Displaying 20 results from an estimated 181 matches for "kiddies".
2018 Aug 09
2
Best practices for backing up small mailserver to remote location
...he ssh tunnel,
not the rsync connection, as rsync compression tends to be buggy and
interrupts the download. I run sshd on a non-standard port to keep my
logs relatively free of script kiddy noise from people looking for an
ssh connection to crack. Run fail2ban to lock out the remaining script
kiddies. Use a client certificate to log in with ssh unprompted, making
it easy to download in a cron job.
Here's an example of scripting the download. Uncomment the DRYRUN line
for testing, then comment for production. Add more rsync commands to
back up different partitions. The --one-file-system...
2020 Jun 21
1
firewall questions
...;Port" in ssh_config and sshd_config; If other clients are being used
> (like Putty),
> it is easy to change it there.
>
> We used to get at least 50 probes per day on port 22. Now we get zero.
>
I used this technique for a number of years - then it got leaked to the
script kiddies the port that was used. We don't have anything
particularly valuable that they were looking for (I don't think!), but
there are lists of subnets & ports out there that the kiddies use so
once one found it, the flood gates opened. SSH is now protected behind
a VPN.
It's a valid thi...
2011 Aug 26
4
limiting number of incorrect logins per connection
...,
Running Dovecot 2 on my server. It is regularly getting dictionary auth
attacked. What I have noticed is that once connected to a pop3/imap
login session, you can send endless incorrect usernames+passwords
attempts. This is a problem for me... I use fail2ban to try and stop
these script kiddies. The problem is that fail2ban detects the bad
auths, firewalls the IP, however, since it's an "established" session,
the attacker can keep authing away... It's only on a subsequent (new)
connection that the firewalling will take effect.
Why is there no configuration option...
2014 Dec 31
1
can't enable selinux CentOS 6.5
On 30/12/14 22:07, Valeri Galtsev wrote:
>
> I have that vague feeling that what I'm about to say will probably be
> declared wrong... Still. From the very beginning I do not consider SELinux
> adding to the security of the system. How can it if it can be turned off
> on the fly? On the other hand, it adds hundreds of thousands of lines to
> kernel code which does exactly
2014 Dec 30
3
can't enable selinux CentOS 6.5
On Tue, December 30, 2014 03:18, Digimer wrote:
> What possible reason could they have for that?
>
> On 30/12/14 02:17 AM, Laurent Dumont wrote:
>> By any change, is it a VPS? I know that my CloudAtCost (very cheap but
>> extremely unreliable provider) prevents you from using SeLinux on their
>> Centos image.
No mysterious breakages == lower support costs. The same
2006 Mar 10
6
sshd hack
...within sshd. It seems
to quickly confuse automated dictionary attacks. I've moved sshd to
higher ports but apparently the cretins are now scanning to look for
that and attacking on whatever port sshd shows up on.
Anyway, the link to the hack is here:
http://www.aerospacesoftware.com/ssh-kiddies.html
Just wondering if any of the wizened programmers out there can think of
any reason why this would be a bad thing to do.
Cheers,
2009 Oct 17
5
Calling all Hackers
Hey guys.
I have a server that is owned by me and can confirm through servint that it
is owned by me.
I would like to do a penetration test and of course to allow you to upload
files on the server and kind of trash it to the point where it is always
restarting and running out of memory etc etc.
This is going to be mainly script kiddie stuff, however will be able to get
you hired on with me for
2017 Aug 15
6
Detecting DoS attacks via SIP
Hi all,
Lately, I've seen an increase in the number of attacks against my system from the so-called "Friendly Scanner." When one of these script kiddies targets my server, all I see for symptoms is a few of my trunks become lagged due to server load and a stream of messages on the console that resemble this:
[Aug 2 20:27:50] == Using SIP VIDEO CoS mark 6
[Aug 2 20:27:50] == Using SIP RTP TOS bits 24
[Aug 2 20:27:50] == Using SIP RTP CoS m...
2006 Apr 09
2
First SSH now VSFTP
Seems the script kiddies are now hitting vsftp with dictionary attacks.
I had three boxes showing around 12000 attempts from one IP yesterday.
My thoughts are that there should be an upstream solution for this which
is then supported by the upstream vendor. Yes, I know there are several
'other' solutions, but I...
2005 Aug 02
2
probes on udp port 500
Last couple of days some of my hosts were probed for UDP port 500 (IKE daemon,
used by IPSec for key exchange) from dialup IPs. Don't remember seeing similar
probes before. Some new vaulnerability that script kiddies (and pro crackers)
are trying out, or is this some old stuff? I do remember there were some
security problems with racoon in the past (that were fixed in current CentOS
ipsec-tools packages), but don't remember reading anywhere there were any
automated tools to exploit it floating around. Or...
