similar to: Email dictionary attacks and firewall

http://bugzilla.mindrot.org/show_bug.cgi?id=1049 Summary: Variable delay in password logins to fight dictionary attacks Product: Portable OpenSSH Version: 3.8.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo:

Hi Guys, I was really hoping a couple of years later this would be addressed... I'm running Dovecot 2.2.5 on FreeBSD. Is there anyway to limit the number of auth attempts allowed in a single session? The reason for this is because I have "fail2ban" setup to firewall out any IP addresses that repeatedly auth fails. The issue occurs when the connection is already in an

http://bugzilla.mindrot.org/show_bug.cgi?id=1049 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED ------- Comment #3 from dtucker at zip.com.au 2006-10-07 11:40 ------- Change all RESOLVED bug to CLOSED with the exception

I spoke with Markus before Christmas (I hope all your holidays were better then mine.. But that's another topic. Car are evil.=) and he would like to release 2.4.0 in the very near future. Is there any undisputed patches still out not applied to the current portable CVS tree? (BTW, I just applied the getrlimit patch from Corinna.) - Ben

I'm seeing strings of failed POP3 login attempts with obvious bogus usernames coming from different IP addresses. Today's originated from 216.31.146.19 (which resolves to neovisionlabs.com). This looks like a botnet attack. I got a similar probe a couple days ago. Is anyone else seeing these? The attack involves trying about 20 different names, about 3-4 seconds apart. Here's a

Hi, I been using dovecot for awhile and its been solid, however I been having some issues with dictionary attacks. I installed fail2ban and for the most part is working fine. However today I got another spammer relaying through my server. Looking at the logs I see the following dictonary attack from 94.242.206.37 Nov 10 03:04:38 pop dovecot: pop3-login: Disconnected: rip=94.242.206.37,

Does anyone have a script that will notice a Rumplestiltskin type spam attack (where they try every name possible) and drop the sending into a block list? -- Chris Mason NetConcepts (264) 497-5670 Fax: (264) 497-8463 Int: (305) 704-7249 Fax: (815)301-9759 UK 44.207.183.0271 Cell: 264-235-5670 Yahoo IM: netconcepts_anguilla@yahoo.com -- This message has been scanned for viruses and

Is there a way to listen on port 25 for repeated dictionary attacks to harvest email address and blacklist that Ip with shorewall? Thanks, Mike

Hi has someone a script which can filter out dictionary attacks from /var/log/maillog and notify about the source-IPs? i know about fail2ban and so on, but i would like to have a mail with the IP address for two reasons and avoid fail2ban at all because it does not match in the way we maintain firewalls * add the IP to a distributed "iptables-block.sh" and distribute it to any

Hi Raghavendra, > On 20 Mar 2018, at 1:55 pm, Raghavendra Gowdappa <rgowdapp at redhat.com> wrote: > > Aggregating large number of small writes by write-behind into large writes has been merged on master: > https://github.com/gluster/glusterfs/issues/364 <https://github.com/gluster/glusterfs/issues/364> > > Would like to know whether it helps for this usecase.

Excellent description, thank you. With performance.write-behind-trickling-writes ON (default): ## 4k randwrite # fio --randrepeat=1 --ioengine=libaio --gtod_reduce=1 --name=test --filename=test --bs=4k --iodepth=32 --size=256MB --readwrite=randwrite test: (g=0): rw=randwrite, bs=(R) 4096B-4096B, (W) 4096B-4096B, (T) 4096B-4096B, ioengine=libaio, iodepth=32 fio-3.1 Starting 1 process Jobs: 1

Someone for the love of go must have a answer for this.. :) Im so needing to trickle a few games/apps running under wine.. Anyone got any ideas?

Does dovecot have any dictionary attack defenses yet? In the past I have had to implement defense from outside dovecot, but since dovecot is at the front lines and therefore is the first to know I'm hoping by now there is something we can set. For example, a limit on access failures per minut/hour/day or some such. If not why not?

On Tue, Mar 20, 2018 at 8:57 AM, Sam McLeod <mailinglists at smcleod.net> wrote: > Hi Raghavendra, > > > On 20 Mar 2018, at 1:55 pm, Raghavendra Gowdappa <rgowdapp at redhat.com> > wrote: > > Aggregating large number of small writes by write-behind into large writes > has been merged on master: > https://github.com/gluster/glusterfs/issues/364 > >

On Tue, Mar 20, 2018 at 1:55 AM, TomK <tomkcpr at mdevsys.com> wrote: > On 3/19/2018 10:52 AM, Rik Theys wrote: > >> Hi, >> >> On 03/19/2018 03:42 PM, TomK wrote: >> >>> On 3/19/2018 5:42 AM, Ondrej Valousek wrote: >>> Removing NFS or NFS Ganesha from the equation, not very impressed on my >>> own setup either. For the writes

Hi all, I am currently trying to emulate a satellite link, via Netem, on a testbed which is OSPF-enabled. I''d like to set up a Netem box between two routers. Since all routing between routers is dynamic, I''m wondering how to set up OSPF on my Netem box? Could someone indicate me if it is feasible and give me some guidelines to possibly do so? Thanks in advance, Vincent.

I'd like comments (suggestions, improvements, messages that start with "you moron you forgot that. . .") on the following horrible dirty kludge to make a (nearly, with any luck) un-hackable set of shares available to specific users on the internet. On the Server, initially all packets bound for port 139 are rejected as the default policy. The server is connected to the internet full

Hey all.. I had a bad IDE controller that hosed my EXT3 filesystems. A resulting fsck damaged pat of the filesystem and the root inode is gone (on my main drive AND the backup drive). I immediately DD'd the main drive over to an identical drive that I have been working on. But every time.. a fsck destroys all the data (moves everything to lost+found) and nothing that I've found

Hi all, I was just wondering when this update will trickle down into the Centos repo: http://rhn.redhat.com/errata/RHBA-2008-0611.html Obviously, it just came out yesterday, so I'm not expecting it to suddenly appear. ;) Just curious what the turn around time usually is for RHEL bug fixes that get released and when we should expect it. As a side note, does anyone know if there is a way

Hi hoping someone can help me a little with this one. I have 2 mail servers, the incoming mail server runs dovecot and the outgoing mail server runs postfix with sasl. Lately I noticed a lot of spammers are running dictionary attacks on my incoming server and then using that user/password for sasl on the outgoing server. The weird thing is I never see on the logs the guessed