n-vpn.
MJ
On 3/9/19 9:57 AM, Hans wrote:
Hi folks,
looks like "denyhosts" is nol more in the repos. I like this tool,
because it
blocks the IP, when the wrong password is sent n-times.
The blocked IP is added into /etc/hosts.deny, which IMO is a great idea.
I am using a script,
On Sat, 9 Mar 2019, mj wrote:
We are using fail2ban to do this. It offers many more options, and works by
creating iptables rules. This gives you much more control over what ports
exactly are blocked.
Plus I think (correct me if Im wrong) that using /etc/hosts.deny to block
access only work
Am Samstag, 9. März 2019, 11:22:45 CET schrieb mj:
Hi MJ,
that is a good point, that only services are blocked, which are using
hosts.deny. For the other ports I am using tools like porstentry and
hostentry, which are running well and do a good job.
My personal style is strange: I am looking,
compiled to do so, and
iptables will always work.
MJ
On 3/9/19 9:57 AM, Hans wrote:
Hi folks,
looks like "denyhosts" is nol more in the repos. I like this tool, because it
blocks the IP, when the wrong password is sent n-times.
The blocked IP is added into /etc/hosts.deny, whic
interesting than sshguard.
I wonder, why denyhots is being deleted from the repo. Ok, there were security
issues in the past, but these are fixed now. And ok, it does not support IPV6,
but I think, most private users might not used it.
For the moment I will stay with denyhosts, but fail2ban is
On 09/03/2019 08:57, Hans wrote:
> Hi folks,
>
> looks like "denyhosts" is nol more in the repos. I like this tool, because it
> blocks the IP, when the wrong password is sent n-times.
>
> The blocked IP is added into /etc/hosts.deny, which IMO is a great idea.
&g
Hi folks,
looks like "denyhosts" is nol more in the repos. I like this tool, because it
blocks the IP, when the wrong password is sent n-times.
The blocked IP is added into /etc/hosts.deny, which IMO is a great idea.
I am using a script, which, cleares the hosts.deny after a certain
On Sun, Jan 17, 2016 at 03:33:05PM +0200, Moreanu Robert - Nicolae wrote:
> hi,
> i'm looking to resolve this problem when I want to install debian 8.2 or
> 8.1. I receive this message after it's take to Grub install
>
> " the 'grub-pc' package failed to install into /target/ "
> after the operati
hi,
i'm looking to resolve this problem when I want to install debian 8.2 or
8.1. I receive this message after it's take to Grub install
" the 'grub-pc' package failed to install into /target/ "
after the operation of clean up on installing, i have a failed operations.
I don't have such expertise
On 18/01/2016 12:08 AM, "Christian Seiler" wrote:
>
> On 01/16/2016 10:57 AM, Reco wrote:
> > - anyone can connect up to 16 times via ssh.
> > - anyone exceeding the connection limit is tarpitted, and must wait
> > for an hour to try again.
>
> Note that while this may be adequate for your use cas
On 01/16/2016 10:57 AM, Reco wrote:
> - anyone can connect up to 16 times via ssh.
> - anyone exceeding the connection limit is tarpitted, and must wait
> for an hour to try again.
Note that while this may be adequate for your use case, I would
caution that 16 connections / hour can easily (!) be
On Sat, Jan 16, 2016 at 04:49:35PM +1100, David wrote:
> On 16 January 2016 at 15:48, Steve Matzura wrote:
> > On Sat, 16 Jan 2016 01:55:38 +0300, Reco wrote:
> >
> >>A simple solution:
> >>
> >>iptables -I INPUT -p dcp -s 59.46.71.0/24 -j DROP
> >
> > iptables v1.4.21: unknown protocol "dcp" spec
Reco:
On Sat, 16 Jan 2016 23:48:54 +0300, you wrote:
>Correct sequence would be:
>
>iptables -F INPUT
>iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW \
> -m hashlimit --hashlimit 1/hour --hashlimit-burst 16 \
> --hashlimit-mode srcip --hashlimit-name ssh \
> --ha
Reco:
On Sat, 16 Jan 2016 23:49:57 +0300, you wrote:
>Reverse the order of these two rules. As I wrote in another part of this
>thread, I mistook rules' sequence.
Like this?
iptables -I INPUT -p tcp --dport 22 --tcp-flags SYN,RST,ACK SYN \
-j DROP
iptables -I INPUT -p tcp --dport 22 -m
Hi.
On Sat, 16 Jan 2016 13:01:29 -0500
Steve Matzura wrote:
> I tried redoing the tables:
>
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> -A INPUT -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j DROP
> -A INPUT -p tcp -m tcp --dport 22 -m connt
Hi.
