similar to: [WTA] Automatically blocking on failed login

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> </head> <body bgcolor="#ffffff" text="#000000"> Dear All,<br> I'm newbie and i want to know Your opinion about CentOS vs Fedora, hopefully this isn't make a flame, and just to curious..<br> Actucally now I'm using CentOS as some servers.

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> </head> <body bgcolor="#ffffff" text="#000000"> Hi All,<br> I'm just tried to install and build replicate failover PDC using DRBD and HA, but i can't load DRBD kernel module.<br> Now i'm using CentOS 5.3 up to date. This DRBD's

I was wondering if anyone had implemented rules like this in shorewall: http://blog.andrew.net.au/tech I see tons of brute force attempts on the machines I administer, and I like the idea of limiting them without the need for extra daemons scanning for attacks. Thanks, Dale -- Dale E. Martin - dale@the-martins.org http://the-martins.org/~dmartin

I added these rules to IPTABLES to slow brute force attacks. iptables -A INPUT -p tcp --dport 22 -s my_subnet/24 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 5 --rttl --name SSH -j DROP I would like log entries when connections are dropped to see

Hi, My server is under attack allows the attacker to abuse of a php script of a vhost. How can I find what is the script. Regards, maverh

fail2ban might be good for this. On 04/05/2011 01:00 PM, asterisk-users-request at lists.digium.com wrote: > > Date: Tue, 5 Apr 2011 08:44:41 -0700 (PDT) > From: Steve Edwards<asterisk.org at sedwards.com> > Subject: Re: [asterisk-users] Iptables configuration to handle brute > force registrations? > > On Tue, 5 Apr 2011, Gilles wrote: > >> I'm no expert

I ask because I only receive attacks when I activate icecast. I can not do anything at the application level ?. i used ubuntu server 16.04. thanks. 2018-06-05 14:52 GMT-05:00 Alejandro Flores <alex at mordormx.net>: > I think you should contact to your connectivity provider, hopefully they > can provide you the Anti DDOS protection. > > > On Tue, Jun 5, 2018 at 2:16 PM,

Hi ls postfi same as sendmail / exim ? any mail program better to configure/manage Thank you so much Send instant messages to your online friends http://uk.messenger.yahoo.com

Hey All I am very new to dovecot ecosystem. Found the software really robust and secure. Kudos to the team!!! We are setting up dovecot imap servers sharing a single nfs mount point. So to avoid nfs cache issues, we are setting up dovecot director. We are using dovecot version 2.2.10. While going through the documentation of dovecot director I stumbled across the following lines in passdb

Dear All, Today I'm trying to install CentOS 6 boot using text mode, but I can't create custom partition layout because I can't find the custom partition layout menu. Where is manually partition setup in text mode install? Please advice... -- -- Thanks& regards, David ------------------------ http://blog.pnyet.web.id

Skipped content of type multipart/signed-------------- next part -------------- -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.tuxedo.org/~esr/faqs/smart-questions.html

On 02/04/2015 02:08 PM, Lamar Owen wrote: > > 3.) Attacker uses a large graphics card's GPU power, harnessed with > CUDA or similar, to run millions of bruteforce attempts per second on > the exfiltrated /etc/shadow, on their computer (not yours). > 4.) After a few hours, attacker has your password (or at least a > password that hashes to the same value as your password),

We alse have same problem, now we are running Dovecot 2.2.30.2 and also use Dovecot SASL for SMTP authentication (postfix 2.11). We need to save all failed login attempts to database as source IP address, username and date and time but post-login script can do this but only after successful login. Failed login attempts information may be useful in the fight with bruteforce attacks. It's

Gang, For months now, we're all seeing repeated bruteforce attempts on SSH. I've configured my pf install to ratelimit TCP connections to port 22 and to automatically add IP-addresses that connect too fast to a table that's filtered: table <lamers> { } block quick from <lamers> to any pass in quick on $ext_if inet proto tcp from any to ($ext_if) port 22 modulate

Steps to reproduce: 1) PermitRootLogin no in sshd_config 2) login with "root" user from other host Present behaviour: 1) it asks for password 3 times and only then close the connection. 2) cpu consumption during bruteforce "attacks". Expected behaviour: Immediate disconnect/login fail Workaround is to change ssh port, or ban IP after some login fails, or limit IP that can

I have been playing around with 3 ath based FreeBSD boxes and seem to have got everything going via WPA and a common PSK for 802.11x auth. However, I want to have a bit more certainty about things working properly. What tools do people recommend for sniffing and checking a wireless network ? In terms of IDS, is there any way to see if people are trying to bruteforce the network ? I see

Hello, all. I read this document about iptables recent module. http://blog.andrew.net.au/2005/02/16#ipt_recent_and_ssh_attacks and I would like to filter the excessive spam mail sending ip address by iptables recent module. and some questions. iptables -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --set --name SPAM iptables -A INPUT -p tcp --dport 25 -m state --state NEW -m

On 02/03/2015 03:44 PM, Always Learning wrote: > There should be a basic defence that when the password is wrong 'n' > occasions the IP address is blocked automatically and permanently > unless it is specifically allowed in IP Tables. As has been mentioned, fail2ban does this. However, the reason you want a password that is not easily bruteforced has nothing to do with this,

Dear All, I just got a new server with the following specifications: motherboard : Intel S5500BC CPU : Xeon Quad Core 2.6Ghz RAM : 8GB HDD : 4 x 2TB SATA with configured raid 10 using raid embedded server. The problem is the centos installer can't detect raid virtual disk. I can't find any log error with the following error messages during installation process:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=57859 There's a method to see if an account exists or not: if it does exist, and the password fails, there's a small delay before getting the prompt again. But if it doesn't, the password prompt returns immediately. Looks like a bug... :o) -- Florin Andrei Linux Is Not "gnU linuX"