similar to: under another kind of attack

I'm fitting a regression tree with rpart and I want to write the values for every leaf in a dataset. As an example take the variable turnover. Let's suppose my tree for turnover has 30 leaves and I want to have 30 datasets with dataset 1 containing the turnover values of the units in leaf 1, dataset 2 containing turnover values for the observations in leaf 2 and so on. How can I do

Hi Bert thank you for the reply. Not a coding query as such. Just wanted some pointers towards how to handle strata using the package in my situation, i.e. business type X business size with information for count and financial turnover. many thanks On 31 October 2017 at 14:37, Bert Gunter <bgunter.4567 at gmail.com> wrote: > 1. There is no question here. > > 2. In any case, this

Hi all I am hoping to use the SamplingStrata R package for a dataset describing a population of businesses wherein I have information on the type of business, as well as, for designated employment number bands, number of employees and business turnover information. So in this context the employment number bands can be described as micro, small, medium and large, i.e. size of business. Hence I

1. There is no question here. 2. In any case, this is not a code writing service, so a question about how to code models without any offering of your own attempts might not be replied to anyway. 3. For what sorts of queries you might expect replies to, please read and follow the posting guide below. Also, if you do post, please post in plaint text, not html, as the latter (especially code) can

Hi Christian, I’m sorry, but this is still on my todo list. I’ve been a bit DoS’d lately, but I do hope to come back to this soon. -Chris > On Feb 21, 2020, at 4:24 AM, Christian Kühnel <kuhnel at google.com> wrote: > > Hi Chris, > > Did you reach any decision on how to move forward? > I would be happy if we get this (or something similar) started... > >

Hi all I am hoping to use the SamplingStrata R package for a dataset describing a population of businesses wherein I have information on the type of business, as well as, for designated employment number bands, number of employees and business turnover information. So ideally the stratification will be business type X business size. I am not 100% sure what "domains" (in the vernacular

Am 18.07.2017 um 21:44 schrieb mj: > Hi all, > > It seems we are under some kind of password guessing attack: > >> Jul 18 21:33:33 auth: Info: >> ldap(username1,103.6.223.61,<W7wLl5xUfABnBt89>): invalid credentials >> (given password: 1q2w3e4r5t) >> Jul 18 21:34:16 auth: Info: >> ldap(username1,221.4.61.180,<89WnmZxUrADdBD20>): invalid

On Tue, 18 Jul 2017, dovecot-request at dovecot.org wrote: > Thanks for the quick follow-ups! Much appreciated. After posting this, I > immediately started working on fail2ban. And between my initial posting > and now, fail2ban already blocked 114 IPs. > > I have fail2ban with maxretry=1 and bantime=1800 > > However, it seems almost all IPs are different, and I don't

Hi Robert, On 07/18/2017 10:15 PM, mj wrote: > Robert, your iptables suggestions are _very_ interesting! However, will > they also work on imaps/993, because of the ssl? I have adjusted and put into place your iptables suggestion like this: > iptables -I INPUT -p tcp --dport 143 -m string --algo bm --string '1q2w3e4r' -j DROP > iptables -I INPUT -p tcp --dport 993 -m string

On 19/07/2017 11:23, mj wrote: > Hi Robert, > > On 07/18/2017 11:43 PM, Robert Schetterer wrote: >> i guess not, but typical bots arent using ssl, check it >> >> however fail2ban sometimes is to slow > > I have configured dovecot with > auth_failure_delay = 10 secs > > I hope that before the 10 sec are over, dovecot will have logged about the >

mj <lists at merit.unu.edu> writes: >>> However, it seems almost all IPs are different, and I don't think I can >>> keep the above settings permanently. >> >> Why not? Limited by firewall rules overload? You could probably use >> a persistent DB, can't you? > > I meant: keep the "block after the first failed attempt" setting.

I have concoted something that seems to work. And for the archives, this is it: > failregex = auth: Info: ldap\(.+,<HOST>,.+\): invalid credentials \(given password: .+ssword\) > auth: Info: ldap\(.+,<HOST>,.+\): invalid credentials \(given password: 1qaz2wsx\) > auth: Info: ldap\(.+,<HOST>,.+\): invalid credentials \(given password: 123321\)

Hi Robert, > i dont understand why you focused on that ldap strings > fail2ban should trigger on some "Authentication failure" regex in the > related syslog > > perhaps this will help to make it more clear > > http://www.stefan-seelmann.de/wiki/fail2ban#postfix-and-dovecot Yes, but I have that as well. :-) I wanted two kinds of blockings: #1: Everybody trying

Am 20.07.2017 um 20:03 schrieb mj: > Hi Robert, > >> i dont understand why you focused on that ldap strings >> fail2ban should trigger on some "Authentication failure" regex in the >> related syslog >> >> perhaps this will help to make it more clear >> >> http://www.stefan-seelmann.de/wiki/fail2ban#postfix-and-dovecot > > Yes, but I

mj <lists at merit.unu.edu> wrote: > - for external users, to ONLY be allowed to use an application specific > password. (or username and password, fine as well) > > Step one: making ldap password authentication valid only from our > internal network. I though: using allow_nets=192.168.1.0/24 for that passdb > > But I can't get that to work. :-( Unsure where exactly

"mourik jan c heupink" <lists at merit.unu.edu> writes: > On 07/24/2017 04:51 AM, Joseph Tam wrote:> You are essentially writing your own backend by taking over >> authentication. You'll be accepting user/password inputs into your >> checkpassword executable, then use the LDAP API (or some other system...snip >> and source address, which will be

Olaf Hopp <Olaf.Hopp at kit.edu> writes: > I have dovecot shielded by fail2ban which works fine. But since a few > days I see many many IPs per day knocking on my doors with wron > password and/or users. But the rate at which they are knocking is very > very low. So fail2ban will never catch them. Slow roll distributed attacks. Really hard to stop. > And I see many many

Olaf Hopp <Olaf.Hopp at kit.edu> wrote: > And I have a new one just for "unknown user" and here my bantime and findtime > are much bigger and the retries are just '2'. So here I'm much harsher. > I'll keep an eye on my logs and maybe some more twaeking is necessary. Just be careful about typos (like twaeking!): users could simply misspell their username,

On 07/29/2017 07:44 PM, Doug Barton wrote: > On 07/25/2017 07:54 AM, mj wrote: >> Since we implemented country blocking, > > Please don't do that. Balkanizing the Internet doesn't really benefit > anyone, and makes innovation a lot more difficult. Perhaps I need to be more specific: I block certain countries from accessing imap/smtp directly, as that is where all the

Hi Doug, On 07/29/2017 07:44 PM, Doug Barton wrote: > Instead, take a look at the fail2ban scenarios in this thread, which > solve the actual problem with a precision tool, instead of a hammer. I have implemented (most of) those as well, and additionally choose to also block certain countries. It helps tremendously. MJ