not use at all...and only allow that
program to listen to it, especially the usual ssh port (using a different
one for real ssh)...
That program would then, upon receiving a 'sniff' or
2013 Jan 02
8
Auto ban IP addresses
Greetings all,
I have been seeing a lot of
[Jan 2 16:36:31] NOTICE[7519]: chan_sip.c:23149 handle_request_invite:
Sending fake auth rejection for device
100<sip:100 at 108.161.145.18>;tag=2e921697
in my logs lately. Is there a way to automatically ban IP address from
attackers within asterisk ?
Thank you