Re: [CentOS] Problem with disconnecting SSH-sessions
On 12/26/2019 08:13 PM, Gordon Messmer wrote: > On 12/26/19 2:49 PM, H wrote: >> I just looked at the settings in /etc/ssh/ssh_config on the workstation - >> which should apply to all users on it - I already had: >> >> Host * >> TCPKeepAlive yes >> ServerAliveInterval 60 > > > Well, keep-alive options would only make a difference if the problem were a > DNAT timeout. If it's some other limitation imposed on DNAT, those won't > have any effect. > > If you can reproduce this reliably and have admin access to both the server > and client, you can determine whether the router is the problem: > > 1) Start an scp transfer of a large file > > 2) Use netstat or ss on the client to determine what port the client is using > for the SSH connection > > 3) Use netstat or ss on the server to determine what port the client is using > (NAT will probably change both the client's address and port) > > 4) Run "tcpdump -nn host and port " on the > client, using the values from step 2 > > 5) Run "tcpdump -nn host and port " on the > server, using the values from step 3 > > 6) Wait for the transfer to terminate > > I expect that when the client terminates, you'll see a TCP reset packet at > the end of the output from tcpdump on the client side, but you won't see that > packet in the tcpdump output on the server side. If so, then the router is > sending the TCP reset, and you'll need to work with its owners to resolve the > problem. > > Incidentally, why are you connecting to an internal resource through an > external address (NAT)? Are you unable to connect directly to its internal > address? > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos Thank you very much, very nice summary! The only thing I needed to add was the specific ethernet port in tcpdump, eg tcdump -i However, after you posted the above, I have not had this problem... Might come back though. As for the reason I am using the external address when the internal address suffices is that I access the same server externally as well. For simplicity I used the external address in both scenarios. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Blocking attacks from a range of IP addresses
On 01/09/2020 02:09 PM, Pete Biggs wrote: >>> As far as I can see fail2ban only deals with hosts and not networks - I >>> suspect the issue is what is a "network": It may be obvious to you >>> looking at the logs that these are all related, but you run the risk >>> that getting denied accesses from, say, 1.0.0.1 and 1.1.0.93 and >>> 1.2.0.124 may be interpreted as a concerted attack and you banning half >>> the internet - but that may not be a bad thing :-) >>> >> Since you can configure fail2ban to invoke scripts, I would think it >> would be possible to get it to block CIDRs (variable size subnets, i.e. >> 12.12.0.0/20). That said, I don't have a quick and easy implementation >> on hand. > The OP was looking for an automated way of fail2ban doing it - he had > already sorted out the network range and had stopped this particular > DoS attack. > > P. > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos Correct. I appreciate all the replies but I used /etc/hosts.deny to deny this network range of attacks. Again, the reason that fail2ban failed to catch it was that the attacks were coming from a wide range of subnet addresses and were only caught by reviewing the log. It would be nice, however, to have a fail2ban expression that allowed me to catch the /16 range of addresses needed here. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 32 Bits install.
> > Hi all, > > > > Question : Can I install Centos7 32 Bits on a computer i386 32 bits little > indian pentium III Copermine Model8 Cpufamily 6 CpuMhz 863.979 (lscpu) > grep -i pae /proc/cpuinfo gives a flag pae . I tried that on a Dell Intel(R) Celeron(R) CPU 2.10GHz, and the performance was unusable. Then, I tried Lubuntu 32 (a streamlined Ubuntu distro) and got very acceptable performance. Todd Merriman Software Toolz, Inc. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 32 Bits install.
On Sun, Jan 12, 2020 at 7:55 AM Ger van Dijck wrote: > Question : Can I install Centos7 32 Bits on a computer i386 32 bits > little > indian pentium III Copermine Model8 Cpufamily 6 CpuMhz 863.979 (lscpu) > grep -i pae /proc/cpuinfo gives a flag pae . > Thats a 20 year old computer. It likely uses a bunch of really obsolete stuff like AGP video. Personally, I wouldn't even try, C7 32 bit is something of a bastard child in that RHEL 7 is 64 bit only, and there's very little usage or testing on the centos-only 32 bit version. -- -john r pierce recycling used bits in santa cruz ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Centos 7 32 Bits install.
Hi all, Question : Can I install Centos7 32 Bits on a computer i386 32 bits little indian pentium III Copermine Model8 Cpufamily 6 CpuMhz 863.979 (lscpu) grep -i pae /proc/cpuinfo gives a flag pae . I am very curieus, Ger van Dijck. -- Using Opera's mail client: http://www.opera.com/mail/ ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Block attacks from a range of IP addresses
Hi, I'm using sshguard to acomplish this. You can acutally choose tthe size of the range you want to block, /8 of /16, no problem. It works perfect! It is included in the repo both for C7 and C8. Adrian -- Adri P. van Bloois "Elegance is not a dispensable luxury but a factor that decides between success and failure." Edsger W. Dijkstra ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos