similar to: patch to add built-in support for port knocking

I had a small battle with public key authentication today at the end of which I realized that the problem was the permissions on my home directory (previously I though ~/.ssh was all that mattered. You learn something new every day!). While I was trying to track this problem down, I used ssh -v and sshd -ddd to get as much information as possible about why my public key wasn't

This article describes how to implement "Port Knocking" in Shorewall. http://shorewall.net/PortKnocking.html -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key

I''ve been using the port knocking technique described in the Shorewall docs to control ssh access on one of our servers: http://www.shorewall.net/PortKnocking.html It works great, but occasionally one of the admins forgets to perform the close port operation. This leaves ssh open to the world until one of us notices. I''ve considered adding a cron job to close the port every

R Users: I'm wondering: Why does my logical vector becomes a numeric vector when stuffed into a data frame? How do I change this so that it's retained as a logical data type? I've tried a couple of things but to no avail. Here's my example code: # Exercise 4-1 in Non-Detects and Data Analysis. Dennis Helsel. 2005. # "Create two new variables in the Interval Endpoints

R users: I'd like to get some insight on an error I encounter when attempting to work with two moderately sized sets of time series data. FYI - I'm using the following versions of R and supporting packages on a Windows 2000 OS: - R version 2.4.1 (2006-12-18) - zoo version 1.2-2 - chron version 2.3-10 The two time series I'm working with are from the summer of 2004 and are: 1.)

R Users: My question is probably more about elementary statistics than the mechanics of using R, but I've been dabbling in R (version 2.2.0) and used it recently to test some data . I have a relatively small set of observations (n = 12) of arsenic concentrations in background groundwater and wanted to test my assumption of normality. I used the Shapiro-Wilk test (by calling shapiro.test()

Hi, the attached patch adds support for the keywords "OpenCommand" and "CloseCommand" to ssh_config. They are commands which are executed before the connection is established (or ProxyCommand started) and after the connection has been closed (or ProxyCommand ended). this is usefull for stuff like portknocking or (that's what I wrote the patch for) talking with trapdoor2

Hi folks Im currently doin firewall project.. the scenario is like this.. my application server open port number 3079 the server ip is 202.188.0.132. and now the port can be accessed from everywhere. Now i want to block all the everywhere accessed. But my problem is, the application will be accessed by few locations that doing transaction with the application server. and the said locations are

I haven't been keeping up with the internals, I'm afraid. Does OpenSSH have support for Port Knocking? I might be interested in looking into that, as a way of reacquainting myself with the current code base. --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |

So I found an excellent port knocking tutorial using ONLY iptables rules that looks to be among the best I've ever seen. (warning: techno music, tough to read screen, you don't need to type it in because I post a link to script below) http://www.youtube.com/watch?v=0zFQocf7C_0 It works fabulously for simply opening a port to a locally managed service, but I can't seem to get it

For what it's worth to those who want to play with SPA, here is a demo i whipped up. It is very easy to set up, and i almost guarantee anyone can get this running. What we will demonstrate: Bascially: An SPA demo. Requirements: Very little - a minimal setup of centos. This setup will demonstrate a client who initially cannot connect to a an ssh port on the server (the server is DROPing

When searching in google I could verify that many examples of used rules in shorewall do not exist to block port scanners external. Example: nmap. Somebody has some rule or example ? thanks.

I recently got a RFC on Eclipse and StatET setup from a R-help user, so here it is. Note: there may be slight errors of omission in my directions as I am making these notes after I had a successful install. If you have questions post here. Setup tested with Eclipse 3.4.0 on XP 32-bit and Eclipse 3.4.2 on Vista 32-bit. R 2.9.0 alpha. Installing StatET: 1. Go to Help > Software Updates...

Hi, I am quite new to asterisk so I am not sure what is needed to figure out this problem. If more information is needed and not provided I will gladly provide it. I have a very basic asterisk setup. 1 x100p card and a grandstream handytone 286. I can make calls fine to most phone numbers from the handytone device the trouble seems to come when I dial this number 591-1079. It puts me through to

Hello, I tried to install the acts_as_ferret plugin: ruby script/plugin install svn://projects.jkraemer.net/acts_as_ferret/tags/stable/acts_as_ferret but I get the response svn: Can''t connect to host ''projects.jkraemer.net'': connection refused. Everything ok over there or do I need to use a different route? Thanks for your help! Jay Sanders -- Posted via

R Users: ...been working with the sp and gstat packages for the past couple of days in an effort to analyze a set of ~ 200 soil samples collected from various eastings, northings, and depths and containing a wide range of measured hydrocarbon concentrations. Thus far, I've managed to import the data, log-transform the concentrations, assign coordinates, generate and fit a variogram model and

https://bugzilla.mindrot.org/show_bug.cgi?id=1808 Summary: "SetupCommand" invoked before connecting Product: Portable OpenSSH Version: 5.6p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org

The intent of this option is similar to "tls-auth" in openvpn[1]: To refuse to talk to anyone who doesn't know the shared secret. You could compare this to port knocking, in that it solves a similar problem. This also prevents RST attacks from killing an existing connection, even when attacker can sniff sequence numbers. This feature doesn't work through NAT, since the source

I was under the impression it was just compatibility, and not actually built-in, but I thought I'd ask here and just make sure of what I'm saying. :) TIA. -- Austin Gonyou Systems Architect, CCNA Coremetrics, Inc. Phone: 512-698-7250 email: austin at coremetrics.com "It is the part of a good shepherd to shear his flock, not to skin it." Latin Proverb -------------- next part

Dear OpenSSH developers, a publicly accessible sshd on port 22 generates a lot of log clutter from unauthenticated connections. For an exemplary host on a university network, sshd accumulates 5~20k log lines on a single day (more than 90% of the total amount of syslog lines). That is despite the host having a restricted configuration (no SSH password authentication, firewall rate limit for