On Mon, 2008-01-07 at 10:46 -0700, Jay wrote: > On Mon, 7 Jan 2008, Craig White wrote: > > > gee...you're the security expert > > > Perhaps, but that does not make me an expert on the funkiness of every > piece of security-related software. :) > > > > Do you have something like denyhosts (I vaguely recall something else > > like it that starts with a 'p') that periodically scans logs for login > > failures via ssh and adds rules to iptables which would require a > > stop/start of iptables rules? > > > Nah, nothing dynamic at all. Even if it were, this is not a host or even > port level issue... When it is not working, notice nmap shows all other > ports as **closed** (meaning no filtering is happening, meaning iptables > is not even intercepting packets at all), versus when it is working, all > other ports show **filtered** (meaning iptables is grabbing the packets > and doing its thing). ---- OK, it was silly of me to think that I might be of some help but just in case, you might want to swap hub/switch and if you have to hop through a router, try eliminating them from the equation. Other than that, I am done because you clearly know more about this stuff than I will ever know.
Craig --------------------------------------------------- PLUG-discuss mailing list - [email protected] To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
