Displaying 20 results from an estimated 2000 matches similar to: "rate limiting sshd connections ?"
2013 Jan 06
2
audit events confusion
On a rather full customer web server, I am trying to track down whose
web site script is trying to make outbound network connections when they
should not be. In /etc/security/audit_control, I added to the flags line
dir:/var/audit
flags:lo,aa,-nt
minfree:5
to log failed network connection. When I try an make an outbound
connection to something that is blocked in pf, it seems to sometimes
work.
2003 Sep 16
9
FreeBSD Security Advisory FreeBSD-SA-03:12.openssh
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-03:12 Security Advisory
FreeBSD, Inc.
Topic: OpenSSH buffer management error
Category: core, ports
Module: openssh, ports_openssh,
2005 Jan 08
1
OSX Intrusion Suspected, Advice Sought
JohnG <mcsjgs@cox.net> wrote:
> I run OS X 10.3.7 on a PowerMac MDD G4 on a cable broadband connection.
> I have reason to think my system has been tampered with. Security
> features in Mac OS X have been left unlocked (Preference Pane - Users)
OSX is substantially different from FreeBSD (even without netinfo)
despite having some of the same source code. I doubt you'll find
2017 Jul 24
8
syslog from chrooted environment
I have a somewhat busy sftp server where the users are all chrooted into
their home directory. In order to log all the commands they enter, I
have to create a /dev/log entry and hard link in their home directory so
that syslog works for their commands
Match user *
ForceCommand internal-sftp -f local1 -l verbose
Everything works, but its a bit of a pain if someone restarts syslogd
and forgets
2010 Sep 04
3
Vitelity offline?
Vitelity seems to be offline to both IP and voice traffic. Is there any
place to find out what their status is?
Roger Marquis
2003 Dec 07
5
possible compromise or just misreading logs
I am not sure if I had a compromise but I am not sure I wanted some other
input.
I noticed in this in my daily security run output:
pc1 setuid diffs:
19c19
< 365635 -rwsr-xr-x 1 root wheel 204232 Sep 27 21:23:19 2003
/usr/X11R6/bin/xscreensaver
---
> 365781 -rwsr-xr-x 1 root wheel 205320 Dec 4 07:55:59 2003
/usr/X11R6/bin/xscreensaver
It was the only file listed and I didn't
2017 Sep 26
2
tweaking max sessions / scaling
Other than cranking up logging to debug2, is there a way to better tune
logging on a server to see if I am running into max sessions ? On
FreeBSD RELENG11 I am periodically seeing connections being refused-
3way handshake not completing or completing and then FINs.
Typically, I have a hundred or so connections at one time, but they can
bounce up to a few hundred on occasion. Without leaving the
2006 Sep 05
2
http://www.openssl.org/news/secadv_20060905.txt
Does anyone know the practicality of this attack ? i.e. is this trivial to do ?
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada
2004 Jan 16
1
HiFn / FAST_IPSEC question
Hi,
Just got some of the new Soekris 1401 VPN cards based on the hifn 7955 chip.
hifn0 mem 0xe8510000-0xe8517fff,0xe8518000-0xe8519fff,0xe851a000-0xe851afff
irq 5 at device 0.0 on pci1
hifn0: Hifn 7955, rev 0, 32KB dram, 64 sessions
vs
hifn0 mem 0xeb902000-0xeb902fff,0xeb901000-0xeb901fff irq 10 at device 8.0
on pci0
hifn0: Hifn 7951, rev 0, 128KB sram, 193 sessions
When it says "n
2017 Jul 25
3
syslog from chrooted environment
On 7/24/2017 8:39 PM, Nico Kadel-Garcia wrote:
>
> Why are the targets of the hardlinks evaporating on rebooting? Is that
> a FreeBSD'ism?
Its when syslogd stops/starts. The hardlinks need to be recreated for
some reason.
---Mike
--
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet services since 1994
2003 Nov 26
1
perms of /dev/uhid0
I wrote a small app that monitors a Back-UPS ES500 UPS via the uhid0
interface. I want to run the daemon with as little privs as possible.
gastest# ls -l /dev/uhid0
crw-rw---- 1 root operator 122, 0 Nov 12 05:26 /dev/uhid0
gastest#
Is it safe to chmod o+r /dev/uhid0 ? Or is there a better way to drop
privs of the daemon yet still be able to read from the device ?
All I am doing is
2008 Feb 13
3
AMD64 vs i386, ifstat and bsnmp
Couple of little things I noticed with a new RELENG_7 AMD64 box (as
of yesterday)
ifstat from the ports cannot seem to find interfaces for some reason
? It works fine on i386
[ns8]# ifstat -b
ifstat: no interfaces to monitor!
[ns8]#
[ns8]# ifconfig
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
2003 Aug 28
1
new DoS technique (exploiting TCP retransmission timeouts)
An interesting paper
http://www.acm.org/sigcomm/sigcomm2003/papers/p75-kuzmanovic.pdf
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
2003 Jul 01
2
4.9R bug fix ?
Any chance someone can look at / commit the fix in PR 52349 before 4.9R ?
Its a simple fix. As it is to netstat, I dont know of anyone who 'owns'
that program to bug other than to make a general plea :-)
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications,
2005 Apr 20
4
1.0 release
I'm dying to use the 1.0 capability to use more than one mysql user
pasword database. However, I'm too chicken to use 1.0-test in a
production environment. Does anyone know if there is a planned
release date for 1.0? Or can anyone say how risky it is to use
1.0-test?
2008 Dec 02
6
repeatable crash on RELENG7
While trying to speed up nanobsd builds, I mounted /usr/obj on a
ramdisk and found my box crashing. Thinking it might be hardware, I
tried a separate machine, but with the same results. I have 4G of
ram (i386). Am I just running out of some kernel memory ? If so, is
there anything I can adjust to prevent this, yet still use mfs in this way ?
mdconfig -a -t malloc -s 1800M
newfs /dev/md0
2005 Mar 04
4
Fwd: FreeBSD hiding security stuff
FYI
>To: misc@openbsd.org
>Subject: FreeBSD hiding security stuff
>Date: Fri, 04 Mar 2005 03:51:42 -0700
>From: Theo de Raadt <deraadt@cvs.openbsd.org>
>
>A few FreeBSD developers apparently have found some security issue
>of some sort affecting i386 operating systems in some cases.
>
>They have refused to give us real details.
>
>A promise is now being
2004 Mar 27
1
Security updates
Hallo.
I am new to FreeBSD and i wanted to ask something since systems security is
what interests me the most.
Does freebsd have an automated update system like redhat has ?
Also where can i find a list with patches for all local - remote holes and
bugs of FreeBSD 4.9 ?
Thank you very much for your time !
Best Regards
A. Stamatis
2006 Sep 28
1
OpenSSH DoS issue ?
Is the version in FreeBSD vulnerable ?
http://www.openssh.com/txt/release-4.4
I know version 1 is disabled by default, but if its not, does it
impact the daemon ?
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing
2003 Sep 23
1
NTP common code base ?
Cisco released an advisory about their ntp client and server having a bug
http://www.cisco.com/warp/public/707/NTP-pub.shtml
Is there a common code base at all that would have relevance to the code in
FreeBSD ? I noticed in the COPYRIGHT file cisco has made some contributions.
---Mike
--------------------------------------------------------------------
Mike Tancsa,