On Sun 14 Aug 2022 at 05:35:17 (+), Marco wrote:
> Am 13. Aug 2022, um 23:42:17 Uhr schrieb David Wright:
>
> > AFAICT the rest of your post is concerned with global IPv6 addresses
> > rather than local (ULA) ones, which is why the prefix for the home
> > LAN has to be given to you rather
* On 2022 14 Aug 09:09 -0500, Lee wrote:
> On 8/14/22, David Wright wrote:
> > On Sat 13 Aug 2022 at 19:23:46 (+0100), piorunz wrote:
> >> On 13/08/2022 18:30, Lee wrote:
> >> > I just noticed that the netperf package is in the [non-free] repository
> >> >
Am So., 14. Aug. 2022 um 16:42 Uhr schrieb Reco :
> whois, geoiplookup, even https://bgp.he.net .
> Whatever works, basically.
> Last one is my favorite as it shows all IP blocks assigned to AS.
> Really helpful with spammer nests such as outlook.com (AS8075) or
> DigitalOcean (AS14061).
>
> > Is
On 8/14/22, Matthias Böttcher wrote:
> Am So., 14. Aug. 2022 um 09:51 Uhr schrieb Reco :
>
>> Personally I don't use fail2ban for sshd. Because why bother with
>> userspace (written in python too, yuck) if the kernel does the same job?
>> I.e. block M$ AS, China Telecom AS and maybe add Eastern
On Sun, 14 Aug 2022 16:07:03 +0200
Matthias Böttcher wrote:
> Am So., 14. Aug. 2022 um 09:51 Uhr schrieb Reco
> :
>
> > Personally I don't use fail2ban for sshd. Because why bother with
> > userspace (written in python too, yuck) if the kernel does the same
> > job? I.e. block M$ AS, China
Hi.
On Sun, Aug 14, 2022 at 04:07:03PM +0200, Matthias Böttcher wrote:
> how do I block these ip ranges?
The usual way.
iptables -I INPUT -s -p tcp --dport 22 \
-m conntrack --ctstate NEW -j DROP
or, if the source IP is an actual IPv6 (a rare thing in my experience):
On 8/14/22, David Wright wrote:
> On Sat 13 Aug 2022 at 19:23:46 (+0100), piorunz wrote:
>> On 13/08/2022 18:30, Lee wrote:
>> > I just noticed that the netperf package is in the [non-free] repository
>> >https://packages.debian.org/bullseye/netperf
>> > which seems wrong.
<.. snip ..>
>> It
Am So., 14. Aug. 2022 um 09:51 Uhr schrieb Reco :
> Personally I don't use fail2ban for sshd. Because why bother with
> userspace (written in python too, yuck) if the kernel does the same job?
> I.e. block M$ AS, China Telecom AS and maybe add Eastern Europe to the
> mix, and you've just reduced
Hi.
On Sun, Aug 14, 2022 at 09:16:25AM -0400, Stefan Monnier wrote:
> > In fact, I'd restrict allowed SSH algorithms like this:
> >
> > Ciphers chacha20-poly1...@openssh.com,aes256-...@openssh.com
> > MACs
> >
On 8/13/22, piorunz wrote:
> On 13/08/2022 18:30, Lee wrote:
>> I just noticed that the netperf package is in the [non-free] repository
>>https://packages.debian.org/bullseye/netperf
>> which seems wrong.
>>
>> Is the MIT license really not compatible with open source or is the
>> netperf
On 14/08/2022 05:42, David Wright wrote:
The version in bullseye looks as if it was built on 15 November 2020 …
Perhaps package needs updating in Debian repository
… and has not yet needed upgrading for bookworm AFAICT (amd64).
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003833
Such an excellent advice! Thank you for having taken the time to post this.
Yesterday, i was desperate after 24h of running in circles with a
scripting problem. When i decided to post a question in here, it took me
at least one hour to complete the writing and the gathering of
information.
Hi.
On Sun, Aug 14, 2022 at 08:57:47AM +0200, Maurizio Caloro wrote:
> Thanks for you answer, yes add aggressive to mode, restart services and add
> to ssh_config
>
> Host *
> HostKeyAlgorithms +ssh-rsa,ssh-dss
> PubkeyAcceptedKeyTypes +ssh-rsa,ssh-dss
Please do not do this
On Sat, Aug 13, 2022 at 07:42:28PM +0200, Maurizio Caloro wrote:
>As /etc/fail2ban/filter.d/sshd.conf shows, "no matching host key type"
>messages are specifically ignored by Mode=normal.
>Try setting Mode=aggressive, it should catch those.
>
>Of course, DROPping ssh connections from AS28594
14 matches
Mail list logo
