Displaying 20 results from an estimated 200 matches similar to: "no logging in auth.log when using wrong ssh keys"
2007 Mar 02
1
How to log VERBOSE statement to a file?
I would like to log a verbose statement in my 900/976 extens to a
special file called 'attacks'.
These are not standard messages like debug, notice, warning, error,
vebose or dtmf that could be logged to /var/log/asterisk/messages.
Does the 'verbose' in VERBOSE commands have anything to do with the
'verbose' in error messages?
I tried >> redirection of a
2006 Jan 09
0
Re: Logcheck-users Digest, Vol 5, Issue 1
The entry is probably not igored because of
the word deny in your path .
You might better set your rule in violation.ignore.d/ directory.
At 13:00 09/01/2006, you wrote:
>Send Logcheck-users mailing list submissions to
> logcheck-users@lists.alioth.debian.org
>
>To subscribe or unsubscribe via the World Wide Web, visit
>
2001 Feb 26
3
status of undelete
Months ago there was a thread here about the implementation of a
simple undelete-function (i.e: dont delete files, but move them to a
folder).
Is this this still a relevant idea or has this feature low priority ?
thanx,
peter
ps: anyone knows about a 3rd-party software (propably on nt-side) that
implements such a feature ?
--
mag. peter pilsl
phone: +43 676 3574035
fax : +43 676 3546512
1998 Sep 30
1
Strange thing with free diskspace (PR#10111)
ra@hp.is wrote:
>
> I installed the lastest samba on a HP-UX 10.20 system that is well
> patched. On that box I have a filesystem that 90 Gigs total size.
> Free space in the filesystem is now 70 Gigs, but samba only
> reports just under 4 gigs to PC's (or Mac's running something called
> dave)
>
> What can I do about this ?
>
Nothing right now - Samba
2009 Aug 26
1
denyhosts configuration
Hello,
I've installed denyhosts on centos 5.3 trying to block automated
attacks on ssh. It appears to be working in that entries are being added to
/etc/hosts.deny yet the daily emails sent from denyhosts show only one ip
being added perday when the total is many more than that. My config is
below, i've gone over it and am not seeing what i missed. Suggestions
welcome.
I was also
2017 Oct 15
0
denyhosts-2.9-4.el7 not resync'ing
Everyone,
It is apparent that the epel version of denyhosts on Centos 7 which is
denyhosts-2.9-4.el7.noarch does not resynch with :
SYNC_SERVER = http://xmlrpc.denyhosts.net:9911
According to :
https://www.centos.org/forums/viewtopic.php?f=51&t=56989
the problem is related to a version update problem in the epel
repositories.
I submitted a bugzilla report :
2009 Jul 09
3
Looking for recommendations for blocking hacking attempts
Hello:
I have been looking into projects that will automatically
restrict hacking attempts on my servers running CentOS 5.
I think the two top contenders are:
DenyHosts - http://denyhosts.sourceforge.net
Fail2ban - http://www.fail2ban.org
>From what I see, DenyHosts only blocks based on failed
SSH attempts whereas Fail2ban blocks failed attempts
for other access as well.
The main benefit
2012 Jul 05
7
proper usage of global variables / node variables / +=
Hello puppet masters, I am cleaning up some puppet modules, using
puppet-lint. The warning I am getting is:
top-scope variable being used without an explicit namespace
I can turn this particular check off, but in doing my research I''m
finding all sorts of messages saying to avoid using +=, to avoid using
variables in the node scope, and to switch to a parameterized class
whenever
2006 Aug 30
3
No tcp wrappers, other ideas to help stop brute force attacks?
I'm looking for a way to deny access to dovecot from certain IP
addresses, basically to help prevent brute force attacks on the
server.
Right now I'm using denyhosts which scans /var/log/secure for
authentication failures which then can add an entry to
/etc/hosts.deny, but since dovecot doesn't have tcp wrappers support,
that doesn't do anything.
It doesn't look like I can
2007 Sep 26
4
Intrusion Detection Systems
Situation: We are providing hosting services.
I've grown tired of the various kiddie scripts/dictionary attacks on
various services. The latest has been against vsftpd, on systems that I
can't easily control vs. putting strict limits on ssh. We simply have
too many users entering from too many networks many with dynamic IP
addresses.
