Displaying 20 results from an estimated 181 matches for "kiddie".
Did you mean:
kiddies
2018 Aug 09
2
Best practices for backing up small mailserver to remote location
...he ssh tunnel,
not the rsync connection, as rsync compression tends to be buggy and
interrupts the download. I run sshd on a non-standard port to keep my
logs relatively free of script kiddy noise from people looking for an
ssh connection to crack. Run fail2ban to lock out the remaining script
kiddies. Use a client certificate to log in with ssh unprompted, making
it easy to download in a cron job.
Here's an example of scripting the download. Uncomment the DRYRUN line
for testing, then comment for production. Add more rsync commands to
back up different partitions. The --one-file-system...
2020 Jun 21
1
firewall questions
...;Port" in ssh_config and sshd_config; If other clients are being used
> (like Putty),
> it is easy to change it there.
>
> We used to get at least 50 probes per day on port 22. Now we get zero.
>
I used this technique for a number of years - then it got leaked to the
script kiddies the port that was used. We don't have anything
particularly valuable that they were looking for (I don't think!), but
there are lists of subnets & ports out there that the kiddies use so
once one found it, the flood gates opened. SSH is now protected behind
a VPN.
It's a valid th...
2011 Aug 26
4
limiting number of incorrect logins per connection
...,
Running Dovecot 2 on my server. It is regularly getting dictionary auth
attacked. What I have noticed is that once connected to a pop3/imap
login session, you can send endless incorrect usernames+passwords
attempts. This is a problem for me... I use fail2ban to try and stop
these script kiddies. The problem is that fail2ban detects the bad
auths, firewalls the IP, however, since it's an "established" session,
the attacker can keep authing away... It's only on a subsequent (new)
connection that the firewalling will take effect.
Why is there no configuration optio...
2014 Dec 31
1
can't enable selinux CentOS 6.5
...ng bugs. I discovered at some point that there are
> other people out there who share this opinion ;-)
>
> So, my question is: can someone design attack scenario which would be
> successful if it were not for SELinux, and which is thwarted by SELinux.
> Note that the fact that script kiddie just forgot to put as a first line
>
> /usr/sbin/setenforce 0
>
> doesn't make such example a solid case pro SELinux for me.
>
> Thanks a lot for your insight! (Always hoping to learn ;-)
>
Disabling SELinux requires root privileges at which point most all
security implim...
2014 Dec 30
3
can't enable selinux CentOS 6.5
On Tue, December 30, 2014 03:18, Digimer wrote:
> What possible reason could they have for that?
>
> On 30/12/14 02:17 AM, Laurent Dumont wrote:
>> By any change, is it a VPS? I know that my CloudAtCost (very cheap but
>> extremely unreliable provider) prevents you from using SeLinux on their
>> Centos image.
No mysterious breakages == lower support costs. The same
2006 Mar 10
6
sshd hack
...within sshd. It seems
to quickly confuse automated dictionary attacks. I've moved sshd to
higher ports but apparently the cretins are now scanning to look for
that and attacking on whatever port sshd shows up on.
Anyway, the link to the hack is here:
http://www.aerospacesoftware.com/ssh-kiddies.html
Just wondering if any of the wizened programmers out there can think of
any reason why this would be a bad thing to do.
Cheers,
2009 Oct 17
5
Calling all Hackers
...s owned by me and can confirm through servint that it
is owned by me.
I would like to do a penetration test and of course to allow you to upload
files on the server and kind of trash it to the point where it is always
restarting and running out of memory etc etc.
This is going to be mainly script kiddie stuff, however will be able to get
you hired on with me for some other jobs that are invovlving network
security evaluations.
Here is the server info
Cpanel and WHM running on CentOS
hostname level1.ixkt.net
IP addresses 64..131.81.30
64.131.81.31
64.131.81.32
64.131.81.30
SSH Port is on 3734
--...
2017 Aug 15
6
Detecting DoS attacks via SIP
Hi all,
Lately, I've seen an increase in the number of attacks against my system from the so-called "Friendly Scanner." When one of these script kiddies targets my server, all I see for symptoms is a few of my trunks become lagged due to server load and a stream of messages on the console that resemble this:
[Aug 2 20:27:50] == Using SIP VIDEO CoS mark 6
[Aug 2 20:27:50] == Using SIP RTP TOS bits 24
[Aug 2 20:27:50] == Using SIP RTP CoS...
2006 Apr 09
2
First SSH now VSFTP
Seems the script kiddies are now hitting vsftp with dictionary attacks.
I had three boxes showing around 12000 attempts from one IP yesterday.
My thoughts are that there should be an upstream solution for this which
is then supported by the upstream vendor. Yes, I know there are several
'other' solutions, but...
2005 Aug 02
2
probes on udp port 500
Last couple of days some of my hosts were probed for UDP port 500 (IKE daemon,
used by IPSec for key exchange) from dialup IPs. Don't remember seeing similar
probes before. Some new vaulnerability that script kiddies (and pro crackers)
are trying out, or is this some old stuff? I do remember there were some
security problems with racoon in the past (that were fixed in current CentOS
ipsec-tools packages), but don't remember reading anywhere there were any
automated tools to exploit it floating around. Or...
