Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: DDoS and brute force attack
Special Forums Cybersecurity DDoS and brute force attack Post 302885960 by romanepo on Wednesday 29th of January 2014 06:46:12 AM
Old 01-29-2014
DDoS and brute force attack
How to protect DDoS and brute force attack.
I want to secure my server and block attacker.
 

7 More Discussions You Might Find Interesting

1. Cybersecurity

what is the better way to protect my server from DDos Attack

heloo today i have DDos Attack in my server what is the better way to secure my server from DDos Attack i use CentOS 4&5 i try every firewall and talk to softlayer - iweb i've Tried every possible solutions but I can not find a solution to the problems Give Me The best way plzz (4 Replies)
Discussion started by: a7medo
4 Replies

2. UNIX for Advanced & Expert Users

Apache brute force attack

Hi, I'm trying find out if there is a way to stop a brute force attack on a Webmail site. I'm trying to setup a webmail access, but I would like to prevent too many invalid logins from the same IP. I've looked into Snort, but I was wondering if there was an application level firewall that can... (1 Reply)
Discussion started by: nitin
1 Replies

3. UNIX for Advanced & Expert Users

Brute force SMTP attack right now *help*

Im currently experiancing a brute force attack on my server Nov 26 15:27:04 ws096 saslauthd: do_auth : auth failure: Nov 26 15:27:13 ws096 saslauthd: do_auth : auth failure: Nov 26 15:27:22 ws096 saslauthd: do_auth : auth failure: Nov 26 15:27:29 ws096... (4 Replies)
Discussion started by: mcraul
4 Replies

4. Cybersecurity

DDoS Simulation Tools

are there any popular DDoS simulation tools to test my own infrastructure? Anyone tried to setup all these in AWS EC2? (1 Reply)
Discussion started by: boriskong
1 Replies

5. Shell Programming and Scripting

Expect script that simulates a SSH brute force attack

I want to test the effectiveness of sshguard on some of my systems so I'm trying to write a script that simulates a brute force attack by sending a bunch of different username and password combinations to the servers being tested. So far I have this: #!/usr/local/bin/expect set timeout 3... (5 Replies)
Discussion started by: ph0enix
5 Replies

6. Emergency UNIX and Linux Support

DDOS attack please help!

Dear community, my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql. I identified the IPs who attack me and block it through iptable firewall from debian. Something like: iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies

7. UNIX for Advanced & Expert Users

Anti ddos shell script, is it useful?

Hi guys, just need a opinion from you. I found anti ddos script from github Script What is your opinion about it? Is it usefull? Do you have some similar? I want to protect my servers on all levels, why not in the servers via script. I assume I must fix this script to be useful for me, but... (1 Reply)
Discussion started by: tomislav91
1 Replies

LEARN ABOUT OSX

gitnamespaces

GITNAMESPACES(7)						    Git Manual							  GITNAMESPACES(7)

NAME

       gitnamespaces - Git namespaces

SYNOPSIS

       GIT_NAMESPACE=<namespace> git upload-pack
       GIT_NAMESPACE=<namespace> git receive-pack

DESCRIPTION

       Git supports dividing the refs of a single repository into multiple namespaces, each of which has its own branches, tags, and HEAD. Git can
       expose each namespace as an independent repository to pull from and push to, while sharing the object store, and exposing all the refs to
       operations such as git-gc(1).

       Storing multiple repositories as namespaces of a single repository avoids storing duplicate copies of the same objects, such as when
       storing multiple branches of the same source. The alternates mechanism provides similar support for avoiding duplicates, but alternates do
       not prevent duplication between new objects added to the repositories without ongoing maintenance, while namespaces do.

       To specify a namespace, set the GIT_NAMESPACE environment variable to the namespace. For each ref namespace, Git stores the corresponding
       refs in a directory under refs/namespaces/. For example, GIT_NAMESPACE=foo will store refs under refs/namespaces/foo/. You can also specify
       namespaces via the --namespace option to git(1).

       Note that namespaces which include a / will expand to a hierarchy of namespaces; for example, GIT_NAMESPACE=foo/bar will store refs under
       refs/namespaces/foo/refs/namespaces/bar/. This makes paths in GIT_NAMESPACE behave hierarchically, so that cloning with
       GIT_NAMESPACE=foo/bar produces the same result as cloning with GIT_NAMESPACE=foo and cloning from that repo with GIT_NAMESPACE=bar. It also
       avoids ambiguity with strange namespace paths such as foo/refs/heads/, which could otherwise generate directory/file conflicts within the
       refs directory.

       git-upload-pack(1) and git-receive-pack(1) rewrite the names of refs as specified by GIT_NAMESPACE. git-upload-pack and git-receive-pack
       will ignore all references outside the specified namespace.

       The smart HTTP server, git-http-backend(1), will pass GIT_NAMESPACE through to the backend programs; see git-http-backend(1) for sample
       configuration to expose repository namespaces as repositories.

       For a simple local test, you can use git-remote-ext(1):

	   git clone ext::'git --namespace=foo %s /tmp/prefixed.git'

SECURITY

       The fetch and push protocols are not designed to prevent one side from stealing data from the other repository that was not intended to be
       shared. If you have private data that you need to protect from a malicious peer, your best option is to store it in another repository.
       This applies to both clients and servers. In particular, namespaces on a server are not effective for read access control; you should only
       grant read access to a namespace to clients that you would trust with read access to the entire repository.

       The known attack vectors are as follows:

	1. The victim sends "have" lines advertising the IDs of objects it has that are not explicitly intended to be shared but can be used to
	   optimize the transfer if the peer also has them. The attacker chooses an object ID X to steal and sends a ref to X, but isn't required
	   to send the content of X because the victim already has it. Now the victim believes that the attacker has X, and it sends the content
	   of X back to the attacker later. (This attack is most straightforward for a client to perform on a server, by creating a ref to X in
	   the namespace the client has access to and then fetching it. The most likely way for a server to perform it on a client is to "merge" X
	   into a public branch and hope that the user does additional work on this branch and pushes it back to the server without noticing the
	   merge.)

	2. As in #1, the attacker chooses an object ID X to steal. The victim sends an object Y that the attacker already has, and the attacker
	   falsely claims to have X and not Y, so the victim sends Y as a delta against X. The delta reveals regions of X that are similar to Y to
	   the attacker.

Git 2.17.1							    10/05/2018							  GITNAMESPACES(7)
All times are GMT -4. The time now is 11:07 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy