# pfctl -sr | grep ssh_brutes
block drop quick from to any
pass quick on em1 inet proto tcp from any to xxx.xxx.xxx.0/23 port = ssh
flags S/SA keep state (source-track rule, max-src-conn 20,
max-src-conn-rate 3/12, overload flush global, src.track 12)
pass quick on em0 inet proto tcp from any
> When you say "lock up" and "can't login" (in your original mail) - are
> you sure this really is a lockup and not e.g. sshd dieing because of the
> attacks? E.g. can you ping the machine, can you leave something like
> "date >> /root/run.txt && vmstat 1 3 >> /root/run.txt" in crontab so you
>
On Sun, 27 Dec 2009 17:00:25 +0100, Zoran Kolic wrote:
Howdy!
I ordered sheevaplug box and read as much as I could,
regarding controlling this little node from bsd box.
Seems that cu works fine on linux, but module should
be loaded to enable serial emulation from usb host port
to mini usb port
On Mon, Dec 28, 2009 at 05:50:23PM -0600, Adam Vande More wrote:
> On Mon, Dec 28, 2009 at 4:59 PM, Chris H wrote:
>
> >
> > My point here was that by increasing the verbosity, you will more easily be
> > able
> > to grep against login /failures/, and more easily discover dictionary/
> > brute-fo
On Mon, Dec 28, 2009 at 10:44:41AM -0500, Andresen, Jason R. wrote:
> The point is, if your machine is on the internet, then bots are
> going to try password attacks on any open port they can find. It's
> just the sad fact of life on the current internet. Unfortunately,
> this activity will also
On Tue, 29 Dec 2009 12:45:36 +0100, Edwin Groothuis
wrote:
On Mon, Dec 28, 2009 at 10:44:41AM -0500, Andresen, Jason R. wrote:
The point is, if your machine is on the internet, then bots are
going to try password attacks on any open port they can find. It's
just the sad fact of life on the
Adam Vande More wrote:
> I use security/denyhosts for this, very simple to setup like 5 minutes if
> you're a fast reader. There are other options as well that offer similar
> functionality.
Like security/bruteblock
--
Tuomo
... The way to a man's heart is through the left ventricle
On Mon, 28 Dec 2009, Mike Tancsa wrote:
At 09:27 PM 12/28/2009, Wes Morgan wrote:
I just upgraded from 7.2-stable to 8.0-stable, same kernel config (with
uart), same everything else and now I can't receive more than a few bytes
of data from my weather station before it just waits incessantly.
Hi Rick,
Sorry for the delayed reply, but I have had little time available with
Christmas.
On Fri, Dec 18, 2009 at 03:23:44PM -0500, Rick Macklem wrote:
>
> > 00:00:01.953196 IP (tos 0x0, ttl 64, id 48966, offset 0, flags [none],
> > proto UDP (17), length 168) 192.168.1.1.3819288094 > 192.168.
Randy Bush wrote:
> can one go from 5.5 to 8.0 using the normal hammer, or is it
> multi-stage, and i should just blow it away and go from install?
This is a very late reply, but just for the archives ...
You can do the update in two steps.
Please see this entry in /usr/src/UPDATING:
20080123:
Howdy!
> I have 2 of them and cu works fine.
> As root you can do this. The serial-over-usb provides you with 2 serial
> devices. The second one is the console. The first is the JTAG interface to
> flash the bios.
> # cu -l cuaU1 -s 115200
Perfect! I hardly wait to get the device!
> When you
On Tue, 29 Dec 2009 16:51:19 +0100, Zoran Kolic wrote:
Howdy!
I have 2 of them and cu works fine.
As root you can do this. The serial-over-usb provides you with 2 serial
devices. The second one is the console. The first is the JTAG interface
to
flash the bios.
# cu -l cuaU1 -s 115200
Per
On 12/29/2009 3:45 AM, Edwin Groothuis wrote:
mpt to pass a Turing test or something.
On all systems which need to be accessible from the public Internet:
Run sshd on port 22 and port 8022. Block incoming traffic on port
22 on your firewall.
Everybody coming from the outside world needs to
On Dec 29, 2009, at 10:10 , Brian W. wrote:
> On 12/29/2009 3:45 AM, Edwin Groothuis wrote:
>> mpt to pass a Turing test or something.
>> On all systems which need to be accessible from the public Internet:
>> Run sshd on port 22 and port 8022. Block incoming traffic on port
>> 22 on your firewa
Hi, Ronald!
> Please provide a link to the forum post. Otherwise I can only guess what
> you mean.
> There is no error because of changing the password. But there are some
> thing broken in the default install (missing dir, missing timezone, etc.).
> Follow the commands in this link and you'
On Tue, Dec 29, 2009 at 03:20:37AM -0800, Jeremy Chadwick wrote:
> ...