2006 Mar 20
6
[OT maybe] netcafe firewall
Hi all,
I appologise in advance if this is a little OT, but I am building
a box that will serve as firewall and router for a small ''internet
cafe / netcafe'' and am using CentOS...
So here it is:
What are the best tools to be used for keeping the potential
script kiddies from ''harming the Internet'' :) ? I specifically want
to be able to detect and prevent portscans from LAN to Internet, and
any other malware activity the clients might think of.
I am particularily interested in ''the CentOS way''. For example I
know there is psd...
2015 Feb 13
5
Securing SSH wiki article outdated
On Fri, 2015-02-13 at 09:46 -0500, Lamar Owen wrote:
> On 02/13/2015 09:15 AM, Chris Adams wrote:
> > Yeah, the old "move stuff to alternate ports" thing is largely a waste
> > of time and just makes it more difficult for legitimate use. With
> > large bot networks and tools like zmap, finding services on alternate
> > ports is not that hard for the
2015 Feb 09
4
Geting mail quota exceeded with plenty of space
...ard his quota. Only these two users have this
> problem. So far. Both are infrequent mail checkers.
It might be the quota for number of messages :
Check with "doveadm quota get -u user at domain.example"
If there is a limit for number of messages.
Regards,
--
CHUNKZ.NET - script kiddie and computer technician
Bertrand Caplet, Flers (FR)
Feel free to send encrypted/signed messages
Key ID: FF395BD9
GPG FP: DE10 73FD 17EB 5544 A491 B385 1EDA 35DC FF39 5BD9
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signatu...
2015 Sep 23
1
OT: closing a port on home router
...angerous nutters attempting to break-in to
> everything. They often mask their attacks using compromised Windoze
> computers all around the world.
>
Changing the port that sshd listens on solves nothing from a security
perspective. The only people that this action deflects are the
script-kiddies. Who are admittedly numerous and who can be dangerous
but usually are just low-talent opportunists.
Moving the port by itself still opens a functioning connection to the
internet on a service that is inherently susceptible to brute force
and rainbow attacks. The 'dangerous' people on the...
2005 Nov 16
11
Need urgent help regarding security
Good Day!
I think we have a serious problem. One of our old
server running FreeBSD 4.9 have been compromised and
is now connected to an ircd server..
195.204.1.132.6667 ESTABLISHED
However, we still haven't brought the server down in
an attempt to track the intruder down. Right now we
are clueless as to what we need to do..
Most of our servers are running legacy operating
systems(old
2014 Oct 02
3
Securing SSH --> Change ports
In there you are almost telling people that security through obscurity is a good way.
That might sometimes be true but in this case it could mean that you would be handing passwords and other data out.
When you start SSH on port 22 it is done with root privileges because the root user is the only one that can use ports below 1024. Root is the only user that can listen to that port or do
2000 Jan 13
0
ssh-proxy, a new approach to firewall software
...p using just plugs for everything, which is nearly as bad as
just having a packet filter. Maybe your vendor calls
one particular setup of his plug as samba gateway, and if
you not look into the insides of your firewall, you will
think that it really parses the protocol. (Practice #1
for script kiddies: fire a VPN through telnet port using ssh
and have your firewall administrator not notice it.
Practice #1 for firewall administrators: Make it at least
a bit harder to do for a script kiddie with your current
firewall software.)
So we need something which can keep up with the kiddies at lea...
2015 Dec 13
2
CentOS and typical usage
...o faster then why is it a benefit?
>>
>> Binary logs with checksums is one benefit, much harder for a hacker or
> malware to hide its tracks.
>
> Without intent to be a pain in a... just respectfully disagreeing.
>
> Harder only from the point of view current tools script kiddies use will
> not deal with then. Fundamentally better security/forensics wise would be
> to keep logs on remote secure server. Like in the very first computer
> security lesson: you can not trust anything on compromised machine.
It's a matter of knowing your machine has been compromis...
2003 Jan 28
5
Block packets based on content
Is it possible to block packets based on content? I would specifically like
to block the script kiddies " GET /script/*" packets from reaching my
webserver.
Thanks for your time,
Steve
2014 Dec 15
2
Failed installation on Ubuntu with Postfix/Dovecot/Squirrelmail
...adding the change to 10-mail.conf and starting the server
And guess what, I can log into squirrelmail's interface just fine. No more dropped connection to the IMAP server.
And now that the panic is over, I'd like to get smart on dovecot.
>Regards,
>--
>CHUNKZ.NET - script kiddie and computer technician
>Bertrand Caplet, Flers (FR)
>Feel free to send encrypted/signed messages
>Key ID: FF395BD9
>GPG FP: DE10 73FD 17EB 5544 A491 B385 1EDA 35DC FF39 5BD9