On Thu, Aug 7, 2008 at 11:53 PM, Ray Leventhal [EMAIL PROTECTED] wrote:
My US$0.02 on this.I'm a fan of apf as a front-end to iptables...but it
takes some reading to understand the switches and the entire RAB (reactive
address blocking) configuration options. Sadly, RAB is poorly
_
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Noob Centos Admin
Sent: Thursday, August 07, 2008 5:17 AM
To: CentOS mailing list
Subject: Re: [CentOS] Help: Server security compromised?
On Thu, Aug 7, 2008 at 1:54 AM, Sorin Srbu [EMAIL PROTECTED] wrote:
Seen
Noob Centos Admin wrote:
On Thu, Aug 7, 2008 at 1:54 AM, Sorin Srbu [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
Seen this?
http://www.askbjoernhansen.com/2007/09/18/safely_change_firewall_rules_remotely.html
Unfortunately, only after you pointed it out :(
But thankfully
Bent Terp wrote:
On Wed, Aug 6, 2008 at 7:48 AM, Noob Centos Admin
[EMAIL PROTECTED] wrote:
/sbin/iptables -A RH-Firewall-1-INPUT -s 219.64.114.52 -j DROP
I'd recommend you add the extra rules by editing
/etc/sysconfig/iptables instead. At least that way you can be sure
they'll survive
If server is not compromised, just edit the smtp configs to deny acceptance
from that ip block
Why doesn't the server have an ILO port or something to that effect?
- rh
___
CentOS mailing list
CentOS@centos.org
On Wed, Aug 6, 2008 at 3:06 PM, Bent Terp [EMAIL PROTECTED] wrote:
On Wed, Aug 6, 2008 at 8:29 AM, Noob Centos Admin
[EMAIL PROTECTED] wrote:
Since I followed some of the rules about SSH and used a non-standard port
for SSH and disable SSHD listening on the default port 22, I've no way
On Wed, 2008-08-06 at 15:14 +0800, Noob Centos Admin wrote:
.. snip
I did that too, no root login and everytime I have to su from normal
user. It is a pain to work with especially with having to use full
pathnames for commands instead of say just doing a service httpd
restart.
If you use
Hi,
On Wed, Aug 6, 2008 at 3:07 PM, Robert - elists [EMAIL PROTECTED]wrote:
If server is not compromised, just edit the smtp configs to deny acceptance
from that ip block
The EXIM configurations are even more nightmarish than iptables, which at
least made some sort of sense. I've been
Hi,
If you use
su
only, you assume root privileges without the root environment.
Rather do
su -
which gives you the full root environment, including path.
The same holds for other users, i..e
su - joe
switches the user to the user joe with full environment.
Thanks a million for that!
Hi, the more completely you lock down a server, the harder it will be
for you to do some useful work on it.
These matters require a balance between security and ease-of-use for the
admins.
Its especially important not to cut your bridges when administering a
remote server.
Despite many people
A possible remote reboot can be setup from a on that server obscure web
page URL to a privileged script that is password protected
Inexpensive reset button
- rh
___
CentOS mailing list
CentOS@centos.org
Thanks Steward and Robert for those suggestions, they make plenty of sense!.
About the two SSH terminal, if I activate a wrong firewall change that
blocks the SSH port, would it not also terminate the existing terminals
since new packets going in would be rejected, or does it not affect already
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Noob Centos Admin
Sent: Wednesday, August 06, 2008 5:31 PM
To: CentOS mailing list
Subject: Re: [CentOS] Help: Server security compromised?
Thanks Steward and Robert for those suggestions, they make plenty of sense!.
About
On Thu, Aug 7, 2008 at 1:54 AM, Sorin Srbu [EMAIL PROTECTED] wrote:
Seen this?
http://www.askbjoernhansen.com/2007/09/18/safely_change_firewall_rules_remotely.html
Unfortunately, only after you pointed it out :(
But thankfully whoever wrote APF apparently knows this, hence it does insert
an
About the two SSH terminal, if I activate a wrong firewall change that
blocks the SSH port, would it not also terminate the existing
terminals since new packets going in would be rejected, or does it not
affect already established TCP connections?
It depends upon what you are doing and in
15 matches
Mail list logo