OpenSUSE Network :: SSH "break In Attempts"?
Jan 16, 2010
However, I have a program called fail2ban installed, which is great because 3 failed attempts within an hour from any IP address and that IP gets banned for an hour. But, as you can see this person is using a different IP every time so fail2ban can't really stop see there is a reverse mapping check that catches this person occasionally.That's great and I assume that if the reverse mapping doesn't checkout, it would not allow the connection. Is this correct or would the reverse mapping allow them anyway?- I can't believe that this person has this many real IP addresses. So, why would the reverse mapping not pick up all these others, or are they really real?Last question: Is there anyway to pick up on this persons real IP and ban it? Perhaps have a fake login account that let's him think he is connecting... assuming a real IP would be needed for a connection.
2010-01-16T21:17:44.061821-08:00 neutrino sshd[28187]: Invalid user admin from 150.214.45.10
2010-01-16T21:17:57.489228-08:00 neutrino sshd[28193]: Invalid user admin from
[code]....
View 9 Replies
ADVERTISEMENT
Oct 22, 2010
On my server I some times login from my home where I have an internet connection which does not have a static IP each time I switch on my modem a dynamic IP isgenerated.I see in auth.log logs of following lines Quote:reverse mapping checking getaddrinfo forkkts-kk-dynamic-01.1.168.192.some_broadband.in [192.168.1.2] failed - POSSIBLE BREAK-IN ATTEMPT Accepted publickey for root from 192.168.1.2 port 22852 ssh2when ever I login to my server from home.In this case I do know that it was me who logged in but still why do I see such a log.What is this complaining about?
View 11 Replies
View Related
Jul 25, 2011
For about a week now I've been seeing mass attempts to relay through postfix and login to dovecot from the same 2 addresses, none are successful due to how postfix/dovecot are configured and I wouldn't be overly worried but my isp have picked up on it and are nagging at me
What ways do people go about just dropping connection attempts from offending addresses/ranges when stuff like that happens? An ideal thing would be something that detects repeated failed attempts from a host or range and subsequently ignore/ban them, perhaps for a specified length of time, something along the lines of denyhosts and fail2ban for ssh would be great Don't know if there's anything out there or just a plain tried and trusted method anyone might use for stuff like this, if not a hint on the most appropriate way to go about it 'manually' would do
View 9 Replies
View Related
May 6, 2010
set the number of retries networkmanager attempts to connect to a network to infinity?
I live in an area of Australia were wired internet dare not tread (or so say the ISPs). My only real choice is 3G wireless broadband, and even that is iffy at times. Often late at night the network towers do "something" (reset, maintenance, etc. - no idea) and the internet drops out, networkmanager tries to reconnect, fails, tries again, (etc. etc.) until it ultimately gives up, requiring human intervention when the towers are done with whatever it is they are doing. This happens frequently, and I'd like to have networkmanager keep trying "forever" until it connects so I don't have to restart the connection each morning.
Where would such a thing be set? How does networkmanager know when to give up?
View 5 Replies
View Related
Oct 30, 2010
In OpenOffice spreadsheet, using the Page break preview you should be able to move the thick lines that indicate the separation between pages. Some versions ago you could do it normally. But now it's impossible. You can just move the thick line that indicates the limit of the print area.Has anybody noticed this? Is there any solution? In Ooo for Windoze it's possible, but I prefer not to use it unless is absolutely necessary.
View 4 Replies
View Related
Feb 8, 2010
I am using m-audio delta 1010 ( break out box) works perfect with opensuse 11.1 and 11.2 but is is not on the hardware compatiblitiy list. How to add? it is using alsa-tools.
View 1 Replies
View Related
Jun 23, 2010
OK, I'm not really a newbie, but I definitely no expert either.I've been surfing the web trying to find a good tutorial on locking out users after three failed logon attempts.At present I've reset everything in the /etc/pam.d directory back to the default state. This sets up all my password requirements and this works. Now I need to crack getting the account to lockout after three failed attempts. Let me know what files you need to see in the pam.d directory and I'll paste them in.
View 1 Replies
View Related
Apr 4, 2011
The libxml2 update specified by CVE-2010-4494 causes a notification that it will break Adobe AIR and TweetDeck on my machine.How can I blacklist this update so it won't keep showing up in the Updater applet?The applet says I should go into Yast and manually apply the update. When I do that and tell it not to apply the update, Yast exits and the Updater applet just tells me the update is still pending. I want to get rid of the update at least temporarily until Adobe fixes the dependency (assuming they ever do).
