> On Jun 13, 2010, at 7:27 PM, d...@ryson.org wrote: > > >> Hello all. >> >> I have good news; bad news; and a question... >> >> Here's the good news: Adaptive Ban has proved very effective at killing >> break-in attempts from bad-guys. >> >> The bad news is: One of our off-site users tried to re-install a soft-phone >> on his laptop. The user knew his new host address and username but not the >> secret. Amazingly, the user repeatedly tried to register, which resulted in >> his dynamic IP address quickly being banned. >> >> As you've likely guessed by now, the question is: What's the best procedure >> for un-banning a host? For now, I've just added the IP address to >> ADAPTIVE_BAN_WHITELIST, which seems to work. Is there a better way? >> >> I'd appreciate your thoughts. >> >> Dan >> > On 6/13/2010 10:22 PM, Lonnie Abelbeck wrote: > > Adding a valid external user's IP address to the ADAPTIVE_BAN_WHITELIST is > the best approach, as you have done. > > When the AstLinux box is rebooted, the RAM based syslog file will be cleared > and the valid user's dynamic IP will no longer be needed in the whitelist, > but does no harm. > > Lonnie > > Lonnie, Guy, and all:
Of course! <slap to forehead> The syslog file is in RAM! Using Guy's helpful "iptables -L ADAPTIVE_BAN_CHAIN" command and following a bit of tinkering, it was confirmed that a reboot successfully clears the block and permits removal of the formerly blocked IP address from the whitelist. Thank you for your thoughts, insight, and advice. Take care, Dan ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
