01-06-2010
While the advises above are valuable, I can also vote for contacting Spamhaus for such issues, if deemed they are proper for their activity. Having worked as Security and Abuse administrator, I can only say I was pleased to work with Spamhaus for a few years, but like I said, it will depend on the type of attack.
7 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise:
this is just one of a many and I beleived it's a bruteforce attack
how do i block this IP 200.41.81.228 from trying to knock my online pc?
my system:
FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Discussion started by: rdns
6 Replies
2. Cybersecurity
REPLAY ATTACK.
Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies
3. IP Networking
A server I host is having very rare glitches where a file the user downloads will have incorrect contents. This almost never happens when I am looking, I caught it once and only once -- a user messaged me saying his antivirus had given him a warning about an image file downloaded from his... (2 Replies)
Discussion started by: Corona688
2 Replies
4. Cybersecurity
About 3 days ago our Apache logs started filling with the following errors:
mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows)
OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified
These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies
5. Cybersecurity
Hi,
I have a belkin router installed and a look at the security log has got me worried a little bit.
Security log:
Fri Jan 29 20:41:46 2010
=>Found attack from 68.147.232.199.
Source port is 58591 and destination port is 12426 which use the TCP protocol.
Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies
6. Cybersecurity
Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning:
What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies
7. Emergency UNIX and Linux Support
Dear community,
my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql.
I identified the IPs who attack me and block it through iptable firewall from debian.
Something like:
iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP
This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies
LEARN ABOUT DEBIAN
init_policy
INIT_POLICY(8) System Administration Utilities INIT_POLICY(8)
NAME
init_policy - initialize TOMOYO Linux policy
SYNOPSIS
init_policy [option]
DESCRIPTION
This program generates templates for all policy files. However, the output should be reviewed because automatically generated exception
policy may contain dangerous or redundant entries.
This program only needs to be run once.
OPTIONS
--file-only-profile
Create profiles with only file-related functionality enabled.
--full-profile
Create profiles with all functionality enabled. [default]
--use_profile=integer
Set the default profile number for the "<kernel>" domain to the specified integer, which must be between 0 and 255. [default=0]
--use_group=integer
Set the default group number for the "<kernel>" domain to the specified integer, which must be between 0 and 255. [default=0]
--max_audit_log=integer
Set the default maximal audit log entries that the kernel will spool in the /sys/kernel/security/tomoyo/audit interface. This value
must be an integer, and can be set to 0 if audit logs are not required. Maximum memory used can also be controlled via the
/sys/kernel/security/tomoyo/stat interface. [default=1024]
--max_learning_entry=integer
Set the default maximum number of ACL entries automatically added to each domain by the kernel when using learning mode. This value
must be an integer, and can be set to o if you do not need learning mode. Maximum memory used can also be controlled using the
/sys/kernel/security/tomoyo/stat interface.
--grant_log=value
Set whether grant logs should be audited. This value can either be "yes" or "no". [default=no]
--reject_log=value
Set whether reject logs should be audited. This value can either be "yes" or "no". [default=yes]
EXAMPLES
Initialize policy
/usr/lib/tomoyo/init_policy
BUGS
If you find any bugs, send an email to <tomoyo-users-en@lists.sourceforge.jp>.
AUTHORS
Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Main author.
Jamie Nguyen <jamie@tomoyolinux.co.uk>
Documentation and website.
Naohiro Aoto <naoto@namazu.org>
Bug fix for 64bit Gentoo.
SEE ALSO
tomoyo-init(8)
See <http://tomoyo.sourceforge.jp> for more information.
tomoyo-tools 2.5.0 2012-04-14 INIT_POLICY(8)