search for: bruteblock

...Since this revision (appeared in 6.3) I think ipfw violates POLA. I mean "ipfw table N list" shows values of table in Internet '.' notation. A friend of mine was surprised to found Internet representation of this "optional 32-bit unsigned value". For example security/bruteblock stores unix timestamps here and AFAICS there is no possibility to come back to the previous output format (other than reverting this revision). -- wbr, pluknet

Hello! A machine I manage remotely for a friend comes under a distributed ssh break-in attack every once in a while. Annoyed (and alarmed) by the messages like: Aug 12 10:21:17 symbion sshd[4333]: Invalid user mythtv from 85.234.158.180 Aug 12 10:21:18 symbion sshd[4335]: Invalid user mythtv from 85.234.158.180 Aug 12 10:21:20 symbion sshd[4337]: Invalid user mythtv from 85.234.158.180 Aug 12

Hello! A machine I manage remotely for a friend comes under a distributed ssh break-in attack every once in a while. Annoyed (and alarmed) by the messages like: Aug 12 10:21:17 symbion sshd[4333]: Invalid user mythtv from 85.234.158.180 Aug 12 10:21:18 symbion sshd[4335]: Invalid user mythtv from 85.234.158.180 Aug 12 10:21:20 symbion sshd[4337]: Invalid user mythtv from 85.234.158.180 Aug 12

Hi Everyone, Before I begin, I'd just like to mention: I love dovecot. Thank you :) Anyway, today I had 8000 login attempts to my dovecot server in an hour before blocking the IP with my firewall. After googling, I didn't see very much discussion on the topic. There was some mention of blocksshd which was supposed to support dovecot in the next release (but doesn't appear to) and

Hi all, ?Is there any app like denyhosts[1] but intended for MySQLd service? We have a mysql ports (3306) opened for remote connections, and obviously the /var/db/mysql/machine_name.log is full of these kind of entries: ........... 936012 Connect Access denied for user 'user'@'85.19.95.10' (using password: YES) 936013 Connect Access denied for user