Banning IPs & MACs after too many unsuccessful login attempts 1980

Moe Trin

Yup, this is one of the first changes I plan to do, once I finish reinstalling SuSE 10.0

At the moment the computational downtime is really hurting my research. I really can't afford too much time to get the thing to allow remote ssh securely. So it looks like the best stopgap for now until I set up port knocking, xinetd and portsentry is to only allow ssh via one of my college's secure systems (so the hackers will need to break into two systems to get into my PC).

quicktime brightness 1982
The option useful to me appear to be -G (gamma correction-darker-lighter), but the problem is this: $ transcode -G 0.5 -x mov -i inputfile.mov -y mov -o outputfile.mov transcode v1.0.2 (C) 2001-2003...

Do you basically mean use a plain text file that contains a very long pbuttword for authentication?

I did a quick Google search on "certificate vs pbuttword linux login" and "certificate linux login" to no avail. What is the search term I look for?

Unfortunately I am behind a firewall I don't control and the IT team in the past has been less than co-operative. I have no idea whether they open just the "conventional" ssh port, or even do port forwarding.

Frankly I'm quite annoyed that they asked for external non-college PC MAC addresses to be "registered" with them for "security" purposes. At first I thought breach of privacy in exchange for some kind of MAC authentication remote login screen, so only registered MACs are allowed. Now after being hacked by someone using *any* MAC, it looks like just breach of privacy.

Thanks! I Googled for port knocking and it sounds like something really handy. Port scans won't work with port knocking because a would be hacker would need to get the port sequence right, correct? So in your example a port scan going from 1-65535 may miss the 7057-8012 sequence in under a minute.

Really useful link (hopefully will work with SuSE 10.0):

In theory is it possible to set up a combination of knocks to gain ssh access?

Yeah. I set that up. Myetc-sysctl.conf file on my other computers now looks like: net.ipv4.icmpechoignorebroadcasts = 1 net.ipv4.icmpechoignoreall = 1 net.ipv4.conf.all.rpfilter = 1

Authentication problem
Hi, I have a Windows 2003 AD domain across 3 subnets: 192.168.1.0 192.168.2.0 192.168.3.0 There is is Windows DC...

Is the 2nd line OK? If I remove it, it still responds to pings.

Good idea. After taking a look at the dictionary attack, I notice that the attempted login names rarely contain numbers. If they do, its like "test1", "test2", etc.

OK. What I'd find good as well is if I could get my Linux machine to send me an email of the IP address, login username and login time every time a successful login happens. Any ideas how to accomplish this?

Pro Engineer Wildfire 3 and LS Dyna.

Naturally, I don't advocate cracking either. However, my email address is operational and private, for academic "what if" purposes.

AFAIK there are no "open source" finite element codes available that deal with more sophisticated material models and features. It seems getting a finite element program working and producing accurate results (mutually exclusive events) takes too much professional elbow grease that open sourcing it is not an option beyond simple FE analysis.

Of course if anyone can recommend an open source program that can handle anisotropic materials undergoing high speed 3D deformation (with peer reviews and accuracy tests) I would be very appreciative. AFAIK the benchmark programs in this regard are LS Dyna and Autodyn.

List | Previous | Next

Authentication problem

Linux groups from Newsgroups

The #1 Usenet Provider on the Internet

Banning IPs & MACs after too many unsuccessful login attempts 1979

PLEX86 x86- Virtual Machine (VM) Program


	Plex86 \| CVS \| Mailing List \| Download \| Linux \| Newsgroups

		Banning IPs & MACs after too many unsuccessful login attempts 1980 Moe Trin Yup, this is one of the first changes I plan to do, once I finish reinstalling SuSE 10.0 At the moment the computational downtime is really hurting my research. I really can't afford too much time to get the thing to allow remote ssh securely. So it looks like the best stopgap for now until I set up port knocking, xinetd and portsentry is to only allow ssh via one of my college's secure systems (so the hackers will need to break into two systems to get into my PC). quicktime brightness 1982 The option useful to me appear to be -G (gamma correction-darker-lighter), but the problem is this: $ transcode -G 0.5 -x mov -i inputfile.mov -y mov -o outputfile.mov transcode v1.0.2 (C) 2001-2003... Do you basically mean use a plain text file that contains a very long pbuttword for authentication? I did a quick Google search on "certificate vs pbuttword linux login" and "certificate linux login" to no avail. What is the search term I look for? Unfortunately I am behind a firewall I don't control and the IT team in the past has been less than co-operative. I have no idea whether they open just the "conventional" ssh port, or even do port forwarding. Frankly I'm quite annoyed that they asked for external non-college PC MAC addresses to be "registered" with them for "security" purposes. At first I thought breach of privacy in exchange for some kind of MAC authentication remote login screen, so only registered MACs are allowed. Now after being hacked by someone using any MAC, it looks like just breach of privacy. Thanks! I Googled for port knocking and it sounds like something really handy. Port scans won't work with port knocking because a would be hacker would need to get the port sequence right, correct? So in your example a port scan going from 1-65535 may miss the 7057-8012 sequence in under a minute. Really useful link (hopefully will work with SuSE 10.0): In theory is it possible to set up a combination of knocks to gain ssh access? Yeah. I set that up. Myetc-sysctl.conf file on my other computers now looks like: net.ipv4.icmpechoignorebroadcasts = 1 net.ipv4.icmpechoignoreall = 1 net.ipv4.conf.all.rpfilter = 1 Authentication problem Hi, I have a Windows 2003 AD domain across 3 subnets: 192.168.1.0 192.168.2.0 192.168.3.0 There is is Windows DC... Is the 2nd line OK? If I remove it, it still responds to pings. Good idea. After taking a look at the dictionary attack, I notice that the attempted login names rarely contain numbers. If they do, its like "test1", "test2", etc. OK. What I'd find good as well is if I could get my Linux machine to send me an email of the IP address, login username and login time every time a successful login happens. Any ideas how to accomplish this? Pro Engineer Wildfire 3 and LS Dyna. Naturally, I don't advocate cracking either. However, my email address is operational and private, for academic "what if" purposes. AFAIK there are no "open source" finite element codes available that deal with more sophisticated material models and features. It seems getting a finite element program working and producing accurate results (mutually exclusive events) takes too much professional elbow grease that open sourcing it is not an option beyond simple FE analysis. Of course if anyone can recommend an open source program that can handle anisotropic materials undergoing high speed 3D deformation (with peer reviews and accuracy tests) I would be very appreciative. AFAIK the benchmark programs in this regard are LS Dyna and Autodyn. List \| Previous \| Next



		Authentication problem Linux groups from Newsgroups The #1 Usenet Provider on the Internet Banning IPs & MACs after too many unsuccessful login attempts 1979