-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/02/2013 05:44 PM, Andy Isaacson wrote:
> On Fri, Aug 02, 2013 at 03:25:10PM -0600, Bryan Carey wrote:
>> Thanks everyone for your input! I already had root access
>> disabled via sshd config. I will look into fail2ban as it sounds
>> like it reme
On Fri, Aug 02, 2013 at 03:25:10PM -0600, Bryan Carey wrote:
> Thanks everyone for your input! I already had root access disabled via sshd
> config. I will look into fail2ban as it sounds like it remedies the problem
> I'm having.
I'm confused, what's the actual problem you're having?
Is the prob
Hi
Am 02.08.2013 21:18, schrieb Bryan Carey:
> Here are some that I have seen recently trying to brute force common
> user accounts and root password attempts:
I remember this to be a common phenomena for at least 15 years now. Done
by millions of (probably zombie) computers around the world. Do
Thanks everyone for your input! I already had root access disabled via sshd
config. I will look into fail2ban as it sounds like it remedies the problem
I'm having.
@Nick - I'm talking about attacks directed at the node, not going through
it.
Thanks,
Bryan
On Fri, Aug 2, 2013 at 2:04 PM, Marina
If you are just talking about regular server hacking attempts, and you are
using debian, tben try demyhosts and have it query the demyhosts server
every hour or so. It will download a list of known attacking ips
On Aug 2, 2013 3:41 PM, "Bryan Carey" wrote:
> Is there any kind of compiled list
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/02/2013 03:18 PM, Bryan Carey wrote:
> Is there any kind of compiled list of IPs that relay operators can
> refer to that are known bad IPs (sources of brute force SSH
> attempts, etc.)? Is there a reason to NOT block (drop) traffic from
> these
Quoth Bryan Carey:
> Is there any kind of compiled list of IPs that relay operators can refer to
> that are known bad IPs (sources of brute force SSH attempts, etc.)? Is
> there a reason to NOT block (drop) traffic from these IPs?
Quite possibly I'm being stupid, but wouldn't these IPs just be
ot
I wouldn't think such a database would exist because of the way Tor works.
Regards,
Tom McLoughlin
On 02/08/2013 20:18, Bryan Carey wrote:
> Is there any kind of compiled list of IPs that relay operators can
> refer to that are known bad IPs (sources of brute force SSH
> attempts, etc.)? Is there
Is there any kind of compiled list of IPs that relay operators can refer to
that are known bad IPs (sources of brute force SSH attempts, etc.)? Is
there a reason to NOT block (drop) traffic from these IPs?
Here are some that I have seen recently trying to brute force common user
accounts and root
I have several Tor relays running on VPS providers around the world (the 7
bucks a month kind). Most have around 5 to 6 meg a second bandwidth
available.
Would it be more useful for the Tor system to change a few of them over
to obfuscated bridges?
___
On Fri, 02 Aug 2013 08:46:19 +0200
Karsten Loesing wrote:
> > There's no way a bridge operator knows which bucket you're in.
>
> Actually, there is (finally) a way to find out:
>
> http://globe.rndm.de
This tells me there isn't an official way to find out. It's a work a
progress. great.
--
An
On 8/2/13 4:37 AM, Andrew Lewman wrote:
> On Thu, 1 Aug 2013 14:11:38 -0700
> "Shawn A. Miller" wrote:
>
>> I've been running a Tor bridge on the Amazon EC2 cloud computing
>> platform (per instructions at https://cloud.torproject.org/) since
>> July 27, and while the bridge is up and running acc
12 matches
Mail list logo