Enter.... thinking about LIDS or Log Based
2010 Jan 16
0
Processed: tag ipv6 related packages
Processing commands for control at bugs.debian.org:
> # Tagging bugs related to IPv6 support according to bug title (and checked for false positive)
> # Maintainer, sorry if you consider the tag as not relevant
> tag 561835 +ipv6
Bug #561835 [openjdk-6-jdk] josm: net.ipv6.bindv6only=1 breaks OSM access
Added tag(s) ipv6.
> tag 560837 +ipv6
Bug #560837 {Done: Krzysztof Krzy??aniak
2010 Jan 16
0
Processed: tag ipv6 related packages
Processing commands for control at bugs.debian.org:
> # Tagging bugs related to IPv6 support according to bug title (and checked for false positive)
> # Maintainer, sorry if you consider the tag as not relevant
> tag 561835 +ipv6
Bug #561835 [openjdk-6-jdk] josm: net.ipv6.bindv6only=1 breaks OSM access
Added tag(s) ipv6.
> tag 560837 +ipv6
Bug #560837 {Done: Krzysztof Krzy??aniak
2001 Feb 27
4
AllowHosts / DenyHosts
I'd like to see a feature of the commercial ssh in openssh:
AllowHosts xxx.yyy.xxx.yyy *.domain.net
DenyHosts xxx.yyy.xxx.* name.domain.net
This allows or denies connects from certain machines (including wildcard
matching).
Is there any chance for this feature to be included? No, we don't want to
use tcp-wrapper for this.
Bye.
2007 Oct 02
1
denyhosts
Hi,
My denyhosts stop working. How do i check why isnt it working anymore for
me?
Thanks
Oct 2 22:59:17 beyond sshd[15690]: Failed password for root from
221.7.37.142 port 49836 ssh2
Oct 2 22:59:17 beyond sshd[15692]: Received disconnect from 221.7.37.142:
11: Bye Bye
Oct 2 22:59:18 beyond sshd[15701]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser=
2008 Jan 21
5
denyhosts-like app for MySQLd?
Hi all,
?Is there any app like denyhosts[1] but intended for MySQLd service?
We have a mysql ports (3306) opened for remote connections, and
obviously the /var/db/mysql/machine_name.log is full of these kind of
entries:
...........
936012 Connect Access denied for user 'user'@'85.19.95.10' (using
password: YES)
936013 Connect Access denied for user
2010 Feb 04
1
proftpd wrap
Hi,
My ftpd is being abused.
Maximum login attempts exceeded from hosts:
::ffff:64.251.22.142[::ffff:64.251.22.142] : 24197 Time(s)
I had came across an article stating that proftpd with mod wrap can actually
block these IP using denyhosts.
I had googled but I did not see any proftpd rpm with mod wrap. Is there
anyone with a copy would like to share?
Or can someone share a spec file, so I
2007 Mar 13
4
Centos-specific Denyhosts Howto Anyone?
Hi, after reading the docs (no man page) and seeing a few example
howtos, I see none for Centos specifically.
I hereby offer to write this and even host it, and any other wiki-able
howto you want, if you can school me on the first few steps relevant to
how to link up the current rpmforge rpm for RHEL4-64. See, right now,
the one for centos loads into the /usr/share/doc, which is an odd place
2016 Jun 02
2
MaxDisplays configuration option
Hello,
I manage OpenSSH on a dozen or so servers that act as gateways for a large
amount of developers and system administrators. On these servers it is
common for there to be more than 1000 active X11 forwards active at peak
usage. Beyond ~1000 active X11 forwards, sshd will fail to bind additional
ports due to a hard coded range check in channels.c that limits the port
range that sshd will
2009 Aug 20
5
protecting multiuser systems from bruteforce ssh attacks
Hello,
What is the best way to protect multiuser systems from brute force
attacks? I am setting up a relatively loose DenyHosts policy, but I
like the idea of locking an account for a time if too many attempts
are made, but to balance this with keeping the user from making a
helpdesk call.
What are some policies/techniques that have worked for this list with
minimal hassle?
Thanks!
-Eugene
2000 Dec 22
3
SecurID patch.
What are the chances of getting the SecurID patch integrated into OpenSSH? I
think I asked before and was told that it could be done with PAM, but I (and
others) are not satisfied with the PAM support.
This "tight" integration seems to work much better.
If not, I'll just sit on my rogue patches :-(
--
Theo Schlossnagle
1024D/A8EBCF8F/13BD 8C08 6BE2 629A 527E 2DC2 72C2 AD05 A8EB