 | | | SSH Dictionary Attacks (does not work with EL3) | SSH Dictionary Attacks (does not work with EL3) 2006-01-15 - By Rainer Traut
Back
Thx for your answer, it seems the solution is more simple.
you can just take the el3 srpm and rebuilt it, no need for the el4 rpm
rebuild:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173729
I will try on monday.
Thx
Rainer
Jean-Philippe CIVADE schrieb:
> I had got the same problem. I've solved it by rebuilding the latest version of
> iptables from RHES4, and installed it with rpm -U.
>
> "service iptables restart" doent not anymore complains about missing modules,
> and that works.
>
> rpm -qf /lib/iptables/ give: iptables-1 (See http://les-1.ora-code.com).2.11-3.1.RHEL4
>
> I didn't had enough time to investigate on the real cause. I know this is not
> the best solution for production environnement, since iptables is
> "disconnected" from up2date.
>
> The best solution would be probably to diff the two spec files(RHES3 & RHES4),
> and rebuild after fixing iptables.spec in the RHES3 .src.rpm with information
> took from RHES4 spec file.
>
> That fix will probably be overwritten at the next update of iptables. Hoping
> Redhat fix it... before up2dates.
>
> I don't know exactly why Redhat choose not to fix some mistakes. For example,
> integration of php-snmp in the ACTUAL php branch by fixing the spec file would
> be so simple, and will not have any incidence on the others php binaries. For
> now, this is not done, and if customers have need of php-snmp, the two
> solutions are :
> 1) update to RHES4 (just like 'libipt_recent.so')
> 2) backport fix done in RHES4 to RHES4 each time there's a release...
>
> I don't understand certain redahat choices...
>
>
>>>> bob schrieb:
>>>>
>>>>> $IPTABLES -A INPUT -p TCP -m state --state ESTABLISHED,RELATED -j ACCEPT
>>>>> $IPTABLES -A INPUT -p TCP -m recent --update --seconds 60 --hitcount
>>>>> 4 -j DROP
>>>>> #sshd
>>>>> $IPTABLES -A INPUT -p TCP -i $INET_IFACE -s 0/0 -d 2.3.4.5 --dport
>>>>> 223 -j ACCEPT
>>>> Correct me if I'm wrong but you are using the same module here which
>>>> does not work on EL3.
>>>> So your script does not apply cleanly on EL3 without getting error
>>>> messages.
>>>>
>>>> My question was if it is somehow possible to use this module as it is
>>>> obviously built but cannot be used.
>>>>
>>>>>> But I have couple of EL3 servers where I wanted to do this.
>>>>>> But EL3 does not seem to work:
>>>>>>
>>>>>> iptables v1.2.8: Couldn't load match
>>>>>> `recent':/lib/iptables/libipt_recent.so: cannot open shared object
>>>>>> file: No such file or directory
>>>>>>
>>>>>> find /lib/ -iname "*recent*"
>>>>>> shows:
>>>>>> /lib/modules/2.4.21-37.ELsmp/kernel/net/ipv4/netfilter/ipt_recent.o
>>>> Gruss
>>>> Rainer
--
Taroon-list mailing list
Taroon-list@(protected)
https://www.redhat.com/mailman/listinfo/taroon-list
|
|
|