This is a major problem for me as I clearly don't intend to uninstall TweetDeck and AIR just for some security patch. Why didn't openSUSE test this patch for AIR compatibility?
View 6 Replies
View Related
Oct 15, 2010
Somehow an app on this box seems to have disappeared long ago which was configured to start immediatedly with a root login (eg su). Now, whenever upgrading permissions to root or logging (and assuming login as root), an error displays saying "cannot find <application>"
Considering root usually is different than other logins, am not sure where to start looking on an OpenSuSE box. I've tried without success
BASH -v to enable verbose mode before executing a "su."
BASH --debugger to enable debugging mode before executing a "su."
Logout, Login as root and inspect /var/log/ hoping to find some logfile that audits the login sequence, but may be looking at a wrong logfile.
View 3 Replies
View Related
Mar 16, 2010
Yesterday I applied the su security patch to my openSuSE 11.2 x86_64 system.After applying the patch, any attempt at su failed, and after rebooting the system earlier this morning any login (root, user, otherwise) fails with a "Permission Denied".Is it possible that the su update somehow messed up my (standard) pam settings?
View 10 Replies
View Related
Jun 7, 2010
I'm buying this unit from deal extreme: it's a bitorrent downloader, with NAS capability. I'm interested in sharing an external HD in it, with media and backup purposes. I'm afraid of energy problems (don't know if this is the correct term), corrupting my mounted drives (like after a storm), so I thought about buying an UPS that sends a "signal" to my Linux box, and a script in my Linux box would unmout everything to avoid problems.Do this "UPS signal" feature exists? Do you have model suggestions?
View 1 Replies
View Related
Sep 30, 2010
Could someone give me the break down on 4GB/700MB or what?
View 6 Replies
View Related
Dec 6, 2010
Sometimes I type 'sudo su - user' in linux and then realise I'm typing it from an application account rather than a user account. I want to ctrl+c to abort the password entry. When I do this, it always freezes for a couple of seconds before it aborts the process and returns me to the shell.
View 1 Replies
View Related
Sep 6, 2010
So I have this emerald theme I wanted to install on my Ubuntu 10.4 gnome installation that has compiz. I didn't know how to do this so i looked at http://ubuntuforums.org/showthread.php?t=495997 to understand how to do this and when did the steps which you will see her shortly, I got some errors and my windows broke to the point you can move them, close them and all you see is the menu bar and then the rest of the window down.
Code:
adam@adam-laptop:~$ sudo -i
[sudo] password for adam:
root@adam-laptop:~# compiz --replace -c emerald &
[1] 7435
root@adam-laptop:~# compiz (core) - Warn: Unknown option '-c'
[Code]...
View 9 Replies
View Related
Feb 14, 2011
I saw an interesting distro on Distrowatch, but the *.iso file needed a DVD rather than a CD. The target computer does not have a DVD player, and doesn't warrant spending any money on it. Is there a way to break the iso into CD lengths so I can install it? Or some other trick to get it going?
View 5 Replies
View Related
Feb 22, 2011
Im running ubuntu 10.10 with the default gnome. I have dual 23" LED monitors and I would like to take more advantage of my width by breaking up my screens into multiple custom size zones/grids. Basically so I can maximize a window and it only takes up that custom sized "grid zone". I remember there being a windows app to do this easily, but I havent found anything for gnome. Any recommendations? I dont think compiz grids has much flexibility into the sizes/locations of the "zones".
View 3 Replies
View Related
Apr 24, 2011
So a few weeks ago, I was running Ubuntu/Windows7 Dual Boot, and I installed the proprietary FGLRX ATI graphics card driver. This rendered my Ubuntu system command-line only, and I had to install all over again. If I install FGLRX now, will this happen again or has the bug been fixed? If it does happen again, is there any way to revert to the open-source ATI driver from the command line?
