Re: [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service

2008-08-22 Thread Steffen Joeris
On Sat, 23 Aug 2008 06:17:16 am Steve Kemp wrote: > On Fri Aug 22, 2008 at 21:56:35 +0200, Christian Jaeger wrote: > > Just to make sure: have you seen the thread "Lenny users: attn about > > Gnome/libxml2 breakage" on the debian-user mailing list (started by me)? Thanks for the report. > No, I'

Re: [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service

2008-08-22 Thread Steve Kemp
On Fri Aug 22, 2008 at 21:56:35 +0200, Christian Jaeger wrote: > Just to make sure: have you seen the thread "Lenny users: attn about > Gnome/libxml2 breakage" on the debian-user mailing list (started by me)? No, I'm afraid I've not seen that. But looking over it I'm not sure if the problem

Re: [SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service

2008-08-22 Thread Christian Jaeger
Hi Just to make sure: have you seen the thread "Lenny users: attn about Gnome/libxml2 breakage" on the debian-user mailing list (started by me)? I'm in the process of creating a bug report. (If that's not necessary anymore, tell me.) Christian. PS. I wanted to send this email privately, bu

Re: What to do about SSH brute force attempts?

2008-08-22 Thread Carlos Antelo
El Thursday 21 August 2008 11:33:51 Michael Tautschnig escribió: > Hi all, > > since two days (approx.) I'm seeing an extremely high number of apparently > coordinated (well, at least they are trying the same list of usernames) > brute force attempts from IP addresses spread all over the world. I'v

Re: What to do about SSH brute force attempts?

2008-08-22 Thread Gerardo Castillo Alvarado
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > Nevertheless, I'd like to do something about it more proactively, you can play with psad, fwsnort and fwknop. Greetings. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

Re: What to do about SSH brute force attempts?

2008-08-22 Thread Michael Tautschnig
> On Thursday 21 August 2008 11:33:51 Michael Tautschnig wrote: > > Hi all, > > > > since two days (approx.) I'm seeing an extremely high number of apparently > > coordinated (well, at least they are trying the same list of usernames) > > brute force attempts from IP addresses spread all over the w

Re: What to do about SSH brute force attempts?

2008-08-22 Thread Felipe Figueiredo
On Thursday 21 August 2008 11:33:51 Michael Tautschnig wrote: > Hi all, > > since two days (approx.) I'm seeing an extremely high number of apparently > coordinated (well, at least they are trying the same list of usernames) > brute force attempts from IP addresses spread all over the world. I've g

Re: What to do about SSH brute force attempts?

2008-08-22 Thread Brent Clark
Micah Anderson wrote: You could use dronebl, a dnsbl service, to check against and report attacks to (http://headcandy.org/rojo/ for some examples using fail2ban). micah Hi Thanks for this. It so obvious, I cant believe I didnt think of this myself. Kind Regards Brent Clark -- To UNSUBSCR