similar to: Auto-blacklisting hosts after too many failed logins

Amon Ott has released another version of RSBAC, for 2.1.115 now. http://agn-www.informatik.uni-hamburg.de/people/1ott/rsbac/eng.htm You get the following security modules: MAC Bell-LaPadula Mandatory Access Control (no compartements yet) CWI Clark-Wilson-Integrity (only basics implemented) FC Functional Control. A simple role based model SIM Security Information Modification PM Privacy

Hello everybody! Currently, dovecot just kills itself if it detects that time has moved backwards more than a hardcoded number of seconds. I accept the reasons, but I do not like to restart dovecot manually after waiting for time to move forward again. A cron job would not help, because time might still be wrong when it restarts dovecot. All our systems run ntpd, but they might be offline

Hi all! I have tried the imap_acl plugin with 1.2.9 today, but was not able to limit acl changes for those mailboxes where acl changes should be forbidden. http://wiki.dovecot.org/ACL says that "a" or "admin" covers "Administration rights to the mailbox". However, removing "a" from owner acl (using "lr") does not help, the user can still

Hi list, I have a problem with Mongrel which is really bugging me. I would really appreciate any help that anyone can provide to help me in solving this problem. 1. My setup: Apache front_end with mod_proxy_balancer in front of 4 mongrel/rails instances of my application. Rails 1.2.5 Ruby 1.8.6 Mongrel 1.1.1 2. I noticed that the CPU consumption on my server was 100% being consumed by ruby so I

Might be of interest for some of you, especially: o HTB - detailed look into new QoS shaper - Martin Devera o Linux Packet Classification Performance - Jamal Hadi Salim o Status of IPv6 Implementations - Peter Bieringer o High Availability using Keepalived - Alexandre Cassen o Application Layer Fingerprinting - Hendrik Scholz

Hi I have a rather strange problem with mongrel and I would be grateful if anyone could assist me with resolving. I have an application running mongrel 1.1.1 and rails 1.2.5 with ruby 1.8.6. It was all working fine and starting as expected. But I did a server reboot once and mongrel has refused to start up since. I get the following error:

I've a particular situation in which I need to sometimes delete one or two files from a remote site. I haven't figured out a way to do it with rsync yet... I've considered playing games with --exclude and --delete but I'm a bit nervous of the chances of mayhem by a simple error. Situation is a remote repository to which files are added on occasion; there is no local copy. On

Does anyone know of a script that can act as a "helper" for Shorewall''s dynamic blacklist capabilities? Briefly said, I''d like to know if someone already wrote a script/program that, e.g., parses log files (/var/log/messages, etc) and picks up for example all IP addresses that failed SSH login more than X times and then executes a command such as shorewall drop

Hello everyone, one of our customers using QUALCOMM Windows Eudora Version 7.1.0.9 as POP3 client with Dovecot 1.0.0 under Linux using Maildirs reports that on various accounts they get occasional "inconsistent mailbox" errors at quit. The same Docevot binary in the same environment on other servers works fine for several other customers and ourselves. We use Postfix 2.2 with

Some lists and emails are distributed via ns1.samba.org. For those of you that use ORBS, you'll find it is blacklisted now. There is no mention of it on the website and it doesn't return a positive when you enter it for testing but it has slipped into the ORBS blacklist somewhere. Samba.org admins may wish to force all ns1 outbound email via another netblock, bringing it up to ORBS only

Hi, Does anyone know how I can monitor our server's for blacklisting? We run a large amount of shared hosting & reseller hosting servers and from time to time one of the IP's will get blacklisted. I'm looking for a way to be notified if any of our IP's get blacklisted. Is this possible? -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog:

Hi, Given the recent increase in SIP brute force attacks, I've had a little idea. The standard scripts that block after X attempts work well to prevent you actually being compromised, but once you've been 'found' then the attempts seem to keep coming for quite some time. Older versions of sipvicious don't appear to stop once you start sending un-reachables (or straight

-------- Original Message -------- Subject: Re: [CentOS] ipset and blacklisting From: "Albert McCann" <mac358 at newsguy.com> Date: Wed, September 21, 2016 5:34 am To: "'CentOS mailing list'" <centos at centos.org> How are you saving and reloading the ipsets over a reboot? > -----Original Message----- > From: centos-bounces at centos.org

Hi All it is possible to tune dom0/domU for better IO/network performance? Since I have changed to Cenots7 dom0, I have a really poor IO performance inside a PV VM. I have already done what is described on http://wiki.xenproject.org/wiki/Tuning_Xen_for_Performance It is better now but still significantly worse than with centos6 dom0 my settings: xen parameter: dom0_mem=1024M cpufreq=xen

Hi, Is there any way to automatically block all traffic from IP''s that try more than X number of blocked ports for a preset amount of time? The log I get every morning seems to be getting bigger and bigger with port scans and attempts to access various services, it would be nice if these IP''s could be automatically blocked for like a week or two.. I wouldn''t want

So I setup ssh on a server so I could do some work from home and I think the second I opened it every sorry monkey from around the world has been trying every account name imaginable to get into the system. What's a good way to deal with this?

boy, if you really care about your problem, *USE* ext3-users: > oh, and please respond on-list, perhaps other ppl are curious > about some details too ;) really. Tobias Amon schrieb: > Hi, > > I use e2fsprogs version 1.5.2 (I think) http://e2fsprogs.sourceforge.net/ exists, latest version is 1.35. > I got another solution. Yast, which came with Suse > is not able to

On Sat, Apr 14, 2012 at 12:20:00AM +0100, Dale Amon wrote: > I might add that virt-rescue now gets much further > than I have ever seen before... it shows a line > [ 245.032513] vda: vda1 vda2 > > before hanging forever. So it at least has gotten > to the point of recognizing the partitions on the > virtual disk I want to access. This hang is also characteristic of the

I feel really silly asking this, but where is read_residual_partitioned_rice > > _() ? I tried using the standard find feature on text editors for all of > the .c and .cpp files in libFLAC and libFLAC++, but nothing came up. -Mary On 7/11/06, Ralph Giles <giles@xiph.org> wrote: > > On Tue, Jul 11, 2006 at 04:17:41PM -0700, Mary Amon wrote: > > >

Just a warning to dovecot listmembers. The list is being harvested. test3943395 is a unique address I created only for communication to the dovecot list. The following spam came from: Received: from dial-dynamic-62-69-52-187.surfdial.murphx.net (dial-dynamic-62-69-52-187.surfdial.murphx.net [62.69.52.187]) by sasami.anime.net (8.11.6/8.11.6) with SMTP id j7FLxtv03775 for