10-16-2007
fail2ban
Quote:
Originally Posted by
rdns
since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise
You really should look into a neat program called "fail2ban". I have it running on a Debian-server and it's great.
You can configure how many retries someone has after a password-failure and how long they are banned (two hours in my case). It continually scans your /var/log/auth.log and acts. Check out
Main Page - Fail2ban for more info.
Quote:
2007-10-14 15:28:26,088 fail2ban.actions: WARNING [ssh] Ban 61.146.178.13
2007-10-14 17:28:26,809 fail2ban.actions: WARNING [ssh] Unban 61.146.178.13
2007-10-15 19:27:09,866 fail2ban.actions: WARNING [ssh] Ban 218.234.170.147
2007-10-15 21:27:10,316 fail2ban.actions: WARNING [ssh] Unban 218.234.170.147
7 More Discussions You Might Find Interesting
1. Cybersecurity
REPLAY ATTACK.
Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies
2. Cybersecurity
About 3 days ago our Apache logs started filling with the following errors:
mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows)
OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified
These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies
3. Cybersecurity
Hi,
I have a belkin router installed and a look at the security log has got me worried a little bit.
Security log:
Fri Jan 29 20:41:46 2010
=>Found attack from 68.147.232.199.
Source port is 58591 and destination port is 12426 which use the TCP protocol.
Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies
4. Cybersecurity
In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies
5. Cybersecurity
Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning:
What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies
6. UNIX for Dummies Questions & Answers
Hi everyone,
I've got an extensive collection of seismic files that I am trying to turn into workable subsurface data collection. It's all real-time history and it is being loaded onto the main linux computer from a collection of about 1000 CDs. There are about 4000 seismic files on each CD, and... (3 Replies)
Discussion started by: ws6transam
3 Replies
7. Emergency UNIX and Linux Support
Dear community,
my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql.
I identified the IPs who attack me and block it through iptable firewall from debian.
Something like:
iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP
This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies
LEARN ABOUT SUNOS
sftp-server
sftp-server(1M) System Administration Commands sftp-server(1M)
NAME
sftp-server - SFTP server subsystem
SYNOPSIS
/usr/lib/ssh/sftp-server
DESCRIPTION
sftp-server implements the server side of the SSH File Transfer Protocol as defined in the IETF draft-ietf-secsh-filexfer.
sftp-server is a subsystem for sshd(1M) and must not be run directly. There are no options or config settings.
To enable the sftp-server subsystem for sshd add the following to /etc/ssh/sshd_config:
Subsystem sftp /usr/lib/ssh/sftp-server
See sshd_config(4) for a description of the format and contents of that file.
There is no relationship between the protocol used by sftp-server and the FTP protocol (RFC 959) provided by in.ftpd.
EXIT STATUS
The following exit values are returned:
0 Successful completion.
>0 An error occurred.
FILES
/usr/lib/sftp-server
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshdu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO
sftp(1), ssh(1), ssh-add(1), ssh-keygen(1), sshd(1M), sshd_config(4), attributes(5)
To view license terms, attribution, and copyright for OpenSSH, the default path is /var/sadm/pkg/SUNWsshdr/install/copyright. If the
Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the installed
location.
AUTHOR
Markus Friedl
SunOS 5.10 30 Jul 2003 sftp-server(1M)