[rhn-users] RE: rhn-users Digest, Vol 34, Issue 2
Le, Vinh G
VGLe at cbe.ab.ca
Thu Dec 7 21:31:15 UTC 2006
I use denyhost from
http://denyhosts.sourceforge.net/
to block the intruders against their attempts logging to my server(s).
Vinh Le
-----Original Message-----
From: rhn-users-bounces at redhat.com [mailto:rhn-users-bounces at redhat.com] On Behalf Of rhn-users-request at redhat.com
Sent: Thursday, December 07, 2006 9:58 AM
To: rhn-users at redhat.com
Subject: rhn-users Digest, Vol 34, Issue 2
Send rhn-users mailing list submissions to
rhn-users at redhat.com
To subscribe or unsubscribe via the World Wide Web, visit
https://www.redhat.com/mailman/listinfo/rhn-users
or, via email, send a message with subject or body 'help' to
rhn-users-request at redhat.com
You can reach the person managing the list at
rhn-users-owner at redhat.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of rhn-users digest..."
Today's Topics:
1. Login (Philippe B. Laval)
2. Re: Login (Wolfram R. Jarisch)
3. Re: Login (Cedric Porte)
4. Re: Login (Simon Ball)
----------------------------------------------------------------------
Message: 1
Date: Thu, 7 Dec 2006 11:29:01 -0500
From: "Philippe B. Laval" <plaval at kennesaw.edu>
Subject: [rhn-users] Login
To: "'Discussions about Red Hat Network \(rhn.redhat.com\)'"
<rhn-users at redhat.com>
Message-ID: <000401c71a1c$d58c59e0$61aefea9 at HOMEPC>
Content-Type: text/plain; charset="us-ascii"
Running Linux Es 3.0. Is there a way to configure logins so they are
rejected after a certain number of failures? I can see from my logs that
somebody has been trying to get into my system. They consistently (like
every few seconds) try to log in as a certain user. After a while, they
give up and try another user. What is the best way to handle this. I would
like to be able to set up each account so they are blocked after a certain
number of failures. I also would like to be able to block certain IP
addresses after a certain number of failed logins, even if they were for
different user names.
Thanks
P. Laval
Dr. Philippe B. Laval
Associate Professor of Mathematics
Kennesaw State University
1000 Chastain Road
Kennesaw, GA 30144
USA
office: SC 526
Phone: 770-499-3325
fax: 404-364-0552
e-mail: plaval at kennesaw.edu
web: http://science.kennesaw.edu/~plaval
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://www.redhat.com/archives/rhn-users/attachments/20061207/35b3e849/attachment.html
------------------------------
Message: 2
Date: Thu, 07 Dec 2006 11:53:36 -0500
From: "Wolfram R. Jarisch" <wolfram at cyber-inc.us>
Subject: Re: [rhn-users] Login
To: "Discussions about Red Hat Network (rhn.redhat.com)"
<rhn-users at redhat.com>
Message-ID: <1165510416.5715.10.camel at ws530.localdomain>
Content-Type: text/plain; charset="us-ascii"
Hi Philippe,
There is a very useful software package DenyHosts at
http://denyhosts.sourceforge.net/
See also the reviews listed there.
We have been using this system for about a year (still with version 2.2
- with possible minor bugs that take a bit longer to shut out a hacking
IP than specified). The system has been very reliable, as verified by
our own automated tracker for login attempts.
A newer version 2.5 is available.
With best wishes,
Dr. Wolfram Jarisch
Cyber Technology, Inc.
---------------------------------------------------------------------------------------
On Thu, 2006-12-07 at 11:29 -0500, Philippe B. Laval wrote:
> Running Linux Es 3.0. Is there a way to configure logins so they are
> rejected after a certain number of failures? I can see from my logs
> that somebody has been trying to get into my system. They
> consistently (like every few seconds) try to log in as a certain user.
> After a while, they give up and try another user. What is the best
> way to handle this. I would like to be able to set up each account so
> they are blocked after a certain number of failures. I also would
> like to be able to block certain IP addresses after a certain number
> of failed logins, even if they were for different user names.
>
>
>
> Thanks
>
>
>
> P. Laval
>
>
>
>
>
>
>
>
> Dr. Philippe B. Laval
>
> Associate Professor of Mathematics
>
> Kennesaw State University
>
> 1000 Chastain Road
>
> Kennesaw, GA 30144
>
> USA
>
>
>
> office: SC 526
>
> Phone: 770-499-3325
>
> fax: 404-364-0552
>
> e-mail: plaval at kennesaw.edu
>
> web: http://science.kennesaw.edu/~plaval
>
>
>
> _______________________________________________
> rhn-users mailing list
> rhn-users at redhat.com
> https://www.redhat.com/mailman/listinfo/rhn-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://www.redhat.com/archives/rhn-users/attachments/20061207/97dfd851/attachment.html
------------------------------
Message: 3
Date: Thu, 7 Dec 2006 17:54:54 +0100
From: Cedric Porte <cedric.porte at fr.ibm.com>
Subject: Re: [rhn-users] Login
To: "Discussions about Red Hat Network (rhn.redhat.com)"
<rhn-users at redhat.com>
Message-ID:
<OF1AC2B023.502CB6CF-ONC125723D.005C5CE8-C125723D.005CEA8D at fr.ibm.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi Dr. Laval,
Which protocol do you use to login ? SSH (port 22), Telnet (port 23) ?
