you could also use a little brute force and clear the whole syslog with
"> /var/log/messages"
Guy
On 15/06/2010, at 12:06 AM, Dan Ryson wrote:
>
>> On Jun 13, 2010, at 7:27 PM, d...@ryson.org wrote:
>>
>>
>>> Hello all.
>>>
>>> I have good news; bad news; and a question...
>>>
>>> Here's t
> On Jun 13, 2010, at 7:27 PM, d...@ryson.org wrote:
>
>
>> Hello all.
>>
>> I have good news; bad news; and a question...
>>
>> Here's the good news: Adaptive Ban has proved very effective at killing
>> break-in attempts from bad-guys.
>>
>> The bad news is: One of our off-site users tried
ahhh of course, parses the whole syslog each time, didn't think of that,
thanks
On 14/06/2010, at 1:01 PM, Lonnie Abelbeck wrote:
> Guy,
>
> Your solution will only work for a minute or two, until the syslog is
> re-examined and re-adds the banned host.
>
> I suppose you could edit the /var/
Guy,
Your solution will only work for a minute or two, until the syslog is
re-examined and re-adds the banned host.
I suppose you could edit the /var/log/messages file and remove the unwanted
logs containing the valid IP address, but that is a little hackish.
Lonnie
On Jun 13, 2010, at 9:49
you could also do this to unban a banned IP
ssh or login to your AstLinux
type the following command to view banned IP's "iptables -L ADAPTIVE_BAN_CHAIN"
Count the line number to the ip address you wish to unban (see example below),
eg in my example I want to unban 124.8.0., which is on LIN
On Jun 13, 2010, at 7:27 PM, d...@ryson.org wrote:
> Hello all.
>
> I have good news; bad news; and a question...
>
> Here's the good news: Adaptive Ban has proved very effective at killing
> break-in attempts from bad-guys.
>
> The bad news is: One of our off-site users tried to re-inst
