11-26-2008
You cant?
netstat -na
lsof -i
8 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
I'm trying find out if there is a way to stop a brute force attack on a Webmail site. I'm trying to setup a webmail access, but I would like to prevent too many invalid logins from the same IP.
I've looked into Snort, but I was wondering if there was an application level firewall that can... (1 Reply)
Discussion started by: nitin
1 Replies
2. Cybersecurity
About 3 days ago our Apache logs started filling with the following errors:
mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows)
OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified
These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies
3. Cybersecurity
Hi,
I have a belkin router installed and a look at the security log has got me worried a little bit.
Security log:
Fri Jan 29 20:41:46 2010
=>Found attack from 68.147.232.199.
Source port is 58591 and destination port is 12426 which use the TCP protocol.
Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies
4. Cybersecurity
In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies
5. Cybersecurity
Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning:
What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies
6. Cybersecurity
How to protect DDoS and brute force attack.
I want to secure my server and block attacker. (1 Reply)
Discussion started by: romanepo
1 Replies
7. Shell Programming and Scripting
I want to test the effectiveness of sshguard on some of my systems so I'm trying to write a script that simulates a brute force attack by sending a bunch of different username and password combinations to the servers being tested. So far I have this:
#!/usr/local/bin/expect
set timeout 3... (5 Replies)
Discussion started by: ph0enix
5 Replies
8. Emergency UNIX and Linux Support
Dear community,
my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql.
I identified the IPs who attack me and block it through iptable firewall from debian.
Something like:
iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP
This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies
LEARN ABOUT MOJAVE
aa-unconfined
AA-UNCONFINED(8) AppArmor AA-UNCONFINED(8)
NAME
aa-unconfined - output a list of processes with tcp or udp ports that do not have AppArmor profiles loaded
SYNOPSIS
aa-unconfined
DESCRIPTION
aa-unconfined will use netstat(8) to determine which processes have open network sockets and do not have AppArmor profiles loaded into the
kernel.
BUGS
aa-unconfined must be run as root to retrieve the process executable link from the /proc filesystem. This program is susceptible to race
conditions of several flavours: an unlinked executable will be mishandled; an executable started before a AppArmor profile is loaded will
not appear in the output, despite running without confinement; a process that dies between the netstat(8) and further checks will be
mishandled. This program only lists processes using TCP and UDP. In short, this program is unsuitable for forensics use and is provided
only as an aid to profiling all network-accessible processes in the lab.
If you find any bugs, please report them at <http://https://bugs.launchpad.net/apparmor/+filebug>.
SEE ALSO
netstat(8), apparmor(7), apparmor.d(5), aa_change_hat(2), and <http://wiki.apparmor.net>.
AppArmor 2.7.103 2012-06-28 AA-UNCONFINED(8)