View 9 Replies
View Related
Jul 28, 2011
I have probably ranted so much about not being able to remove Ubuntu, how-ever I believe I have found a break-through, allowing me to once again install Windows XP onto my laptop.I was looking through the Microsoft/Windows website for something relating to XP, and I stumbled upon this bad-boy...Apparently it's an .iso for Windows XP! So I read over it and without hesitation, I downloaded it...I was then referred to something that was actually installed with Ubuntu called'Start-Up Disk Creator', which allows me to make an .iso bootable from a pen-drive...
So, because I recently re-installed Ubuntu (It broke after trying to install a game..) via Pen-Drive, I used the Universal USB Creator on the Ubuntu Website and it is quite similar to this..I will keep posted on my possible break-through on removing Ubuntu
View 5 Replies
View Related
Jul 31, 2011
Is there a way to break wubi out of its box? As in, resizing /dev/sdX and moving the current partition data onto there? Or would I have to do a fresh-install, and then copy over the post install data? The reason I'm asking is because, The desktop Wubi is currently running on, has migrated into a router(has some epic umph), and its reached its 30GB limit, and I also have the hard drive space to support it now.
System Specs:
AMD Phenom II 1090T @ 3.7Ghz(6 cores)
16GB DDR3 1600Mhz
2x AMD Radeon HD 6850s.
+2 NICs forgot brand :/
Off Topic but slightly relevant: Nic 1 = Server Switch, Nic 2 = Non-Server Switch.
Onboard NIC: Modem.
-facepalm- didn't look hard enough. [URL]
View 1 Replies
View Related
Apr 8, 2011
What does this command mean? grep 'GET / HTTP.*Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1' last10m |cut -d ' ' -f1 |sort -n |uniq -c|sort -n|tail
Whats the best way to figure out these commands in general? I have a lot of learning to do!
View 9 Replies
View Related
Mar 24, 2011
I want to know that how the break points and watch points work in the GDB. I know the GDB works on symbol table. But would like to know more details of it. How watch points differ from break points.
View 3 Replies
View Related
Feb 25, 2011
I have some variables that are loaded from mysql - in mysql, the line breaks are not indicated by ' or '<br>' or anything -they are just line breaks. the variable is loaded into javascript and then inserted into a <pre> element. the line breaks are not showing up.
pre1 = pre1.replace(/>/g,">"); - this works well, naturally. but how do i get those line breaks to show up as line breaks in a browser?
I've tried many variations of something like:
View 1 Replies
View Related
Feb 4, 2011
i'm using red hat enterprise linux 5,i want to know how can i break the grub passwd with out the use of live cd.
View 7 Replies
View Related
Jul 16, 2010
I noticed a very very high cpu usage on my webserver. All four CPUs were running on 100%.
Top shows several perl processes from apache that run for a long time, with a high %CPU.
Since the server was fc10, I did a fresh installation to fc13, and the fresh installation didn't have this issue. Then I loaded back all the user-data, and it started again.
Several, 4, 6, 8, ... 100 perl processes from apache.
lsof -p with the pid of such a process
Code:
The estabilished connection is sometimes "proud2pirate.com" wich is a non-existing domain.
View 14 Replies
View Related
Aug 4, 2011
I have installed the following packages:
[Code]....
You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest
View 3 Replies
View Related
Feb 2, 2010
While I was trying to compile a C shared object library, I accidentally created two symbolic links which point to each other. Is there a way to get rid of them without nuking the whole directory? I read that the only way to break a symbolic link is to delete the file it points to, but I'm sure there must be another way.
View 3 Replies
View Related
Jul 9, 2010
Do you know a tool that forces me to do a typing break like the one in GNOME's keyboard preferences? I did some search on the net but I only found references to GNOME's typing break tool.
View 2 Replies
View Related
Jul 16, 2010
im looking for info on chroot jail and if you can break out of it. does anyone know where to find info?
View 1 Replies
View Related
Feb 14, 2011
I mistakenly ran 'iptables restart' on a server that was not set to run iptables. Immediately, the server quit making outgoing connections on port 80. It has problems completing a traceroute when another machine on the same VM Host can do everything just fine. One of our best networking technicians diagnosed it as issues with the TCP/IP stack on the OS.
I know that iptables is off, allowing all trafffic incoming/outgoing.
View 5 Replies
View Related
Mar 15, 2010
downgrading PPP, NetworkManger, and NetworkManager-gnome. This worked but is there an easy way to know when it is safe to apply the updates that are available?
View 2 Replies
View Related
