Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Network attack - so what?
Special Forums Cybersecurity Network attack - so what? Post 302386492 by Action on Tuesday 12th of January 2010 02:34:15 PM
Old 01-12-2010
Quote:
Originally Posted by Neo
This question cannot be answered unless you describe the nature of the attack.

Your question is so vague, that we have no idea, really what you are talking about. A web attack? An SSH login attempt? A simple scan? Spam? What kind of attack?

Why would you ask such a question without providing any details and expect to get a useful answer?
Sorry.
To provide more details, with "attack" i meant SSH brute force - somebody tries to login as "Administrator" or with other users over SSH for many times. I think the IPs are always dynamic. To spam, what do you think of offers on the Web to subscribe for spam and of using it to spam spammers? Using email aliases, it would be possible. And, i didn't know (email) spam is considered as an attack.
To make my question in the first posting more precise: did I understand it right that for an attacker there will be no consequences?
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Bruteforce attack on my pc

since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise: this is just one of a many and I beleived it's a bruteforce attack how do i block this IP 200.41.81.228 from trying to knock my online pc? my system: FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Discussion started by: rdns
6 Replies

2. Cybersecurity

Replay Attack

REPLAY ATTACK. Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies

3. IP Networking

Bizzare network attack?

A server I host is having very rare glitches where a file the user downloads will have incorrect contents. This almost never happens when I am looking, I caught it once and only once -- a user messaged me saying his antivirus had given him a warning about an image file downloaded from his... (2 Replies)
Discussion started by: Corona688
2 Replies

4. Cybersecurity

What I think is a DoS attack

About 3 days ago our Apache logs started filling with the following errors: mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows) OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies

5. Cybersecurity

Found attack from

Hi, I have a belkin router installed and a look at the security log has got me worried a little bit. Security log: Fri Jan 29 20:41:46 2010 =>Found attack from 68.147.232.199. Source port is 58591 and destination port is 12426 which use the TCP protocol. Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies

6. Cybersecurity

UUCP attack?

Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning: What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies

7. Emergency UNIX and Linux Support

DDOS attack please help!

Dear community, my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql. I identified the IPs who attack me and block it through iptable firewall from debian. Something like: iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies

LEARN ABOUT SUSE

mail::spamassassin::plugin::shortcircuit

Mail::SpamAssassin::Plugin::Shortcircuit(3)		User Contributed Perl Documentation	       Mail::SpamAssassin::Plugin::Shortcircuit(3)

NAME

       Mail::SpamAssassin::Plugin::Shortcircuit - short-circuit evaluation for certain rules

SYNOPSIS

	 loadplugin	Mail::SpamAssassin::Plugin::Shortcircuit

	 report Content analysis details:   (_SCORE_ points, _REQD_ required, s/c _SCTYPE_)

	 add_header all Status "_YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ shortcircuit=_SCTYPE_ autolearn=_AUTOLEARN_ version=_VERSION_"

DESCRIPTION

       This plugin implements simple, test-based shortcircuiting.  Shortcircuiting a test will force all other pending rules to be skipped, if
       that test is hit.  In addition, a symbolic rule, "SHORTCIRCUIT", will fire.

       Recomended usage is to use "priority" to set rules with strong S/O values (ie.  1.0) to be run first, and make instant spam or ham
       classification based on that.

CONFIGURATION SETTINGS

       The following configuration settings are used to control shortcircuiting:

       shortcircuit SYMBOLIC_TEST_NAME {ham|spam|on|off}
	   Shortcircuiting a test will force all other pending rules to be skipped, if that test is hit.

	   Recomended usage is to use "priority" to set rules with strong S/O values (ie.  1.0) to be run first, and make instant spam or ham
	   classification based on that.

	   To override a test that uses shortcircuiting, you can set the classification type to "off".

	   on  Shortcircuits the rest of the tests, but does not make a strict classification of spam or ham.  Rather, it uses the default score
	       for the rule being shortcircuited.  This would allow you, for example, to define a rule such as

		 body TEST /test/
		 describe TEST test rule that scores barely over spam threshold
		 score TEST 5.5
		 priority TEST -100
		 shortcircuit TEST on

	       The result of a message hitting the above rule would be a final score of 5.5, as opposed to 100 (default) if it were classified as
	       spam.

	   off Disables shortcircuiting on said rule.

	   spam
	       Shortcircuit the rule using a set of defaults; override the default score of this rule with the score from
	       "shortcircuit_spam_score", set the "noautolearn" tflag, and set priority to "-100".  In other words, equivalent to:

		 shortcircuit TEST on
		 priority TEST -100
		 score TEST 100
		 tflags TEST noautolearn

	   ham Shortcircuit the rule using a set of defaults; override the default score of this rule with the score from
	       "shortcircuit_ham_score", set the "noautolearn" and "nice" tflags, and set priority to "-100".	In other words, equivalent to:

		 shortcircuit TEST on
		 priority TEST -100
		 score TEST -100
		 tflags TEST noautolearn nice

       shortcircuit_spam_score n.nn (default: 100)
	   When shortcircuit is used on a rule, and the shortcircuit classification type is set to "spam", this value should be applied in place
	   of the default score for that rule.

       shortcircuit_ham_score n.nn (default: -100)
	   When shortcircuit is used on a rule, and the shortcircuit classification type is set to "ham", this value should be applied in place of
	   the default score for that rule.

TAGS

       The following tags are added to the set available for use in reports, headers etc.:

	 _SC_		   shortcircuit status (classification and rule name)
	 _SCRULE_	   rulename that caused the shortcircuit
	 _SCTYPE_	   shortcircuit classification ("spam", "ham", "default", "none")

SEE ALSO

       "http://issues.apache.org/SpamAssassin/show_bug.cgi?id=3109"

perl v5.12.1							    2010-03-16			       Mail::SpamAssassin::Plugin::Shortcircuit(3)
All times are GMT -4. The time now is 06:41 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy