search for: blocklist

Perhaps someone can help me understand why this is happening. I''m trying to write a script using ''shorewall iprange'' to parse some ip ranges into subnets so that i can place them into the blocklist. I keep getting an error when i run the script though. Here is the script: #!/bin/csh foreach i (`cat ipranges`) shorewall iprange $i >> /etc/firewall/tools/blacklist/blocklist end Here is the error: : syntax error: operand expected (error token is " ") /sbin/shorewall: line...

https://bugzilla.netfilter.org/show_bug.cgi?id=1726 Bug ID: 1726 Summary: invalid json generated by ipset list -output json Product: ipset Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: trivial Priority: P5 Component: default Assignee:

On Fri, 12 Apr 2019, mj wrote: > What we do is: use https://github.com/trick77/ipset-blacklist to block IPs > (from various existing blacklists) at the iptables level using an ipset. "www.blocklist.de" is a nifty source. Could you suggest other publically available blacklists? > That way, the known bad IPs never even talk to dovecot, but are dropped > immediately. We have the feeling it helps a lot. Really helps with uber-stupid BFD attacks that pound our plaintext ports even t...

...GRUB2 on centos 5.2 system, I get following error. centos5: grub-install /dev/sda //sbin/grub-setup: warn: This GPT partition label has no BIOS Boot Partition; embedding won't be possible!. //sbin/grub-setup: warn: Embedding is not possible. GRUB can only be installed in this setup by using blocklists. However, blocklists are UNRELIABLE and their use is discouraged.. //sbin/grub-setup: error: will not proceed with blocklists. Can you please help me figure out the problem ? Thanks Sachin

...two. A timeout feature is handy here; even though you allow attackers several kicks at the can, it will allow your users to eventually gain control to their accounts again after a suitable penalty period. >> You can also use a third party RBL that specialized in brute forcers like >> blocklist.de. You can also feed back fail2ban data and crowdsource BFD >> data to them. > > Yes, I will look into that now. > ... > > Anyone aware of other blocklists that are worth bocking? Because the > list.blocklist.de/lists/all.txt blocks some, but not anywhere near all. There...

...age 1 can read it? > > Yes. > or does grub find out the sectors of the stage 1.5 file and > put the list of those into the stage 1 file (first sector address > of stage 1.5 file) and stage 1.5 first sector (list of all > other sectors)? > Grub doesn''t make the blocklist for stage1_5 Optionally grub makes the blocklist for stage2 (in particular when stage1.5 can not be embedded for some reasons). Note, that it is important to embed and use btrfs_stage1_5. First, because btrfs has defragmentator, which can make the blocklist out of date (so that you''ll ne...

Hi Robert, On 07/18/2017 11:43 PM, Robert Schetterer wrote: > i guess not, but typical bots arent using ssl, check it > > however fail2ban sometimes is to slow I have configured dovecot with auth_failure_delay = 10 secs I hope that before the 10 sec are over, dovecot will have logged about the failed login attempt, and fail2ban will have blocked the ip by then. MJ

I did not see any way, during the CentOS7 install, to install the CentOS7 boot loader into the /boot partition rather than to the MBR of a drive. How does one do this in the installation of CentOS7 ?

...llowing entry to my /boot/grub/menu.lst : title Real VMX rootnoverify (hd0,0) kernel -type=netbsd /vmx I tried to reboot my Cent OS client and at the boot loader when I select "Real VMX" I got the following error : "Error 1 : File name must be either an absolute pathname or blocklist" Can you please do me favor and let me know how can I overcome ? Let me thank you in advance -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20091012/36d58095/attachment-0002.html>

...appearing in my maillog, and then being reported by logwatch as unmatched entries. An example of such a messages is: Feb 27 04:33:09 quail sendmail[24780]: p1R4X46P024780[2]: URIBL blacklist\n\t* [URIs: tablettoxicspillsrx.ru]\n\t* 1.5 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist\n\t* [URIs: tablettoxicspillsrx.ru]\n\t* 1.5 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist\n\t* [URIs: tablettoxicspillsrx.ru]\n\t* 1.5 URIBL_SBL Contains an URL listed in the SBL blocklist\n\t* [URIs: tablettoxicspillsrx.ru]\n\t* 0.3 DRUGS_ERECTILE Refers to an...

...COM32 pxechn.c32 > APPEND pxebsd.0 Thanks, that works! How do I use that in the generic case? The ?pxebsd.0? file can be called as? ? PXE loader ? COMBOOT (16-bit) ? DOS .COM ? Multiboot (although it switches back to 16-bit mode immediately) ? from its own bootsector, if installed on disc (blocklist) Normally I?d chain into it as COMBOOT, but that no longer works (this used to work for both ISOLINUX and PXELINUX, and the other two, although I rarely tested them). Now I?ve got a working method for PXELINUX, but that leaves the others still? Thanks, //mirabilos -- tarent solutions GmbH Rochus...

...ntreg_sk_record { char sec_desc[1]; /* security info follows */ } __attribute__((__packed__)); +struct ntreg_db_record { + int32_t seg_len; /* length (always -ve because used) */ + char id[2]; /* "db" */ + uint16_t nr_blocks; + uint32_t blocklist_offset; + uint32_t unknown1; +} __attribute__((__packed__)); + +struct ntreg_db_block { + int32_t seg_len; + char data[1]; +} __attribute__((__packed__)); + static uint32_t header_checksum (const hive_h *h) { @@ -1418,22 +1431,60 @@ hivex_value_value (hive_h *h, hive_value_h value, * inst...

...send a temp fail. So, this is a good thing. The negative is it also takes longer for my users to send mail as it is processed the same way during outgoing. Also, we run the SpamHaus blacklist. This works pretty good for inbound, but from time to time one of our hosting clients winds up on the blocklist because they are on a dynamic IP and someone else has recently used it for spamming. One could argue that my client should then go remove their IP from the blacklist to better insure their email actually makes it through any other level of spam filtering on other ISPs. But, that's a rosey c...

...ue (hive_h *h, hive_value_h value, > if (h->msglvl >= 2) > fprintf (stderr, "hivex_value_value: warning: big data block is not " > "valid (db block 0x%zx, block list 0x%zx, data block 0x%zx)\ > - data_offset, blocklist_offset, subblock_offset); > + data_offset, blocklist_offset, (size_t) subblock_offset); > } > int32_t seg_len = block_len(h, subblock_offset, NULL); > struct ntreg_db_block *subblock = > > to make it compile without warnings. Yeah, so I'...

Hi, First I would like to say Shorewall rocks! I have a suggestion for a Port based Block List that would complement the present "blacklist". Would it be a good idea to have a port specific block list e.g. "smtpblocklist" that Shorewall would check incoming traffic against based on the specific port e.g. 25. This way you can have a huge protocol specific block list that won''t affect (slow down) other traffic as it would in the case of have a huge general blocklist such as the "blacklist"....

I was wondering if i could stick a certain ip in the blocklist, but at the same time have an allow rule for http in the rules section. In other words i would like to block pretty much all access from a certain internet address except for http from the internal network. So does the rules file get parsed before the blacklist in the firewall to make this p...

...t Joe was hacked. I think the problem > > is solved for now: > [snip] > > Word I have is that scuttlebut is incorrect. Word I have is that Joe''s > done this on-purpose and that he is throwing in the towel. I just discovered the following, posted to news.admin.net-abuse.blocklisting: | Subject: Update on relays.osirusoft.com | Newsgroups: news.admin.net-abuse.blocklisting | From: Andy Finkenstadt <kahuna@panix.com> | Message-ID: <bigprp$ri3$1@reader2.panix.com> | Date: Tue, 26 Aug 2003 23:50:15 GMT [snip] | "Direct from Joe Jared''s mouth, he'&...

None of my Centos 5 boxen can show flash since the update this morning. Am I alone or do other people have this issue ?? Centos 7 boxes work properly. I haven't looked at RHEL 6 boxes yet. Although I miss using flash on these boxes, it IS a great security upgrade....

...gt; However, it seems almost all IPs are different, and I don't think I can > keep the above settings permanently. Why not? Limited by firewall rules overload? You could probably use a persistent DB, can't you? You can also use a third party RBL that specialized in brute forcers like blocklist.de. You can also feed back fail2ban data and crowdsource BFD data to them. Joseph Tam <jtam.home at gmail.com>

...mote host said: 554 Service unavailable; Client host [68.142.225.207] > blocked using multihop.dsbl.org; http://dsbl.org/listing?68.142.225.207 > Giving up on 72.21.40.12. > > Anyone else notice this? > > Regards, > > Ranbir > could you please follow this up with the BlockList people and find out whats going on please ? if you need anything from this end, feel free to ask. -- Karanbir Singh CentOS Project { http://www.centos.org/ } irc: z00dax, #centos at irc.freenode.net