On Sat, 16 Jan 2016 12:46:30 -0500
Steve Matzura wrote:
> On Sat, 16 Jan 2016 20:16:28 +0300, you wrote:
>
> >> What'd I do?
> >>
> >
> >Exactly this:
> >
> >iptables -F INPUT
> >iptables -I INPUT -p tcp --dport 22 -m conntrack --ctstate NEW \
> > -m hashlimit --hashlimit 1/hou
On Sat, 16 Jan 2016 20:16:28 +0300, you wrote:
>> What'd I do?
>>
>
>Exactly this:
>
>iptables -F INPUT
>iptables -I INPUT -p tcp --dport 22 -m conntrack --ctstate NEW \
> -m hashlimit --hashlimit 1/hour --hashlimit-burst 16 \
> --hashlimit-mode srcip --hashlimit-name ssh \
> --
I tried redoing the tables:
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j DROP
-A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m
hashlimit --hashlimit-upto 1/hour --hashlimit-burst 16
--hashlimi
Hi.
On Sat, 16 Jan 2016 12:02:57 -0500
Steve Matzura wrote:
> Well, I thought I was doing so well. I discover now that no one,
> including me, can get into my system any more via ssh. Here are the
> current iptables rules:
>
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUT
Well, I thought I was doing so well. I discover now that no one,
including me, can get into my system any more via ssh. Here are the
current iptables rules:
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j DROP
Hi.
On Sat, 16 Jan 2016 07:35:54 -0500
Steve Matzura wrote:
> >But with conjunction with the previous one it implements the following
> >policy:
> >
> >- anyone can connect up to 16 times via ssh.
> >- anyone exceeding the connection limit is tarpitted, and must wait
> >for an hour to try
Reco:
On Sat, 16 Jan 2016 12:57:30 +0300, you wrote:
>>-j, --jump target
>> This specifies the target of the rule; i.e., what to do
>> if the packet matches it. The target can be a user-defined
>> chain (other than the one this rule is in), one of the special builtin
Hi.
On Sat, 16 Jan 2016 00:49:17 -0500
Steve Matzura wrote:
> Reco:
>
> All of this is an excellent learning opportunity for me. Please bear
> with me just a bit as I ask the following:
>
> On Sat, 16 Jan 2016 01:55:38 +0300, you wrote:
>
> >A simple solution:
> >
> >iptables -I INPUT
Reco:
All of this is an excellent learning opportunity for me. Please bear
with me just a bit as I ask the following:
On Sat, 16 Jan 2016 01:55:38 +0300, you wrote:
>A simple solution:
>
>iptables -I INPUT -p dcp -s 59.46.71.0/24 -j DROP
`-p dcp'? manpages says:
[!] -p, --protocol proto
On 16 January 2016 at 15:48, Steve Matzura wrote:
> On Sat, 16 Jan 2016 01:55:38 +0300, Reco wrote:
>
>>A simple solution:
>>
>>iptables -I INPUT -p dcp -s 59.46.71.0/24 -j DROP
>
> iptables v1.4.21: unknown protocol "dcp" specified
> Try `iptables -h' or 'iptables --help' for more information.
>
On Sat, 16 Jan 2016 01:55:38 +0300, Reco wrote:
>A complex one:
>
>iptables -I INPUT -p tcp --dport 22 -m conntrack --ctstate NEW \
> -m hashlimit --hashlimit 1/hour --hashlimit-burst 16 \
> --hashlimit-mode srcip --hashlimit-name ssh \
> --hashlimit-htable-expire 6 -j ACCEPT
On Sat, 16 Jan 2016 01:55:38 +0300, Reco wrote:
>A simple solution:
>
>iptables -I INPUT -p dcp -s 59.46.71.0/24 -j DROP
iptables v1.4.21: unknown protocol "dcp" specified
Try `iptables -h' or 'iptables --help' for more information.
Should I try the complex solution, or find out what went wrong
; useless at blocking anything from the outside, so I've got to do it
> internally. What are folks' favorite deny-hosts applications? I tried
> installing DenyHosts, but it must be from a private repo because
> whatever I have in sources couldn't find it.
Why bother with userspac
king anything from the outside, so I've got to do it
> internally. What are folks' favorite deny-hosts applications? I tried
> installing DenyHosts, but it must be from a private repo because
> whatever I have in sources couldn't find it.
>
> Thanks in advance.
>
anything from the outside, so I've got to do it
> internally. What are folks' favorite deny-hosts applications? I tried
> installing DenyHosts, but it must be from a private repo because
> whatever I have in sources couldn't find it.
