On Thu, 2008-05-15 at 14:15 -0400, Ben Scott wrote:
> On Thu, May 15, 2008 at 1:04 PM, Coleman Kane <[EMAIL PROTECTED]> wrote:
> > I got Verizon DSL this week, and it turns out that they do block some
> > traffic.
> ...
> > I learned this, after the sales person assured me
> > that they don't bloc
FYI, you can also use the config file to specify different ssh keys to
be used for different remote systems. Very useful.
Dan
Drew Van Zandt wrote:
> My life just got infinitesimally easier. Thanks. Also works with
> scp, which is where I generally mess up the port selection. (-P
> instead
On May 15, 2008, Cole Tuininga sent me the following:
> Just another tool that does something similar to sshguard - denyhosts.
> (http://denyhosts.sf.net/) It's pretty configurable and can actually be
> used to monitor other services as well if you're willing to do a little
> bit of regex work.
On Thu, May 15, 2008 at 02:48:22PM -0400, Paul Lussier wrote:
> There's an errant process eating up NFS space. We have over 400 NFS
> clients, any one of which *could* be the culprit.
> I'm thinking a shell (or perl) script, ssh, and
> should be able to tell me this...
Have you seen collectl?
Agree with Drew. It's nice to know about that.
On Thu, 15 May 2008 14:44:39 -0400
"Drew Van Zandt" <[EMAIL PROTECTED]> wrote:
> My life just got infinitesimally easier. Thanks. Also works with scp,
> which is where I generally mess up the port selection. (-P instead of -p,
> BAH!)
>
> --DTVZ
Hi all,
How can I easily/quickly (programmatically?) find the top N processes
on a Linux system using the most I/O ?
There's an errant process eating up NFS space. We have over 400 NFS
clients, any one of which *could* be the culprit.
Since the NFS server is an appliance, there's really no way
My life just got infinitesimally easier. Thanks. Also works with scp,
which is where I generally mess up the port selection. (-P instead of -p,
BAH!)
--DTVZ
On Thu, May 15, 2008 at 2:18 PM, Ben Scott <[EMAIL PROTECTED]> wrote:
>
> In my $HOME/.ssh/config file:
>
> Host lib
> Hostname libert
On Thu, 15 May 2008 14:15:21 -0400
"Ben Scott" <[EMAIL PROTECTED]> wrote:
> What the sales guy or tech rep or
> anyone else says is not worth the paper is isn't written on.
I will keep this gem. It will prove useful in talking to more clients
than I care to think about.
Reading the sections of
On Thu, May 15, 2008 at 11:30 AM, Jerry Feldman <[EMAIL PROTECTED]> wrote:
>> ... run a sentry on 22, so that anyone trying to connect
>> to 22 is automatically blacklisted.
>
> That may be overly brutal.
Certainly, one size does not fit all. One should do what is
appropriate. That said...
>
On Thu, May 15, 2008 at 1:04 PM, Coleman Kane <[EMAIL PROTECTED]> wrote:
> I got Verizon DSL this week, and it turns out that they do block some
> traffic.
...
> I learned this, after the sales person assured me
> that they don't block inbound traffic.
Wow. I'm shocked -- *SHOCKED* -- to hear t
On Thu, May 15, 2008 at 1:04 PM, Coleman Kane <[EMAIL PROTECTED]> wrote:
>
> 25. So, is it just me, or are they specifically picking on web-servers
> here? The policy is quite absurd, in my mind. It is almost like they are
> choosing to pick on home-web-servers because of some inbred prejudice.
>
On Fri, 2008-04-25 at 18:01 -0400, Ben Scott wrote:
> On Fri, Apr 25, 2008 at 5:47 PM, Coleman Kane <[EMAIL PROTECTED]> wrote:
> > As far as I can tell, I need to get in touch with their business reps in
> > order to figure out a business package that works for me.
>
> Yah, their residential d
On Thu, 15 May 2008 11:17:55 -0400
"Ben Scott" <[EMAIL PROTECTED]> wrote:
> One variant of that strategy is to run the real SSH on some
> non-standard port, and then run a sentry on 22, so that anyone trying
> to connect to 22 is automatically blacklisted.
That may be overly brutal. I routinely
On Thursday 15 May 2008 11:17, Ben Scott wrote:
> On Thu, May 15, 2008 at 9:58 AM, kenta <[EMAIL PROTECTED]> wrote:
> > Bind ssh to two ports: 22 and a non standard port
> > In my firewall rules I specifically allow certain IP's to connect to port
> > 22.
>
> One variant of that strategy is to ru
On Thu, May 15, 2008 at 9:58 AM, kenta <[EMAIL PROTECTED]> wrote:
> Bind ssh to two ports: 22 and a non standard port
> In my firewall rules I specifically allow certain IP's to connect to port
> 22.
One variant of that strategy is to run the real SSH on some
non-standard port, and then run a se
On Thu, 15 May 2008 09:47:39 -0400
"Bob King" <[EMAIL PROTECTED]> wrote:
> According to the Information Week article:
>
> http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=207603339
>
> One of the more interesting bits was that the attacks are shifting to a more
>
On Thu, 2008-05-15 at 09:47 -0400, Bob King wrote:
> I always thought that disabling root access via ssh is a good idea,
> but reading this I would assume it would be a good idea to just
> deactivate password access via ssh all together and limit access to
> systems with keys known to the host. Mo
Just another tool that does something similar to sshguard - denyhosts.
(http://denyhosts.sf.net/) It's pretty configurable and can actually be
used to monitor other services as well if you're willing to do a little
bit of regex work.
I have to admit that since I've moved sshd away from port 22
"Thomas Charron" <[EMAIL PROTECTED]> writes:
> sshguard is a nice tool. It monitors syslog and automatically adds
> iptables rules to drop packets from the source of an arbitrary number
> of incorrect logins.
>
> http://sshguard.sourceforge.net/
>
> Note, many of the installers don't set some
On Thu, May 15, 2008 at 9:47 AM, Bob King <[EMAIL PROTECTED]> wrote:
> According to the Information Week article:
> http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=207603339
> One of the more interesting bits was that the attacks are shifting to a more
> distributed
I used to get a few thousand attempts every day on port 22. Restricting by
IP is a *good* thing.
Suggestion: Restrict SSH access to certain IPs. Write a PHP or Python web
app that can add an IP to that list (and also conveniently tells you what
your IP is.) The app should do this:
1) Text messa
On Thursday 15 May 2008 09:58, kenta wrote:
> I ended up with the following config...
>
> Bind ssh to two ports: 22 and a non standard port
>
> In my firewall rules I specifically allow certain IP's to connect to port
> 22. These include my internal network (192.168) and a handful of IP's from
> o
I ended up with the following config...
Bind ssh to two ports: 22 and a non standard port
In my firewall rules I specifically allow certain IP's to connect to port
22. These include my internal network (192.168) and a handful of IP's from
other hosts that I interact with on a regular basis.
Any
According to the Information Week article:
http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=207603339
One of the more interesting bits was that the attacks are shifting to a more
distributed model to avoid detection by IDS/IPS systems, using botnets.
Many distros
24 matches
Mail list logo