> I've written my own script to do all of this. It parses periodic
> security mails (on a daily basis), and does WHOIS lookups + parses the
> results to tell me what netblocks/CIDRs I should consider blocking. For
> example, f
Tuesday, December 29, 2009, 6:20:37 AM, you wrote:
> On Mon, Dec 28, 2009 at 05:50:23PM -0600, Adam Vande More wrote:
>> On Mon, Dec 28, 2009 at 4:59 PM, Chris H wrote:
>>
>> >
>> > My point here was that by increasing the verbosity, you will more easily be
>> > able
>> > to grep against login
Larry Baird wrote:
> I use the following to get a feel of what is changing in FreeBSD 8 kernel.
> http://svn.freebsd.org/viewvc/base/stable/8/sys/?sortby=date
By the way, here is another little tool that can be used to
watch changes in 8-stable conveniently:
http://www.secnetix.de/olli/Free
Edwin Groothuis writes:
> On Mon, Dec 28, 2009 at 10:44:41AM -0500, Andresen, Jason R. wrote:
>> The point is, if your machine is on the internet, then bots are
>> going to try password attacks on any open port they can find. It's
>> just the sad fact of life on the current internet. Unfortunat
Brian W. wrote:
> On 12/29/2009 3:45 AM, Edwin Groothuis wrote:
> > On all systems which need to be accessible from the public Internet:
> > Run sshd on port 22 and port 8022. Block incoming traffic on port
> > 22 on your firewall.
> >
> > Everybody coming from the outside world needs to kn
On Tue, Dec 29, 2009 at 02:30:11PM -0500, Lowell Gilbert wrote:
> > On Mon, Dec 28, 2009 at 10:44:41AM -0500, Andresen, Jason R. wrote:
> >> The point is, if your machine is on the internet, then bots are
> >> going to try password attacks on any open port they can find. It's
> >> just the sad fac
On Tue, Dec 29, 2009 at 7:37 PM, Oliver Fromme wrote:
> By the way, here is another little tool that can be used to
> watch changes in 8-stable conveniently:
>
> http://www.secnetix.de/olli/FreeBSD/svnews/?p=stable/8/sys
>
Thank you for mentioning this, this is a great tool for everyone to
have ar
On Tue, Dec 29, 2009 at 1:37 AM, Pyun YongHyeon wrote:
>
> :-(
> How about this one? Sorry, I'm just guessing(no hardware, no
> documentation).
>
Thanks for this new patch but still same error:
FreeBSD 8.0-STABLE #5: Tue Dec 29 08:50:27 CET 2009
r...@debugger.bsdrp.net:/usr/obj/usr/src/sys/G
hail,
I have Windows7 alone in a disk, and now I'd like to install FreeBSD 8 on
it. when I boot from USB disk, the partitioner says there is no partitions
on it.
then I read about: http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot and got to
the fixit part. then gpt show ad10 says also there is no gpt
Hi list!
Something fails, when updated the FreeBSD's svn repo to git. Since
yesterday I get this warning:
$ git svn rebase
...
M sys/boot/pc98/kgzldr/crt.s
Couldn't find revmap for
svn://svn.freebsd.org/base/stable/7/head/sys/cddl/contrib/opensolaris
Couldn't find revmap for svn://s
On Tue, 2009-12-29 at 20:05 -0200, Nenhum_de_Nos wrote:
> hail,
>
> I have Windows7 alone in a disk, and now I'd like to install FreeBSD 8 on
> it. when I boot from USB disk, the partitioner says there is no partitions
> on it.
>
> then I read about: http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot a
On Tue, Dec 29, 2009 at 20:41, Michal Varga wrote:
> On Tue, Dec 29, 2009 at 7:37 PM, Oliver Fromme wrote:
>> By the way, here is another little tool that can be used to
>> watch changes in 8-stable conveniently:
>>
>> http://www.secnetix.de/olli/FreeBSD/svnews/?p=stable/8/sys
>>
> Thank you for
Being able to run those commands (telnet/openssl) via the jail implies
there is nothing wrong with the jail itself, but instead the
squirrelmail config. Aside from double checking the squirrelmail config
which I would highly suggest, can you provide a packet capture of an
active squirrelmail sess
On Tue, 29 Dec 2009 17:18, oliver.pntr@ wrote:
Hi list!
Something fails, when updated the FreeBSD's svn repo to git. Since
yesterday I get this warning:
$ git svn rebase
...
M sys/boot/pc98/kgzldr/crt.s
Couldn't find revmap for
svn://svn.freebsd.org/base/stable/7/head/sys/cddl/con
hail,
I've looked in google and not found many info on this subject. and all man
pages on freebsd.org says on footnote 7.2R (although they mention wlan0
devices). I've found a topic on forum from last year and that's much about it.
I have a small pc (itx based) and no pci slot usable so I'd lik
30 matches
Mail list logo
