Weblogs for chr0nik
#2
Posted by chr0nik on Sun 25 Jun 2006 at 05:55
I've enjoyed Debian for years. I've run Debian on a ~10 year old Dell Dimension XPS T450 desktop which now hosts my playground/personal domain as well. I've just finished burning a fresh netinst CD and I can't wait to see Debian revive this crusty laptop. My hope is to make it my database server. I wonder how smooth the transition will be for gallery, wordpress, phpmyadmin and tomcat to look to this new old box for mysql connections. Like I said, I can't wait. :)
#1
Posted by chr0nik on Fri 14 Apr 2006 at 04:32
I wrote an article about blockhosts. I thought that was the end of this. Apparently I didn't think or test well enough or both.
I know, I can solve this with denyhosts, iptables and other methods but I'd really like to fix the problem with the tools I have rather than moving on (again) because I can't make it work. I do that enough as it is with every other problem I run into... or I just give up. I'm a wannabe Linux admin at heart, but still little more than an eager, happy fool.
Some pest has been attacking me for months now trying to log in to vsftpd as Administrator. His IP always changes and it's always spoofed; I know this because I've done the minimal research required to associate phone numbers with IPs and called folks before. Now multiple machines attack me similarly yet enough to cause denial of service, all spoofed.
How does one make vsftpd very secure? When run through inetd, the same process stays running throughout the entire attack and only hits hosts.allow on the initial login attempt. When run standalone, it hangs after accepting a password as if its tcp wrappers implementation has issue with what I'm asking it to do.
Today, during a matter of hours, I thought maybe my Internet connection at home was down because the homestead was inaccessible from my office. Ha. ~10,000 failed login attempts from 3 machines during that time period. Neat.
I'll figure it out GD it.
I know, I can solve this with denyhosts, iptables and other methods but I'd really like to fix the problem with the tools I have rather than moving on (again) because I can't make it work. I do that enough as it is with every other problem I run into... or I just give up. I'm a wannabe Linux admin at heart, but still little more than an eager, happy fool.
Some pest has been attacking me for months now trying to log in to vsftpd as Administrator. His IP always changes and it's always spoofed; I know this because I've done the minimal research required to associate phone numbers with IPs and called folks before. Now multiple machines attack me similarly yet enough to cause denial of service, all spoofed.
How does one make vsftpd very secure? When run through inetd, the same process stays running throughout the entire attack and only hits hosts.allow on the initial login attempt. When run standalone, it hangs after accepting a password as if its tcp wrappers implementation has issue with what I'm asking it to do.
Today, during a matter of hours, I thought maybe my Internet connection at home was down because the homestead was inaccessible from my office. Ha. ~10,000 failed login attempts from 3 machines during that time period. Neat.
I'll figure it out GD it.