similar to: ssh-proxy, a new approach to firewall software

Message-ID: <479F2A63.2070408 at centos.org> On: Tue, 29 Jan 2008 07:30:11 -0600, Johnny Hughes <johnny at centos.org> Subject Was: [CentOS] Unknown rootkit causes compromised servers > > SOME of the script kiddies check higher ports for SSH *_BUT_* I only see > 4% of the brute force attempts to login on ports other than 22. > > I would say that dropping brute force

On Sun, 2020-06-21 at 16:47 -0400, mailist wrote: > On 2020-06-21 15:33, Chuck Campbell wrote: > > I'm running Centos 7.8.2003, with firewalld. > > > > I was getting huge numbers of ssh attempts per day from a few specific > > ip blocks. > > If you can control the ssh clients, switch your port number to a > non-standard > port. Pick one in

Always Learning wrote: > > On Fri, 2015-02-13 at 09:46 -0500, Lamar Owen wrote: > >> On 02/13/2015 09:15 AM, Chris Adams wrote: >> > Yeah, the old "move stuff to alternate ports" thing is largely a waste >> > of time and just makes it more difficult for legitimate use. With >> > large bot networks and tools like zmap, finding services on

On Wed, September 23, 2015 00:11, Always Learning wrote: > > > That is great. When I started on Linux that was one of the very > first things I did. Every machine, including servers, has port 22 > replaced by a unique alternative port. Port 22 is also blocked in > IPtables. > > There is an army of dangerous nutters attempting to break-in to > everything. They often mask

On 8/7/2018 5:08 PM, Adi Pircalabu wrote: > - Since you're on dynamic IP at home, set up a VPN tunnel using the > mailserver as server and HTPC as client. OpenVPN is ubiquitous and > widely supported. > - rsync your mailboxes using the tunnel connection. > This way you can back up your entire server, not only the mailboxes. Instead of openvpn, I use openssh. Use compression

On 09-08-2018 10:05, Kenneth Porter wrote: > On 8/7/2018 5:08 PM, Adi Pircalabu wrote: >> - Since you're on dynamic IP at home, set up a VPN tunnel using the >> mailserver as server and HTPC as client. OpenVPN is ubiquitous and >> widely supported. >> - rsync your mailboxes using the tunnel connection. >> This way you can back up your entire server, not only

I am seeing a recent increase in SSH harvesting attempts and brute forcing in the log of my system. I'm interested in opening up some discussion around what OpenSSH can do itself to counter measure against: * DoS attack where too many unauthenticated connections are open. I'm not interested in stopping the professional saboteur but the casual script kiddie (to use IRC terms) from

Seems the script kiddies are now hitting vsftp with dictionary attacks. I had three boxes showing around 12000 attempts from one IP yesterday. My thoughts are that there should be an upstream solution for this which is then supported by the upstream vendor. Yes, I know there are several 'other' solutions, but I'd really like to stay mainstream and use a supported method for

Last couple of days some of my hosts were probed for UDP port 500 (IKE daemon, used by IPSec for key exchange) from dialup IPs. Don't remember seeing similar probes before. Some new vaulnerability that script kiddies (and pro crackers) are trying out, or is this some old stuff? I do remember there were some security problems with racoon in the past (that were fixed in current CentOS

Dear list: I am interested in the following sort of problem, as is found frequently in the field of QSAR. I have biological activity as a function of chemical structure, with structure defined in a categorical manner in that the SUBSTITUENT is the levels of the POSITION factor. For example, data from Kubinyi (http://www.kubinyi.de/dd-12.pdf) for this type of analysis is presented as follows:

Hi Guys, Running Dovecot 2 on my server. It is regularly getting dictionary auth attacked. What I have noticed is that once connected to a pop3/imap login session, you can send endless incorrect usernames+passwords attempts. This is a problem for me... I use fail2ban to try and stop these script kiddies. The problem is that fail2ban detects the bad auths, firewalls the IP, however,

On 10/03/2014 12:11 AM, centos-docs-request at centos.org wrote: > Send CentOS-docs mailing list submissions to > centos-docs at centos.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.centos.org/mailman/listinfo/centos-docs > or, via email, send a message with subject or body 'help' to > centos-docs-request at centos.org > >

I'm not really a programmer and I recently came across this hack to insert a short sleep statement into auth-passwd.c within sshd. It seems to quickly confuse automated dictionary attacks. I've moved sshd to higher ports but apparently the cretins are now scanning to look for that and attacking on whatever port sshd shows up on. Anyway, the link to the hack is here:

Hi, I dont think you can deny all ddos against your box, you will need help from your isp. That is because if a person sends you enough packets, like 1mbit (and your line is 1mbit) full of packets, your connection is stuck, whether you filter or not. Though you can mitigate those by closing all non needed ports, log them if any attempt is being made to connect to them, and use a bogon list which

[Sorry to clutter the list] I wonder if some kind soul with a decent library and scanner could do a major favour for me. I am looking for the design specs for the Ames room (that room with weird dimensions which you look into through a pinhole). I am led to believe by http://picpal.com/ames.html That there is a blueprint for this room in the second edition of Zusne and Jones' book,

Recently hacked sites..: http://www.linuxfoundation.org/ http://www.utorrent.com/ http://kernel.org/ http://www.linux.com/ Has the CentOS site ever been hacked? Are there any good audit processes to check the servers? CentOS team, please be aware, there are many script-kiddies OR pro's out there who want websites like yours! I love CentOS, and I don't want it to fail like

hi ya On Tue, Jul 28, 2015 at 11:35:31PM -0400, Chris Ross wrote: > > > On Jul 28, 2015, at 21:52 , Steffan Cline <steffan at hldns.com> wrote: > > > > Ok, I think I have come a little further. > > > > When dovecot stops accepting connections, I checked netstat and found this: > > > > [root at hosting1 ~]# netstat -an | grep 993 > >

On Thu, 24 May 2018 13:09:22 -0400 Marco Shmerykowsky PE via samba <samba at lists.samba.org> wrote: > > FWIW; I connected to the domain on the rolled back 1703 machine. > It wasn't connecting due to spelling errors on my end when setting > the various keys (Damn those post 40 eye/vision things - don't > get older kiddies). Can I suggest you do two things, stop

>Joris Vandeweerd wrote: > > you can watch on my site www.kayalion.net with network usage, eth1 is >the > > internet. > > > > i rebooted my server last night. i didn't connect and watched my eth1, >after > > 10 minutes there was allready +-8mb sent. > > stats now: > > uptime : 14 hours 20 minutes > > network usage : 736.02 MB > >

*SPYWARES Removing SOftwares* [image: Free Anti-Spyware Download] <http://anti-spyware2.50webs.com/> *Secure your PC from Hackers* *Virus and Spyware removal* *Script kiddies Blocker.* ** ** ** *Complete PC security. <http://anti-spyware2.50webs.com/>* --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups