Page 437 of 459
World's Longest Thread
Posted: Thu Jun 19, 2008 2:18 am
by Chris Vogel
Cisco_Kid wrote: waste of time? how else would we know where the
Undisclosed location mentioned so frequently is?
I’m angered, nervous, and
honored that my server is the target of brute force:
/var/log/auth.log wrote: […]
Jun 18 06:26:50 chrisvogel sshd[27530]: Invalid user party from xx.xxx.xxx.xxx
Jun 18 06:26:50 chrisvogel sshd[27530]: pam_unix(sshd:auth): check pass; user unknown
Jun 18 06:26:50 chrisvogel sshd[27530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=xx.xxx.xxx.xxx
Jun 18 06:26:52 chrisvogel sshd[27530]: Failed password for invalid user party from xx.xxx.xxx.xxx port 38844 ssh2
[…]
I neglected to mention that I switched to
Linode, a VPS provider. VPS in any form is
beyond excessive, of course, but I enjoy configuring and maintaining (and breaking) everything myself.
Archived topic from Anythingforums, old topic ID:4, old post ID:66184
World's Longest Thread
Posted: Tue Jun 24, 2008 4:20 am
by Gubs
Was talking to a friend, we were going over all the cool stuff that happens in Canada. Point being that near the end of that conversation we just said "lets just move to Canada". Then we were seriously thinking about it..
Archived topic from Anythingforums, old topic ID:4, old post ID:66216
World's Longest Thread
Posted: Tue Jun 24, 2008 6:04 pm
by Red Squirrel
Chris Vogel wrote: Cisco_Kid wrote: waste of time? how else would we know where the
Undisclosed location mentioned so frequently is?
I’m angered, nervous, and
honored that my server is the target of brute force:
/var/log/auth.log wrote: […]
Jun 18 06:26:50 chrisvogel sshd[27530]: Invalid user party from xx.xxx.xxx.xxx
Jun 18 06:26:50 chrisvogel sshd[27530]: pam_unix(sshd:auth): check pass; user unknown
Jun 18 06:26:50 chrisvogel sshd[27530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=xx.xxx.xxx.xxx
Jun 18 06:26:52 chrisvogel sshd[27530]: Failed password for invalid user party from xx.xxx.xxx.xxx port 38844 ssh2
[…]
I neglected to mention that I switched to
Linode, a VPS provider. VPS in any form is
beyond excessive, of course, but I enjoy configuring and maintaining (and breaking) everything myself.
I don't understand why ssh (or any other server app) does not have built in brute force detection. Ex: same IP fails 3 times, lock them out for 5 minutes. They fail again after that, lock them out for an hour. They fail again after that, 24 hours and so on. There is a program called fail2ban that checks logs and does this though.
Also, switch to a non standard port, at least most bots wont bother checking the other ports so you'll save a few GB of bandwidth per month.
Archived topic from Anythingforums, old topic ID:4, old post ID:66217
World's Longest Thread
Posted: Tue Jun 24, 2008 6:11 pm
by Clueless
so me and my boyfriend toiletpapered our youth leaders car the other night and now we're pretty much in for it. he keeps telling us he has a video camera and that revenge is sweet. hehe it was fun tho. we had chalk so i wrote "your mother was a hamster and your father smelt of elderberries!" in his driveway
Archived topic from Anythingforums, old topic ID:4, old post ID:66219
World's Longest Thread
Posted: Tue Jun 24, 2008 10:24 pm
by Chris Vogel
Red Squirrel wrote: I don't understand why ssh (or any other server app) does not have built in brute force detection.
I think it’s more efficient and less error-prone to have a firewall do that than having every application waste time with their own implementation. I’ve set up iptables to limit SSH attempts to three per minute per IP address, which has gotten daily attempts down to the single digits – five in the last two days versus a daily average of 230.
Red Squirrel wrote: There is a program called fail2ban that checks logs and does this though.
There are several scripts like that, but I suspect the resources spent on checking the logs outweigh the resources wasted by the SSH attempts. (I’m not actually concerned about them
breaking in.)
Red Squirrel wrote: Also, switch to a non standard port, at least most bots wont bother checking the other ports so you'll save a few GB of bandwidth per month.
I was debating that when I set up SSH; I just didn’t want to remember the little colon.
Archived topic from Anythingforums, old topic ID:4, old post ID:66221
World's Longest Thread
Posted: Wed Jun 25, 2008 5:13 pm
by Red Squirrel
What do you use to detect the attempts? iptables can block them, but you still need something to detect them then set the ip block.
I run my ssh on weird port, like 34. OR if you really want to mess up people run it on port 143 then run https on port 22.
Archived topic from Anythingforums, old topic ID:4, old post ID:66225
World's Longest Thread
Posted: Wed Jun 25, 2008 7:12 pm
by Chris Vogel
Red Squirrel wrote: What do you use to detect the attempts? iptables can block them, but you still need something to detect them then set the ip block.
iptables monitors the traffic on port 22 and throttles the attempts with
ipt_recent.
I also manually grep
/var/log/auth.log and other logs on a daily basis to see what’s going on. (I’ve been using Linux exclusively for two years and just now realized the beauty of
grep.)
Red Squirrel wrote: I run my ssh on weird port, like 34. OR if you really want to mess up people run it on port 143 then run https on port 22.
Switching to a nonstandard port will probably be my next step, but I don’t mind the current number of attempts. (I will change the 60-second timeout to something longer though.)
Archived topic from Anythingforums, old topic ID:4, old post ID:66227
World's Longest Thread
Posted: Wed Jun 25, 2008 7:26 pm
by Red Squirrel
Cool had no idea iptables could look at packets at that level, considering in the case of ssh it would even have to decrypt it so it knows what is happening (ex: user trying to log in and failing)
I had a fun idea actually, think I'm going to do this. Code a server app that listens on a bunch of random ports, if if it detects any connections to those ports it just blocks that IP. Unless advertised somewhere there is no reason for someone to connect to those ports. So port scanners would hit those up then just block themselves.
Win.
Archived topic from Anythingforums, old topic ID:4, old post ID:66228
World's Longest Thread
Posted: Thu Jun 26, 2008 1:11 am
by Chris Vogel
Red Squirrel wrote: Cool had no idea iptables could look at packets at that level, considering in the case of ssh it would even have to decrypt it so it knows what is happening (ex: user trying to log in and failing)
I don’t think iptables does that, because it’s also limiting
me to three
authenticated sessions per minute. (I’ve logged in and then back out of three sessions one at a time as well as all at once, and I couldn’t create a fourth one in either case.)
My understanding of TCP is sketchy, but I think iptables just counts connections. Attackers would have their connections immediately terminated upon presenting the wrong credentials, so they would have to open another connection. My authenticated connection, on the other hand, would stay opened until I decided to log out, which is typically several minutes after opening it. I don’t think iptables can actually read the data, but it can monitor the connections.
I should put this rule on port 80.
Archived topic from Anythingforums, old topic ID:4, old post ID:66233
World's Longest Thread
Posted: Thu Jun 26, 2008 1:49 am
by Chris Vogel
Falling…out…of…my…chair!
http://diveintomark.org/archives/2008/06/19/teach-the-controversy wrote: Barack Obama is a DEVOUT CHRISTIAN. His favorite book is the BIBLE, which he has memorized. His name means HE WHO LOVES JESUS in the ancient language of Aramaic, which is the language JESUS SPOKE before he learned English. He is PROUD that Jesus was an American.
Archived topic from Anythingforums, old topic ID:4, old post ID:66236
World's Longest Thread
Posted: Thu Jun 26, 2008 2:10 am
by Cisco_Kid
Chris Vogel wrote: Falling…out…of…my…chair!
http://diveintomark.org/archives/2008/06/19/teach-the-controversy wrote: Barack Obama is a DEVOUT CHRISTIAN. His favorite book is the BIBLE, which he has memorized. His name means HE WHO LOVES JESUS in the ancient language of Aramaic, which is the language JESUS SPOKE before he learned English. He is PROUD that Jesus was an American.
that is great comedy. What form of english was there 2000 years ago, or is my knowledge of linguistics that off?
Listening to Roy Roger's pitch Post cereal on a 1951 broadcast of his radio show and the show such as it is, interesting....Dale and Roy are closer to the Lone Ranger than Gunsmoke. edit2: which was the obvious expectations.
