you could also use a little brute force and clear the whole syslog with "> /var/log/messages"
Guy On 15/06/2010, at 12:06 AM, Dan Ryson wrote: > >> On Jun 13, 2010, at 7:27 PM, d...@ryson.org wrote: >> >> >>> Hello all. >>> >>> I have good news; bad news; and a question... >>> >>> Here's the good news: Adaptive Ban has proved very effective at killing >>> break-in attempts from bad-guys. >>> >>> The bad news is: One of our off-site users tried to re-install a >>> soft-phone on his laptop. The user knew his new host address and username >>> but not the secret. Amazingly, the user repeatedly tried to register, >>> which resulted in his dynamic IP address quickly being banned. >>> >>> As you've likely guessed by now, the question is: What's the best >>> procedure for un-banning a host? For now, I've just added the IP address >>> to ADAPTIVE_BAN_WHITELIST, which seems to work. Is there a better way? >>> >>> I'd appreciate your thoughts. >>> >>> Dan >>> >> On 6/13/2010 10:22 PM, Lonnie Abelbeck wrote: >> >> Adding a valid external user's IP address to the ADAPTIVE_BAN_WHITELIST is >> the best approach, as you have done. >> >> When the AstLinux box is rebooted, the RAM based syslog file will be cleared >> and the valid user's dynamic IP will no longer be needed in the whitelist, >> but does no harm. >> >> Lonnie >> >> > Lonnie, Guy, and all: > > Of course! <slap to forehead> The syslog file is in RAM! > > Using Guy's helpful "iptables -L ADAPTIVE_BAN_CHAIN" command and > following a bit of tinkering, it was confirmed that a reboot > successfully clears the block and permits removal of the formerly > blocked IP address from the whitelist. > > Thank you for your thoughts, insight, and advice. > > Take care, > > Dan > > > ------------------------------------------------------------------------------ > ThinkGeek and WIRED's GeekDad team up for the Ultimate > GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the > lucky parental unit. See the prize list and enter to win: > http://p.sf.net/sfu/thinkgeek-promo > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. > > ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
