similar to: sshd_config parameter to deal with multiple failed logins

> > Offlist/OT - Sheer guess, straight out of my parts - maybe a cronjob to > rebuild the locate db or something similar is hammering it once a week? In the problem condition, there appears to be very little going on on the system. eg., root at server5:/tmp# /usr/local/bin/top last pid: 3828; load avg: 4.29, 3.95, 3.84; up 6+23:11:4407:12:47 79 processes: 78 sleeping, 1 on

> > Shot in the dark here: > > What are you using for the sharenfs value on the ZFS filesystem? Something like rw=.mydomain.lan ? They are IP blocks or hosts specified as FQDNs, eg., pptank/home/tcrane sharenfs rw=@192.168.101/24,rw=serverX.xx.rhul.ac.uk:serverY.xx.rhul.ac.uk > > I''ve had issues where a ZFS server loses connectivity to the primary DNS server and

Hello, I saw that OpenSSH release 6.7 removed all CBC ciphers by default. Is CBC therefore considered as broken and unsecure (in general or SSH implementation)? I also read a lot of references (see below) but still not clear to me what's the actual "security status" of CBC and why it has been removed in general. http://www.openssh.com/txt/release-6.7 sshd(8): The default set

Hi, I was testing Samba 3.0.1 as a logon server on a Solaris 9 Sparc box. I compiled Samba using gcc 3.3 with the following options: configure --prefix=/local/samba-3.0.1 --enable-static --with-nis --with-quotas --with-syslog --with-msdfs --with-utmp I set utmp = yes in the smb.conf file The samba server does create login entries but minus the hostname entries. The following

As an alternative to polling the client, as Ryan describes, you could consider piggy-backing the status updates on the back of other ajax responses. Which way you go depends entirely on the nature of your app, in particular: 1. how frequently it generates ajax traffic anyway 2. how long the server-side process is going to take If the server-side process takes, say, 20 seconds, polling is a

Is it possible to somehow send an email containing the user password if it is stored as a md5 hash in the database? Is it stupid to save the passwords as clear text strings in the db? Its a web shop. A workaround would be to generate a new password and send it to the user. If the user then want to, he may change to another password. Any other thoughts on this? //D -- Posted via

On Aug 28, 2013, at 1:50 PM, Paul Robinson <pogo.work at gmail.com> wrote: > On Mon, Aug 26, 2013 at 9:14 PM, Todd Jackson <quantum.skyline at gmail.com>wrote: > >> Personally, I think it is necessary to go for the strongest random number >> generator possible. Cryptographically secure pseudorandom number >> generators have good properties that make them

Everyone: We're starting to see a rash of password guessing attacks via SSH on all of our exposed BSD servers which are running an SSH daemon. They're coming from multiple addresses, which makes us suspect that they're being carried out by a network of "bots" rather than a single attacker. But wait... there's more. The interesting thing about these attacks is that

Hello, I'm afraid this message is going to be a little long (188 lines, not counting the headers). It is comprised, in fact, of two posts I sent to the comp.protocols.smb newsgroup, from which I've not received any replies. I'm hoping I can have better luck with the mailing list, (to which I've just subscribed, so it's probably most appropriate to send replies there...)

Hi, I was trying to install Samba 3.0 Alpha 9 onto a server running HPUX 11.00 64 bit. I have the Openldap libraries installed and also Kerberos (the PAM Kerberos and KRB5 Dev Tools available from the HPUX application CDs). I have followed the instructions as outlined in the Samba 3.0 prealpha guide to Kerberos authentication (Steps 1-2, Step 5) and everything seems to be fine at steps 1-2 (the

Hi, The following error message misspells the name of the 'dim' argument: > array(integer(0), dim=integer(0)) Error in array(integer(0), dim = integer(0)) : 'dims' cannot be of length 0 The name of the argument is 'dim' not 'dims': > args(array) function (data = NA, dim = length(data), dimnames = NULL) NULL Cheers, H. -- Herv? Pag?s

Hi folks, first of all thanks for Dovecot, I appreciate it a lot. On one of our servers, we experience regular tries to brute force logins, probably based on harvested mail addresses. Now I wonder if dovecot has or could in future have some mechanism to blacklist remote IP addresses after a configurable number of failures to login to any account. Blacklisted IPs could simply be disconnected

Hi! I want to detect brute-force password hacking attacks - thus if there are too many failed login attempts for a SIP account I want to "lock" this account. Does somebody have any ideas how this could be implemented? thanks klaus

Hi everyone, Thanks all for your feedback. Here is a reply to most of your comments.... Roger. Chris Evans wrote: > On Mon, 9 Mar 1998, Rogier Wolff wrote: > > not to give those rights away. A non-setuid program should not have to > > worry about buffer overruns (you can crash the program, wow!). It > Just a reminder, that in some cases, it _should_ worry. As a

Message-ID: <479F2A63.2070408 at centos.org> On: Tue, 29 Jan 2008 07:30:11 -0600, Johnny Hughes <johnny at centos.org> Subject Was: [CentOS] Unknown rootkit causes compromised servers > > SOME of the script kiddies check higher ports for SSH *_BUT_* I only see > 4% of the brute force attempts to login on ports other than 22. > > I would say that dropping brute force

Hi, Since upgrading our mail servers to Postfix/Dovecot, we've seen a rather large increase in botnet brute force password attacks. I guess our old servers were too slow to suit their needs. Now, when they hit upon a valid user, it's easy to see what passwords they are trying (we've enabled auth_debug_passwords and set auth_verbose_passwords = plain). We can easily have log

This is a small 12 line system, internal extensions 150 - 180. I didn't have a phone on 151. Here's the sip.conf stanza: ;;[151] ;;type=friend ;;context=longdistance ;;callerid="Conf Room" <151> ;;secret=0000 ;;host=dynamic ;;qualify=yes ;;dtmfmode=rfc2833 ;;allow=all ;;defaultuser=151 ;;nat=yes ;;canreinvite=no There's no DISA. And then somehow (how???) ip address

I am using nls to fit a non linear function to some data. The non linear function is: y= 1- exp(-(k0+k1*p1+ .... + kn*pn)) I have chosen algorithm "port", with lower boundary is 0 for all of the ki parameters, and I have tried many start values for the parameters ki (including generating them at random). If I fit the non linear function to the same data using an external

# Just when I thought I had the basic stuff mastered.... # This has been quite perplexing, thanks for any help ## Here's the example: db1=data.frame( olditems=c('soup','','','','nuts'), prices=c(4.45, 3.25, 4.42, 2.25, 3.98)) db2=data.frame( newitems=c('stew','crackers','tofu','goatsmilk','peanuts'))

Hi all, After upgrading my first Samba AD DC from el7.4 to el7.5, I had the pain of being greeted with a non-fonctional Samba. When I used samba-tool, I was greeted with that message: root at dc00 ~]# samba-tool dbcheck ldb: module version mismatch in ../source4/dsdb/samdb/ldb_modules/acl.c : ldb_version=1.2.2 module_version=1.1.29 ldb: failed to initialise module /usr/lib64/samba/ldb/acl.so :