SSH Dictionary Attacks (does not work with EL3)

Mailing List

Home

Forum Home

Linux - General Red Hat Linux discussion list

Installation - Getting started with Red Hat Linux

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	X Windows problem (xauth)
•	Upgrading openoffice 1 1 rpm
•	FTP: connection refused
•	FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	broadcom network interface
•	make mrproper
•	sendmail configuration on redhat
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	Promise 378 controller
•	kernel 2 6 and /dev/sound/mixer not found
•	Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	Lotus Notes under Wine
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	Command stream end of file while reading
•	rpm database corrupt
•	qla2300 modules

SSH Dictionary Attacks (does not work with EL3)

SSH Dictionary Attacks (does not work with EL3)

2006-01-15 - By Rainer Traut

Back

Reply: 1 2 3 4 5 6 7 8 9 10 >>

Hmm, maybe you're using another version of iptables?

Here is mine:
[root@(protected) root]# rpm -qf /lib/iptables/
iptables-1 (See http://les-1.ora-code.com).2.8-12.3
[root@(protected) root]# rpm -V iptables
[root@(protected) root]# ls -l /lib/iptables/libipt_r*
-rwxr-xr-x 1 root root 5932 17. Dez 2003
/lib/iptables/libipt_rpc.so
[root@(protected) root]

And the line is missing in "/etc/ld.so.conf" but that does not seem to
be the problem. libipt_recent.so is not there anyway.

Thx
Rainer

bob schrieb:
> The script works on my machine, the only diffrence is my kernel and
> yours. Youre running SMP, I am using 2.4.21-32 on EL3
> I get no error messages. iptables -L shows it working fine.. as root
>
> see if U have the line
>
> /lib/iptables
> in file "/etc/ld.so.conf"
>
> else add it then do
>
>
> ldconfig
>
>
> -bob
>
>
> -- -- Original Message -- -- From: "Rainer Traut" <tr.ml@(protected)>
> To: "Discussion of Red Hat Enterprise Linux 3 (Taroon)"
> <taroon-list@(protected)>
> Sent: Friday, January 13, 2006 3:30 AM
> Subject: [Bulk] Re: SSH Dictionary Attacks (does not work with EL3)
>
>
>> Thx for your answer, Bob.
>>
>> bob schrieb:
>>
>>> $IPTABLES -A INPUT -p TCP -m state --state ESTABLISHED,RELATED -j ACCEPT
>>> $IPTABLES -A INPUT -p TCP -m recent --update --seconds 60 --hitcount
>>> 4 -j DROP
>>> #sshd
>>> $IPTABLES -A INPUT -p TCP -i $INET_IFACE -s 0/0 -d 2.3.4.5 --dport
>>> 223 -j ACCEPT
>>
>> Correct me if I'm wrong but you are using the same module here which
>> does not work on EL3.
>> So your script does not apply cleanly on EL3 without getting error
>> messages.
>>
>> My question was if it is somehow possible to use this module as it is
>> obviously built but cannot be used.
>>
>>>> But I have couple of EL3 servers where I wanted to do this.
>>>> But EL3 does not seem to work:
>>>>
>>>> iptables v1.2.8: Couldn't load match
>>>> `recent':/lib/iptables/libipt_recent.so: cannot open shared object
>>>> file: No such file or directory
>>>>
>>>> find /lib/ -iname "*recent*"
>>>> shows:
>>>> /lib/modules/2.4.21-37.ELsmp/kernel/net/ipv4/netfilter/ipt_recent.o
>>
>> Gruss
>> Rainer
>>
>> --
>> Taroon-list mailing list
>> Taroon-list@(protected)
>> https://www.redhat.com/mailman/listinfo/taroon-list
>
> --
> Taroon-list mailing list
> Taroon-list@(protected)
> https://www.redhat.com/mailman/listinfo/taroon-list
>
>

--
Taroon-list mailing list
Taroon-list@(protected)
https://www.redhat.com/mailman/listinfo/taroon-list