2006 Mar 20
6
[OT maybe] netcafe firewall
Hi all,
I appologise in advance if this is a little OT, but I am building
a box that will serve as firewall and router for a small ''internet
cafe / netcafe'' and am using CentOS...
So here it is:
What are the best tools to be used for keeping the potential
script kiddies from ''harming the Internet'' :) ? I specifically want
to be able to detect and prevent portscans from LAN to Internet, and
any other malware activity the clients might think of.
I am particularily interested in ''the CentOS way''. For example I
know there is psd m...
2015 Feb 13
5
Securing SSH wiki article outdated
On Fri, 2015-02-13 at 09:46 -0500, Lamar Owen wrote:
> On 02/13/2015 09:15 AM, Chris Adams wrote:
> > Yeah, the old "move stuff to alternate ports" thing is largely a waste
> > of time and just makes it more difficult for legitimate use. With
> > large bot networks and tools like zmap, finding services on alternate
> > ports is not that hard for the
2015 Feb 09
4
Geting mail quota exceeded with plenty of space
> Further checkings shows another user also getting "Quota exceeded". This
> user has only 127Mb toward his quota. Only these two users have this
> problem. So far. Both are infrequent mail checkers.
It might be the quota for number of messages :
Check with "doveadm quota get -u user at domain.example"
If there is a limit for number of messages.
Regards,
--
2015 Sep 23
1
OT: closing a port on home router
...angerous nutters attempting to break-in to
> everything. They often mask their attacks using compromised Windoze
> computers all around the world.
>
Changing the port that sshd listens on solves nothing from a security
perspective. The only people that this action deflects are the
script-kiddies. Who are admittedly numerous and who can be dangerous
but usually are just low-talent opportunists.
Moving the port by itself still opens a functioning connection to the
internet on a service that is inherently susceptible to brute force
and rainbow attacks. The 'dangerous' people on the...
2005 Nov 16
11
Need urgent help regarding security
Good Day!
I think we have a serious problem. One of our old
server running FreeBSD 4.9 have been compromised and
is now connected to an ircd server..
195.204.1.132.6667 ESTABLISHED
However, we still haven't brought the server down in
an attempt to track the intruder down. Right now we
are clueless as to what we need to do..
Most of our servers are running legacy operating
systems(old
2014 Oct 02
3
Securing SSH --> Change ports
In there you are almost telling people that security through obscurity is a good way.
That might sometimes be true but in this case it could mean that you would be handing passwords and other data out.
When you start SSH on port 22 it is done with root privileges because the root user is the only one that can use ports below 1024. Root is the only user that can listen to that port or do
2000 Jan 13
0
ssh-proxy, a new approach to firewall software
...p using just plugs for everything, which is nearly as bad as
just having a packet filter. Maybe your vendor calls
one particular setup of his plug as samba gateway, and if
you not look into the insides of your firewall, you will
think that it really parses the protocol. (Practice #1
for script kiddies: fire a VPN through telnet port using ssh
and have your firewall administrator not notice it.
Practice #1 for firewall administrators: Make it at least
a bit harder to do for a script kiddie with your current
firewall software.)
So we need something which can keep up with the kiddies at leas...
2015 Dec 13
2
CentOS and typical usage
...o faster then why is it a benefit?
>>
>> Binary logs with checksums is one benefit, much harder for a hacker or
> malware to hide its tracks.
>
> Without intent to be a pain in a... just respectfully disagreeing.
>
> Harder only from the point of view current tools script kiddies use will
> not deal with then. Fundamentally better security/forensics wise would be
> to keep logs on remote secure server. Like in the very first computer
> security lesson: you can not trust anything on compromised machine.
It's a matter of knowing your machine has been compromise...
2003 Jan 28
5
Block packets based on content
Is it possible to block packets based on content? I would specifically like
to block the script kiddies " GET /script/*" packets from reaching my
webserver.
Thanks for your time,
Steve
2014 Dec 15
2
Failed installation on Ubuntu with Postfix/Dovecot/Squirrelmail
On 12/15/2014 at 12:26 PM, "Bertrand Caplet" <bertrand.caplet at chunkz.net> wrote:
>
>> that I needed:
>>
>> namespace inbox {
>> inbox = yes
>> }
>
>Hey,
>I wonder where do you have set this namespace inbox ? in 10-
>mail.conf ?
>
The word 'namespace' does not appear in any file within the tree of /etc/dovecot/