Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Network attack - so what?
Special Forums Cybersecurity Network attack - so what? Post 302383309 by thegeek on Tuesday 29th of December 2009 08:03:26 AM
Old 12-29-2009
You should block those IPs using firewall.
  • You should constantly monitor the log, and append your block list with the new IPs that attacks.
  • Or allow only the IPs that are expected.
You should have strong password for root login, if that is ssh attack. Or even you can think about locking the root account, and use some sudo account to do the administration and be in the safer side.
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Bruteforce attack on my pc

since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise: this is just one of a many and I beleived it's a bruteforce attack how do i block this IP 200.41.81.228 from trying to knock my online pc? my system: FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Discussion started by: rdns
6 Replies

2. Cybersecurity

Replay Attack

REPLAY ATTACK. Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies

3. IP Networking

Bizzare network attack?

A server I host is having very rare glitches where a file the user downloads will have incorrect contents. This almost never happens when I am looking, I caught it once and only once -- a user messaged me saying his antivirus had given him a warning about an image file downloaded from his... (2 Replies)
Discussion started by: Corona688
2 Replies

4. Cybersecurity

What I think is a DoS attack

About 3 days ago our Apache logs started filling with the following errors: mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows) OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies

5. Cybersecurity

Found attack from

Hi, I have a belkin router installed and a look at the security log has got me worried a little bit. Security log: Fri Jan 29 20:41:46 2010 =>Found attack from 68.147.232.199. Source port is 58591 and destination port is 12426 which use the TCP protocol. Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies

6. Cybersecurity

UUCP attack?

Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning: What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies

7. Emergency UNIX and Linux Support

DDOS attack please help!

Dear community, my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql. I identified the IPs who attack me and block it through iptable firewall from debian. Something like: iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies

LEARN ABOUT PLAN9

newgrp

NEWGRP(1)							   User Commands							 NEWGRP(1)

NAME

       newgrp - log in to a new group

SYNOPSIS

       newgrp [-] [group]

DESCRIPTION

       The newgrp command is used to change the current group ID during a login session. If the optional - flag is given, the user's environment
       will be reinitialized as though the user had logged in, otherwise the current environment, including current working directory, remains
       unchanged.

       newgrp changes the current real group ID to the named group, or to the default group listed in /etc/passwd if no group name is given.
       newgrp also tries to add the group to the user groupset. If not root, the user will be prompted for a password if she does not have a
       password (in /etc/shadow if this user has an entry in the shadowed password file, or in /etc/passwd otherwise) and the group does, or if
       the user is not listed as a member and the group has a password. The user will be denied access if the group password is empty and the user
       is not listed as a member.

       If there is an entry for this group in /etc/gshadow, then the list of members and the password of this group will be taken from this file,
       otherwise, the entry in /etc/group is considered.

CONFIGURATION

       The following configuration variables in /etc/login.defs change the behavior of this tool:

       SYSLOG_SG_ENAB (boolean)
	   Enable "syslog" logging of sg activity.

FILES

       /etc/passwd
	   User account information.

       /etc/shadow
	   Secure user account information.

       /etc/group
	   Group account information.

       /etc/gshadow
	   Secure group account information.

SEE ALSO

       id(1), login(1), su(1), sg(1), gpasswd(1), group(5), gshadow(5).

shadow-utils 4.5						    01/25/2018								 NEWGRP(1)
All times are GMT -4. The time now is 07:01 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy