similar to: Simple way to banish IP addresses ?

Hi, I've recently setup a new server for our public libraries. For the last two years, this has been my first "big" job, since it involves networking eleven small to medium size public libraries. There was a hiccup some time ago when the administration hiring me wanted to do it on their own, but it took them less than two weeks to get the server hacked and lose everything. So

Hello, What is the best way to protect multiuser systems from brute force attacks? I am setting up a relatively loose DenyHosts policy, but I like the idea of locking an account for a time if too many attempts are made, but to balance this with keeping the user from making a helpdesk call. What are some policies/techniques that have worked for this list with minimal hassle? Thanks! -Eugene

I'm looking for a way to deny access to dovecot from certain IP addresses, basically to help prevent brute force attacks on the server. Right now I'm using denyhosts which scans /var/log/secure for authentication failures which then can add an entry to /etc/hosts.deny, but since dovecot doesn't have tcp wrappers support, that doesn't do anything. It doesn't look like I can

Hi, to prevent scripted dictionary attacks to sshd I applied those iptables rules: -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --update --seconds 60 --hitcount 4 --name SSH --rsource -j DROP -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --set --name SSH --rsource And this is part of logwatch: sshd: Authentication Failures: unknown

Hi, I'm running CentOS 7 on an Internet-facing server. SELinux is in permissive mode for debugging. I've removed FirewallD and replaced it with a custom-made Iptables script. I've also installed and configured Fail2ban (fail2ban-server package) to protect the server from brute force attacks. Out of the box, Fail2ban doesn't seem to play well with SELinux. Here's what I

There's an article on slashdot about the Duqu team wiping all their intermediary c&c servers on 20 Oct. Interestingly, the report says that they were all (?) not only linux, but CentOS. There's a suggestion of a zero-day exploit in openssh-4.3, but both the original article, and Kaspersky labs (who have a *very* interesting post of the story) consider that highly unlikely, and the

I am working on "#699 Better tokenisation of mixed CJK numbers", and have implemented a partial patch of Chinese for this ticket. Current code works well with special test cases and all tests in xapian-core could still pass. But I'm confused with exact requirements of the question, for how much we could pay with performance on enabling more cases, and if there are better methods to

Hi, I'm currently installing a CentOS 5 desktop as a public internet access point. The machine shuts down every day automatically at 22:30. Is there a way I can display a message in GNOME at 22:15 warning the user that the machine will shutdown in 15 minutes ? Any suggestions ? Niki Kovacs

Hi! I need to delay failed ssh password authentication as an additional measure against brute force ssh attacks. I understand, that shoud be accomplished through pam, but googling gave me no example. I have CentOS 5.2. -- Veiko Kukk

Le 18/02/2015 09:24, Michael Volz a ?crit : > Hi Niki, > > md127 apparently only uses 81.95GB per disk. Maybe one of the partitions has the wrong size. What's the output of lsblk? [root at nestor:~] # lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 232,9G 0 disk ??sda1 8:1 0 3,9G 0 part ? ??md126 9:126 0 3,9G 0 raid1 [SWAP] ??sda2 8:2

Hi, I'm using the SquidAnalyzer network analysis tool in combination with Squid. Up until now, I've been running Slackware Linux on my servers. I built a custom package that installs SquidAnalyzer to /var/www/vhosts/squidreport/html. Then I setup an Apache virtual host for SquidAnalyzer's pages. Since I'm migrating my servers from Slackware to CentOS, I'd like to build a

Hi, Until last week, I could install a CentOS 7 based desktop using the following approach: 1. Install minimal system. 2. yum groupinstall "X Window System" 3. yum install gdm gnome-classic-session gnome-terminal liberation-fonts 4. Install applications as needed. This morning, the package group "X Window System" seems to have disappeared. This is embarrassing. What

just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc.... None of these are valid users. I know that I can block sshd all together with iptables but that will not work for us. I did a little research on google and found programs like sshguard and

Hi, What's the most simple way to check if my microphone works on a plain CentOS 5.3 desktop? Is there a simple way, for example, to record voice into a simple .wav file? Niki

On Tue, Feb 3, 2015 at 2:03 PM, Always Learning <centos at u64.u22.net> wrote: > > Nothing wrong with letting "an expert" preconfigure the system and then, > after installation, the SysAdmin checking to ensure all the settings > satisfy the SysAdmin's requirements. > I'd just rather see them applying their expertise to actually making the code resist

So I setup ssh on a server so I could do some work from home and I think the second I opened it every sorry monkey from around the world has been trying every account name imaginable to get into the system. What's a good way to deal with this?

Hi, Is there any way I can read a .docx file on my CentOS desktop ? Cheers, Niki

Hi, Until now, I've only managed local user management on small network with no more than five or six machines, e. g. all user data stored locally on each and every machine (/etc/passwd, /etc/shadow, /etc/group). Now I'd like to learn remote identity management, that is, all user data stored centrally on one machine (so I don't have to wonder who has which UID and GID when I want

Hi, I'm looking for recommendations for documentation about the specificities of RHEL/CentOS 7.x. It can be either online or in printed book format, and I'm fluent in german, french and english. I have a good books about 5.x: "RHEL 5 Unleashed" from Sams, "Foundations of CentOS Linux" and "The Definitive Guide to CentOS", both from Apress. Can anyone

Hi, Is there any 'explodepkg' equivalent for the rpm command? What I want is simply uncompress an RPM package to get the files directly, but I didn't find anything in rpm's manpage. Cheers, Niki Kovacs