On Tue, Jun 12, 2007 at 08:05:23AM +0200, shadus wrote:
>
> Personally, I prefer passwords to keys, although with enough computer power
> all passwords are breakable through brute force given enough time... with a
> very long complex password using a variety of caps, symbols, numbers, et
> all.
[quote]The best thing you can do is to disable password logins altogether.
Using public keys is much more secure and makes it *impossible* for a
dictionary attack to succeed.[/quote]
If someone can get my 40+ character password which includes symbols, numbers,
letters, lowercase, and upperca
If it's an address on the internet... otherwise as people have noted using dig
will generally get you a reverse dns entry for it which may or may not contain
useful information.
whois -hwhois.arin.net ipaddr
You may also want to consider installing something like fail2ban to just nix
his ip
On 6/10/07, Mike Bird <[EMAIL PROTECTED]> wrote:
On Sunday 10 June 2007 09:29, David Baron wrote:
Unless the neighbor kid is really stupid, the attacker is probably
operating from a foreign country via a chain of several hacked PCs.
You will most likely never know who it is. The attacker is pr
On Mon, Jun 11, 2007 at 12:55:22AM -0400, Roberto C. Sánchez wrote:
> On Sun, Jun 10, 2007 at 10:35:56PM -0600, Telly Williams wrote:
> >
> > When you talk about logging into the computer without a password,
> > are you talking about SSH? If so, how do you handle doing that in, say,
> > an in
Celejar([EMAIL PROTECTED]) is reported to have said:
> On Mon, 11 Jun 2007 16:06:19 +0300
> David Baron <[EMAIL PROTECTED]> wrote:
>
> > On Monday 11 June 2007, [EMAIL PROTECTED] wrote:
> > > > Not exactly answering your question. But I do see a lot of IPs
> > > > performing
> > > > dictionary at
On 06/11/2007 08:53 AM, David Baron wrote:
> On Sunday 10 June 2007, [EMAIL PROTECTED] wrote:
>>> Someone is trying to ssh on to my system. Trying on several ports. Not
>>> the first time, either. Thankfully, he does not have a password. Besides
>>> a bunch of Deprecated option ReverseMappingCheck,
On Mon, 11 Jun 2007 16:06:19 +0300
David Baron <[EMAIL PROTECTED]> wrote:
> On Monday 11 June 2007, [EMAIL PROTECTED] wrote:
> > > Not exactly answering your question. But I do see a lot of IPs performing
> > > dictionary attacks on my machine. What I do is go through
> > > /var/log/auth.log perio
On Monday 11 June 2007, [EMAIL PROTECTED] wrote:
> > Not exactly answering your question. But I do see a lot of IPs performing
> > dictionary attacks on my machine. What I do is go through
> > /var/log/auth.log periodically and add the offending IPs to
> > /etc/hosts.deny . That way, in future, the
On Sunday 10 June 2007, [EMAIL PROTECTED] wrote:
> > Someone is trying to ssh on to my system. Trying on several ports. Not
> > the first time, either. Thankfully, he does not have a password. Besides
> > a bunch of Deprecated option ReverseMappingCheck, so far no harm done.
> >
> > Since my logs h
Ralph Katz wrote:
On 06/10/2007 05:13 PM, andy wrote:
[...]
Ralph
What does fail2ban actually do. As my machine is behind an OBSD
firewall, would it still be relevant?
Cheers
andy -- It's relevant if you're under attack! ;)
fail2ban doesn't care if the attack is from North Korea
Wayne Topa wrote:
andy([EMAIL PROTECTED]) is reported to have said:
Ralph Katz wrote:
On 06/10/2007 12:26 PM, David Baron wrote:
What does fail2ban actually do. As my machine is behind an OBSD
firewall, would it still be relevant?
Use the tools Luke (andy)
aptitude |
On Sun, Jun 10, 2007 at 10:35:56PM -0600, Telly Williams wrote:
>
> When you talk about logging into the computer without a password,
> are you talking about SSH? If so, how do you handle doing that in, say,
> an internet cafe? Thanks. ~Telly
>
Yes, I am talking about ssh without a password
Roberto C. Sánchez wrote:
> On Sun, Jun 10, 2007 at 08:33:21PM -0400, Kamaraju S Kusumanchi wrote:
>
>> Somehow, I am not comfortable with this. I have read in many places that key
>> authentication is the most secure method and I agree with them. However it
>> is not very convenient. Consider t
On 06/10/2007 05:13 PM, andy wrote:
[...]
> Ralph
>
> What does fail2ban actually do. As my machine is behind an OBSD
> firewall, would it still be relevant?