I think is more efficient to block access to login for everyone except for
authorized IP.
Can you use this politic security in your environment ?
Cordialement,
Cédric Porte
Web Hosting Technical Customer Manager
PHONE: +33 4 92 11 41 77 ( TL : 36-4177)
Email: cedric.porte at fr.ibm.com
"Philippe B. Laval" <plaval at kennesaw.edu>
Sent by: rhn-users-bounces at redhat.com
07/12/2006 17:29
Please respond to
"Discussions about Red Hat Network (rhn.redhat.com)"
<rhn-users at redhat.com>
To
"'Discussions about Red Hat Network (rhn.redhat.com)'"
<rhn-users at redhat.com>
cc
Subject
[rhn-users] Login
Running Linux Es 3.0. Is there a way to configure logins so they are
rejected after a certain number of failures? I can see from my logs that
somebody has been trying to get into my system. They consistently (like
every few seconds) try to log in as a certain user. After a while, they
give up and try another user. What is the best way to handle this. I
would like to be able to set up each account so they are blocked after a
certain number of failures. I also would like to be able to block certain
IP addresses after a certain number of failed logins, even if they were
for different user names.
Thanks
P. Laval
Dr. Philippe B. Laval
Associate Professor of Mathematics
Kennesaw State University
1000 Chastain Road
Kennesaw, GA 30144
USA
office: SC 526
Phone: 770-499-3325
fax: 404-364-0552
e-mail: plaval at kennesaw.edu
web: http://science.kennesaw.edu/~plaval
_______________________________________________
rhn-users mailing list
rhn-users at redhat.com
https://www.redhat.com/mailman/listinfo/rhn-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://www.redhat.com/archives/rhn-users/attachments/20061207/c4cbf3df/attachment.html
------------------------------
Message: 4
Date: Thu, 7 Dec 2006 16:57:43 +0000 (GMT)
From: Simon Ball <sball at cromwells.co.uk>
Subject: Re: [rhn-users] Login
To: Discussions about Red Hat Network <rhn-users at redhat.com>
Message-ID:
<18637839.9171165510663324.JavaMail.root at zs1.cromwells.co.uk>
Content-Type: text/plain; charset=utf-8
Please note that this is the RHN list. You would get a better answer on the taroon list. See the list archive for many many instances of such off-topic posting.
----- Original Message -----
From: Cedric Porte <cedric.porte at fr.ibm.com>
To: Discussions about Red Hat Network (rhn.redhat.com) <rhn-users at redhat.com>
Sent: Thursday, December 7, 2006 4:54:54 PM GMT+0000
Subject: Re: [rhn-users] Login
Hi Dr. Laval,
Which protocol do you use to login ? SSH (port 22), Telnet (port 23) ?
I think is more efficient to block access to login for everyone except for authorized IP.
Can you use this politic security in your environment ?
Cordialement,
Cédric Porte
Web Hosting Technical Customer Manager
PHONE: +33 4 92 11 41 77 ( TL : 36-4177)
Email: cedric.porte at fr.ibm.com
"Philippe B. Laval" < plaval at kennesaw.edu >
Sent by: rhn-users-bounces at redhat.com
07/12/2006 17:29
Please respond to
"Discussions about Red Hat Network (rhn.redhat.com)" < rhn-users at redhat.com >
To "'Discussions about Red Hat Network (rhn.redhat.com)'" < rhn-users at redhat.com >
cc
Subject [rhn-users] Login
Running Linux Es 3.0. Is there a way to configure logins so they are rejected after a certain number of failures? I can see from my logs that somebody has been trying to get into my system. They consistently (like every few seconds) try to log in as a certain user. After a while, they give up and try another user. What is the best way to handle this. I would like to be able to set up each account so they are blocked after a certain number of failures. I also would like to be able to block certain IP addresses after a certain number of failed logins, even if they were for different user names.
Thanks
P. Laval
Dr. Philippe B. Laval
Associate Professor of Mathematics
Kennesaw State University
1000 Chastain Road
Kennesaw, GA 30144
USA
office : SC 526
Phone : 770-499-3325
fax : 404-364-0552
e-mail : plaval at kennesaw.edu
web: http://science.kennesaw.edu/~plaval _______________________________________________
rhn-users mailing list
rhn-users at redhat.com
https://www.redhat.com/mailman/listinfo/rhn-users
--
Simon Elliston Ball
Infrastructure Manager
Cromwell Business Systems
Please consider the environment - do you really need to print this email?
This email is sent on behalf of Cromwell Business Systems Ltd. and is strictly confidential and intended solely for the addressee(s). It may contain personal and confidential information and as such may be protected by the Data Protection Act 1998.
If you are not the intended recipient of this email you must: (i) not disclose, copy or distribute its contents to any other person nor use its contents in any way or you may be acting unlawfully; (ii) contact Cromwell Business Systems immediately on +44 (0)1353 650900 quoting the name of the sender and the addressee then delete it from your system.
Any views or opinions expressed within this email are those of the author, and do not necessarily represent those of Cromwell Business Systems.
Cromwell Business Systems have scanned this email for viruses but does not accept any responsibility once this email has been transmitted. You should scan attachments (if any) for viruses.
------------------------------
_______________________________________________
rhn-users mailing list
rhn-users at redhat.com
https://www.redhat.com/mailman/listinfo/rhn-users
End of rhn-users Digest, Vol 34, Issue 2
****************************************
More information about the rhn-users
mailing list