similar to: Minimize sshd log clutter/spam from unauthenticated connections

On 18.03.23 14:34, David Lang wrote: > modern syslog daemons (including rsyslog, which is default on just > about every linux system) allow you to filter efficiently on the > message contents, not just the severity, so you can opt to throw out > the messages you don't want. > > I advocate for a slightly different way of dealing with it, filter > these messages from

modern syslog daemons (including rsyslog, which is default on just about every linux system) allow you to filter efficiently on the message contents, not just the severity, so you can opt to throw out the messages you don't want. I advocate for a slightly different way of dealing with it, filter these messages from your main logstream, but put them into either a script directly, or a

On 10.06.23 11:19, Carsten Andrich wrote: > For the time being, I've deployed a quasi-knocking KISS solution that > sends an unencrypted secret via a single UDP packet. Server side is ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > realized entirely with nftables ... frankly, for that reason, I like fwknop (in my case, straight from OS repos) better ... I'd still have to see fwknopd exit

To radically cut down on SSH log spam you can also hide it completely behind a firewall, and allow access only by some port knocking sequence. I quite like having a process listen on port 53 and wait for a dns query containing a totp string to grant (temporary) access; that's a 2fa, and doing a "host 123456. my-ip" is easily automated in a shell script as well...

I guess you might find fail2ban useful. It scans logfiles (like /var/log/sshd.log), and when it sees too many authentication failures from an IP address (or network range) it can issue commands to drop any further attempts via a firewall. By having it read its own logfile it's possible to have repeated offenders be cut out for longer and longer time spans.

Hi list, i noticed from the cli my asterisk box is accepting unauthenticated calls how can i prevent this? CLI: -- Accepting UNAUTHENTICATED call from 192.168.0.2: > requested format = gsm, > requested prefs = (), > actual format = ulaw, > host prefs = (g729|ulaw|alaw), > priority = mine -------------- next part -------------- An HTML

Hello, given the 2015 revision date, I was curious if anyone can confirm https://wiki2.dovecot.org/Timeouts is still accurate where the 'before login' IMAP timeout remains hard coded? We're having an issue where blocks of IP's from China and similar locations are crawling IP ranges trying common login credentials, and hanging the connections open in the process. We have clients

Skipped content of type multipart/alternative-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 4055 bytes Desc: not available Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20040729/85af8309/attachment.jpeg

On 12.11.23 03:52, Damien Miller wrote: > On Sat, 11 Nov 2023, Bob Proulx wrote: > >> I am supporting a site that allows members to upload release files. I >> have inherited this site which was previously existing. The goal is >> to allow members to file transfer to and from their project area for >> release distribution but not to allow general shell access and not

Hello - I seem to be missing a pkgconfig clutter-1.0 file on C7.5 Doing yum provides "*/clutter-1.0" does not provide anything for /usr/share/pkgconfig ? Am I missing something ? how can I get the pkgconfig for clutter ? My system has none even though I have all the clutter-devel packages installed. Thanks, Jerry

On trying to run a rake task via crontab, I''m getting the following error: rake aborted! 550 Cannot receive from specified address <help-+zpghU0kKgY@public.gmane.org>: Unauthenticated senders not allowed /mnt/voylla-production/shared/bundle/ruby/1.9.1/gems/mail-2.3.3/lib/mail/network/delivery_methods/smtp.rb:129:in `block in deliver!''

hi, i started an experimental clutter-swf renderer project http://www.students.itu.edu.tr/~gumusuy/clutter-swf-0.1.0.tar.bz2 using swfdec-0.6 In fact this project is a part of bigger clutter media project. For less dependency i configured swfdec by ./configure --prefix=/usr --disable-maintainer-mode --disable-gtk --disable-mad --disable-ffmpeg --disable-gstreamer --disable-vivified

Hello all, I'm testing the Speex codec for my diploma thesis on a BF-533 Blackfin under uCLinux (2005R3 RC3 release). I successfully compiled the Speex (1.1.11-svn) and I can encode/decode wav-files on my STAMP-board using the speexenc/speexdec sample apps. But I encountered that the decoded file sounds strange/noisy, when compiling with "--enable-blackfin-asm" +

https://bugzilla.mindrot.org/show_bug.cgi?id=3666 Bug ID: 3666 Summary: sshd crash Product: Portable OpenSSH Version: 8.2p1 Hardware: Other OS: Linux Status: NEW Severity: critical Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter:

Asterisk Project Security Advisory - AST-2008-003 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Unauthenticated calls allowed from SIP channel | | | driver

Asterisk Project Security Advisory - AST-2008-003 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Unauthenticated calls allowed from SIP channel | | | driver

Hi, I am planing and developing a larger rails app, where all the administration, configuration is done through the rails app. And the rails apps primary purpose is to display and search through data stored in a database. Now, I have to kinds of tasks which are located outside of the rails app. - parsing and importing data delivered externaly from locations configured in the administration

> On 18 May 2018, at 20.19, David Hubbard <dhubbard at dino.hostasaurus.com> wrote: > > Hello, given the 2015 revision date, I was curious if anyone can confirm https://wiki2.dovecot.org/Timeouts is still accurate where the 'before login' IMAP timeout remains hard coded? > > We're having an issue where blocks of IP's from China and similar locations are

Hi, I've configured my samba server as a PDC and joint some windowsXP clients to it. So far so good. However I'm able to login into windows even when the domain controller refuses to authenticate the user. The user is not able to access the shares but can use the local machine. How can I prevent windows to login the user locally when the domain controller refuses authentication? thankz,

I have need to compile (from source) clutter-1.16.0 (seems to be fine) and then clutter-gtk 1.4.4 on centos 6.4 (x86-64) I am getting this error: ake[2]: Entering directory `/home/silentm/MessageNet/totem/clutter-gtk-1.4.4/clutter-gtk' CC gtk-clutter-actor.lo CC gtk-clutter-embed.lo In file included from /usr/include/clutter-1.0/clutter/clutter-deform-effect.h:33,