Il 31/01/20 03:13, Roger Heflin ha scritto:
> Google reports this answer:
> *** CUT ***
I know, but I need to contact someone that has a running system, because
I want to see the output of some specific commands before I proceed to
buy the hardware
___
u
On Fri, 2020-01-31 at 10:19 +0100, Germano Massullo wrote:
> Il 31/01/20 03:13, Roger Heflin ha scritto:
> > Google reports this answer:
> > *** CUT ***
>
> I know, but I need to contact someone that has a running system,
> because
> I want to see the output of some specific commands before I proc
Apparently, my original post was not as clear as I thought.
Password authentication on the workstation is disabled and port 22
is not forwarded by the firewall.
Fail2ban would not answer the question of where the SSH access is coming
from on the LAN. If something on the LAN is forwarding SSH co
Hey group!
This might be way off topic, but I figured this is a kind of slow day!
Putting together a "list" of what I think a reasonable set of
functions/areas might be useful for a sys-admin to help setup/manage a
web project for a distributed team. If you have a few mins, feel free
to add/comme
On 2020-01-31 22:37, Michael Eager wrote:
> Apparently, my original post was not as clear as I thought.
>
> Password authentication on the workstation is disabled and port 22
> is not forwarded by the firewall.
>
> Fail2ban would not answer the question of where the SSH access is coming
> from on t
On Thu, 30 Jan 2020 at 17:13, Michael Eager wrote:
> When I look at /var/log/secure or run journalctl on my workstation, I
> see failed SSH login attempts from a variety of IP addresses. The
> attempts are every 3-12 minutes.
>
> /etc/ssh/sshd_config contains:
> PasswordAuthentication no
>
> The
On 1/31/20 6:37 AM, Michael Eager wrote:
Apparently, my original post was not as clear as I thought.
Password authentication on the workstation is disabled and port 22
is not forwarded by the firewall.
Fail2ban would not answer the question of where the SSH access is coming
from on the LAN. If
On 2020-02-01 04:31, Samuel Sieb wrote:
> On 1/31/20 6:37 AM, Michael Eager wrote:
>> Apparently, my original post was not as clear as I thought.
>>
>> Password authentication on the workstation is disabled and port 22
>> is not forwarded by the firewall.
>>
>> Fail2ban would not answer the questio
On 1/31/20 12:35 PM, Ed Greshko wrote:
On 2020-02-01 04:31, Samuel Sieb wrote:
Your original post was completely clear. However, something is happening on
your network that you aren't aware of. The fact that you are getting
connections from an external IP address means that somehow there is
On 2020-02-01 04:56, Samuel Sieb wrote:
> On 1/31/20 12:35 PM, Ed Greshko wrote:
>> On 2020-02-01 04:31, Samuel Sieb wrote:
>>> Your original post was completely clear. However, something is happening
>>> on your network that you aren't aware of. The fact that you are getting
>>> connections fr
Do you have anything defined as a DMZ node/ipaddress on the firewall?
On Fri, Jan 31, 2020 at 3:53 PM Ed Greshko wrote:
>
> On 2020-02-01 04:56, Samuel Sieb wrote:
> > On 1/31/20 12:35 PM, Ed Greshko wrote:
> >> On 2020-02-01 04:31, Samuel Sieb wrote:
> >>> Your original post was completely clear
On 1/31/20 1:52 PM, Ed Greshko wrote:
On 2020-02-01 04:56, Samuel Sieb wrote:
I thought about that, but it's only useful for mapping back from the MAC
address and that would only work if the computers are talking directly using
local addresses. Only the attacking computer would have an arp en
On 2020-02-01 06:16, Samuel Sieb wrote:
> On 1/31/20 1:52 PM, Ed Greshko wrote:
>> On 2020-02-01 04:56, Samuel Sieb wrote:
>>> I thought about that, but it's only useful for mapping back from the MAC
>>> address and that would only work if the computers are talking directly
>>> using local addres
On 30/1/20 11:20, Stephen Morris wrote:
On 29/1/20 20:10, Ed Greshko wrote:
On 2020-01-29 14:48, Stephen Morris wrote:
I forced the swap of display manager and rebooted the system.
Inxi -GxxSMaz gave me the following output:
Display: wayland server: Fedora Project X.org 1.20.6 driver: vmware
On 2020-02-01 06:16, Samuel Sieb wrote:
> An ARP lookup is only done on sending, not receiving.
Humm That appears to be incorrect.
I have 3 systems on a LAN.
192.168.122.1 meimei (also the gateway)
192.168.122.2 frk
192.168.122.152 f31k
I ssh into frk and f31k from meimei and
On 1/31/20 8:33 PM, Ed Greshko wrote:
On 2020-02-01 06:16, Samuel Sieb wrote:
An ARP lookup is only done on sending, not receiving.
Humm That appears to be incorrect.
[snip arp test]
You're missing an important piece. When you make a tcp connection, the
target computer has to send pa
On 2020-02-01 12:40, Samuel Sieb wrote:
> On 1/31/20 8:33 PM, Ed Greshko wrote:
>> On 2020-02-01 06:16, Samuel Sieb wrote:
>>> An ARP lookup is only done on sending, not receiving.
>>
>> Humm That appears to be incorrect.
>
> [snip arp test]
>
> You're missing an important piece. When you mak
On 2020-02-01 13:26, Ed Greshko wrote:
> I'm pretty sure we tracked down what happened using arp to some degree.
OK Maybe it wasn't that simple.
I just found my emails from 15 years ago. Glad I didn't delete them. :-)
Turns out we saw the return/reject packets at the GW/FW which had I
18 matches
Mail list logo
