>> On 5/17/2010 11:50 AM, Darrick Hartman wrote: >> >>> The AstLinux development team is happy to announce the release of 0.7.2. >>> This is a bugfix release. All current AstLinux users are encouraged >>> to upgrade to this release. >>> >>> [snip for brevity] >>> >>> >>> New features/updates: >>> >>> 1). A plugin for Arno's firewall which allows some capability to prevent >>> SIP account attacks. >>> >>> [snip] >>> >>> >>> >> On Jun 3, 2010, at 9:53 AM, Dan Ryson wrote: >> >> >> All, >> >> Because SIP account attacks are a regular occurrence here, I wish to be >> certain that I've properly configured feature #1, mentioned above. I've >> enabled the IDS Protection plug in, which looked to be new and (according to >> the log) is occasionally blocking some sort of attack. I've also not >> observed any SIP attacks lately so it would seem that the IDS Protection >> plug in is helping to block SIP account attacks. However, I hate to assume. >> >> Can anyone confirm my presumption or provide instructions on how to utilize >> this new feature? >> >> Thanks for any insight. >> >> Dan > On 6/3/2010 11:41 AM, Lonnie Abelbeck wrote: > > While the IDS Protection plugin may be useful, the new plugin Darrick was > referring to is the "Adaptive Ban Plugin". > > If you have not restarted the firewall (and then upgraded, following the > prompt) via the web interface, please do... or "upgrade-arno-firewall > upgrade" from the CLI. Of course, any changes to the plugins requires a > restart of the firewall to take effect. > > The new Adaptive Ban plugin uses the same technique as fail2ban ( > http://www.fail2ban.org ). > > While this technique is proven, our implementation as a plugin to the Arno > Firewall is new, so users are encouraged to give it a try. Please report any > problems... and successes :-) > > To show we eat our own cooking, below is my Adaptive Ban plugin setting on my > production boxes. > > Lonnie >
Lonnie and Michael, Thanks for your helpful replies. I've enabled "Adaptive Ban Plugin", which was present in the GUI pull-down list but not noticed as new. Apparently, a new pair of glasses are in order. Lonnie, thanks also for sharing your plugin settings, which I'm giving a try. I'll report any useful observations. Dan ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