>
> Cheers
andy -- It's relevant if you're under attack! ;)
fail2ban doesn't care if the attack is from North Korea or an old pc on
yo
On Sun, 10 Jun 2007 20:20:05 -0400
Kamaraju S Kusumanchi <[EMAIL PROTECTED]> wrote:
> David Baron wrote:
>
> > Someone is trying to ssh on to my system. Trying on several
> > ports. Not the first time, either. Thankfully, he does not have
> > a password. Besides a bunch of Deprecated option
> > R
On Sun, Jun 10, 2007 at 08:33:21PM -0400, Kamaraju S Kusumanchi wrote:
>
> Somehow, I am not comfortable with this. I have read in many places that key
> authentication is the most secure method and I agree with them. However it
> is not very convenient. Consider this situation.
>
> Say, I ssh in
Roberto C. Sánchez wrote:
> On Sun, Jun 10, 2007 at 08:20:05PM -0400, Kamaraju S Kusumanchi wrote:
>> David Baron wrote:
>>
>> > Someone is trying to ssh on to my system. Trying on several ports. Not
>> > the first time, either. Thankfully, he does not have a password.
>> > Besides a bunch of Dep
On Sun, Jun 10, 2007 at 08:20:05PM -0400, Kamaraju S Kusumanchi wrote:
> David Baron wrote:
>
> > Someone is trying to ssh on to my system. Trying on several ports. Not the
> > first time, either. Thankfully, he does not have a password. Besides a
> > bunch of Deprecated option ReverseMappingCheck
David Baron wrote:
> Someone is trying to ssh on to my system. Trying on several ports. Not the
> first time, either. Thankfully, he does not have a password. Besides a
> bunch of Deprecated option ReverseMappingCheck, so far no harm done.
>
> Since my logs have this IP number, how do I find out
andy([EMAIL PROTECTED]) is reported to have said:
> Ralph Katz wrote:
> >On 06/10/2007 12:26 PM, David Baron wrote:
> >
>
> What does fail2ban actually do. As my machine is behind an OBSD
> firewall, would it still be relevant?
Use the tools Luke (andy)
aptitude | apt-cache show fail2ban
Wa
Ralph Katz wrote:
On 06/10/2007 12:26 PM, David Baron wrote:
Someone is trying to ssh on to my system. Trying on several ports. Not the
first time, either. Thankfully, he does not have a password. Besides a bunch
of Deprecated option ReverseMappingCheck, so far no harm done.
Since my logs
On Sunday 10 June 2007, [EMAIL PROTECTED] wrote:
> > Someone is trying to ssh on to my system. Trying on several ports. Not
> > the first time, either. Thankfully, he does not have a password. Besides
> > a bunch of Deprecated option ReverseMappingCheck, so far no harm done.
> >
> > Since my logs h
On 06/10/2007 12:26 PM, David Baron wrote:
> Someone is trying to ssh on to my system. Trying on several ports. Not the
> first time, either. Thankfully, he does not have a password. Besides a bunch
> of Deprecated option ReverseMappingCheck, so far no harm done.
>
> Since my logs have this IP n
On Sun, Jun 10, 2007 at 12:10:29PM -0700, Mike Bird wrote:
> On Sunday 10 June 2007 09:29, David Baron wrote:
> > SSH is not exposed from local to internet!
> > It is to a "VMZ" which is a virtual machine that may have been running at
> > the time. But who is this IP (virtual machines are like 10.0
On Sunday 10 June 2007 09:29, David Baron wrote:
> >Someone is trying to ssh on to my system. Trying on several ports. Not the
> >first time, either. Thankfully, he does not have a password. Besides a
> > bunch of Deprecated option ReverseMappingCheck, so far no harm done.
> >
> >Since my logs have
David Baron wrote:
Someone is trying to ssh on to my system. Trying on several ports. Not the
first time, either. Thankfully, he does not have a password. Besides a bunch
of Deprecated option ReverseMappingCheck, so far no harm done.
Since my logs have this IP number, how do I find out who
On Sun, 10 Jun 2007 19:26:46 +0300
David Baron <[EMAIL PROTECTED]> wrote:
> Someone is trying to ssh on to my system. Trying on several ports.
> Not the first time, either. Thankfully, he does not have a
> password. Besides a bunch of Deprecated option
> ReverseMappingCheck, so far no harm done.
On 06/10/07 11:26, David Baron wrote:
Someone is trying to ssh on to my system. Trying on several ports. Not the
first time, either. Thankfully, he does not have a password. Besides a bunch
of Deprecated option ReverseMappingCheck, so far no harm done.
Since my logs have this IP number, how do
>Someone is trying to ssh on to my system. Trying on several ports. Not the
>first time, either. Thankfully, he does not have a password. Besides a bunch
>of Deprecated option ReverseMappingCheck, so far no harm done.
>Since my logs have this IP number, how do I find out who it is?
SSH is not e
30 matches
Mail list logo