>
> Thanks in advance.
denyhosts o
eny-hosts applications? I tried
installing DenyHosts, but it must be from a private repo because
whatever I have in sources couldn't find it.
Thanks in advance.
On Sun March 1 2009, Sjors Gielen wrote:
> > DenyHosts
> > To:
> > r...@localhost
>
> There are two ways to fix this, 2 is probably preferred:
>
> 1) By default, in the Denyhosts Debian package, the configfile is
> installed at /etc/denyhosts.conf. If you did
Paul Cartwright schreef:
I am getting these to my local user, and I can't figure out what process is
sending them, so I can correct it:
> From:
> DenyHosts
> To:
> r...@localhost
There are two ways to fix this, 2 is probably preferred:
1) By default, in the Denyhosts De
ipients. It's attached below.
>
> For further assistance, please send mail to postmaster.
>
> If you do so, please include this problem report. You can
> delete your own text from the attached returned message.
>
>The mail system
>
> : mail transpo
Andrew Sackville-West wrote:
> Craig Hurley wrote:
> > My understanding of how denyhosts works is that it is scheduled to parse
> > auth.log file every X seconds, identifing failed login attempts, it then
> > tallies those attempts, if the total of failed login attempts
On Thu, Jul 12, 2007 at 06:37:13PM +0100, Craig Hurley wrote:
> On 11/07/2007 04:44, Bob Proulx wrote:
>> If you are finding 'denyhosts' difficult then you may want to install
>> 'fail2ban' as one standalone method to stop this since it is extremely
>&g
On 11/07/2007 04:44, Bob Proulx wrote:
If you are finding 'denyhosts' difficult then you may want to install
'fail2ban' as one standalone method to stop this since it is extremely
simple. It should work out of the box.
Denyhosts did work out of the box.
My understand
you might look at arno-iptables-script as another possibility.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Craig Hurley wrote:
> Has anyone installed and configured DenyHosts
> (http://denyhosts.sourceforge.net) so that it uses tcp wrappers on
> debian?
I am confident that script kiddies shaking my doors and trying to lift
my windows cannot break through my passwords and rsa keys. If
r
Hello,
Has anyone installed and configured DenyHosts
(http://denyhosts.sourceforge.net) so that it uses tcp wrappers on
debian? I've read this blog:
http://tdot.blog-city.com/securing_ssh_with_denyhosts.htm but there are
differences in the files/paths used on debian and what the blog-a
"Roberto C. Sanchez" <[EMAIL PROTECTED]> wrote:
>On Wed, Aug 31, 2005 at 10:08:44AM -0400, Ralph Crongeyer wrote:
>> Thanks Roberto.
>> I haven't been able to get to my box to check and see if the package was
>> available. Work is blocking outbound SSH connections. And I couldn't
>find
>> anything
On Wed, Aug 31, 2005 at 10:08:44AM -0400, Ralph Crongeyer wrote:
> Thanks Roberto.
> I haven't been able to get to my box to check and see if the package was
> available. Work is blocking outbound SSH connections. And I couldn't find
> anything on the web.
>
> Would a "Request For Package" make i
Sven Hoexter <[EMAIL PROTECTED]> wrote:
>On Tue, Aug 30, 2005 at 03:56:05PM -0400, Ralph Crongeyer wrote:
>> Hi all,
>> Is there a Debian Sarge package for "DenyHosts"?
>> http://denyhosts.sourceforge.net/
>None that I know but fail2ban looks similar.
&g
"Roberto C. Sanchez" <[EMAIL PROTECTED]> wrote:
>On Tue, Aug 30, 2005 at 03:56:05PM -0400, Ralph Crongeyer wrote:
>> Hi all,
>> Is there a Debian Sarge package for "DenyHosts"?
>> http://denyhosts.sourceforge.net/
>>
>
>There is not. Ho
On Tue, Aug 30, 2005 at 03:56:05PM -0400, Ralph Crongeyer wrote:
> Hi all,
> Is there a Debian Sarge package for "DenyHosts"?
> http://denyhosts.sourceforge.net/
None that I know but fail2ban looks similar.
Sven
--
If God passed a mic to me to speak
I'd say stay in b
On Tue, Aug 30, 2005 at 03:56:05PM -0400, Ralph Crongeyer wrote:
> Hi all,
> Is there a Debian Sarge package for "DenyHosts"?
> http://denyhosts.sourceforge.net/
>
There is not. However, you can use the reportbug package to file a RFP
bug.
-Roberto
--
R
Hi all,
Is there a Debian Sarge package for "DenyHosts"?
http://denyhosts.sourceforge.net/
Thanks
Ralph
--
Linux, to keep you humble.
47 matches
Mail list logo