Archived topic from Anythingforums, old topic ID:4, old post ID:66237
World's Longest Thread
Posted: Fri Jun 27, 2008 10:58 pm
by Chris Vogel
It’s Friday night, and I’m the only one here.
Archived topic from Anythingforums, old topic ID:4, old post ID:66238
World's Longest Thread
Posted: Sat Jun 28, 2008 12:12 am
by Gubs
I'm here as well just browsing the web looking for cars.
Archived topic from Anythingforums, old topic ID:4, old post ID:66239
World's Longest Thread
Posted: Sat Jun 28, 2008 1:33 am
by Red Squirrel
LOL Jesus was American? Did America even EXIST then? lmao.
Archived topic from Anythingforums, old topic ID:4, old post ID:66240
World's Longest Thread
Posted: Sat Jun 28, 2008 2:07 am
by Chris Vogel
I remember the name Jesús being banned when we picked our Spanish names in Spanish class. I wanted to be Rafael anyway.
Archived topic from Anythingforums, old topic ID:4, old post ID:66243
World's Longest Thread
Posted: Sat Jun 28, 2008 3:14 am
by Gubs
I think I picked Pablo back in middle school.
I also just finished watching Crank. Wow.. what a waste of time. Jason Statham is a really good actor, but, he keeps getting in these crappy movies with stupid directors and producers.
Archived topic from Anythingforums, old topic ID:4, old post ID:66244
World's Longest Thread
Posted: Sat Jun 28, 2008 3:29 am
by Chris Vogel
Gubs wrote: I also just finished watching Crank. Wow.. what a waste of time. Jason Statham is a really good actor, but, he keeps getting in these crappy movies with stupid directors and producers.
So I take it you’re watching
the sequel?
http://www.imdb.com/title/tt1121931/ wrote: Chelios faces a Chinese mobster who has stolen his nearly indestructible heart and replaced it with a battery-powered ticker that requires regular jolts of electricity to keep working.
I recently rediscovered a movie I used to watch as a kid:
East–West. I wonder if I would still like it.
Archived topic from Anythingforums, old topic ID:4, old post ID:66245
World's Longest Thread
Posted: Sat Jun 28, 2008 11:58 am
by Gubs
Chris Vogel wrote: Gubs wrote: I also just finished watching Crank. Wow.. what a waste of time. Jason Statham is a really good actor, but, he keeps getting in these crappy movies with stupid directors and producers.
So I take it you’re watching
the sequel?
@^*&! #&^!@ #^!% (O@* !^... f**#
And its directed by the same two as Crank. I was afraid this was going to happen.. when he bounces off the car and falls near a camera, he blinks.
Course he had about 45 seconds of free fall time to leave a message for Amy after he fell out of a chopper before he
bounced off a car and landed about 30-40 feet away from it.
The plot was good, the directing was crap. Jason's acting was awesome, and then there is Amy Smarts character, (I hope shes not really like that outside of acting) with her character its no wonder why most people usually think blonds are..... eh I won't finish that sentence.
Archived topic from Anythingforums, old topic ID:4, old post ID:66246
World's Longest Thread
Posted: Sun Jun 29, 2008 12:12 am
by manadren
I kinda liked Crank. It was horribly stupid, but in a fun way. Not exactly a masterpiece, but very popcorn.
Archived topic from Anythingforums, old topic ID:4, old post ID:66247
World's Longest Thread
Posted: Sun Jun 29, 2008 1:25 pm
by Clueless
yay! my ACT score finally came and i got a 30!
Archived topic from Anythingforums, old topic ID:4, old post ID:66250
World's Longest Thread
Posted: Sun Jun 29, 2008 5:13 pm
by Chris Vogel
Clueless wrote: yay! my ACT score finally came and i got a 30!
Congratulations! What was your highest subscore?
Archived topic from Anythingforums, old topic ID:4, old post ID:66252
World's Longest Thread
Posted: Sun Jun 29, 2008 11:46 pm
by Cisco_Kid
Clueless wrote: yay! my ACT score finally came and i got a 30!
too lazy to google or investigate otherwise - what is the range of scores on a ACT test? Is that test something like the SAT (I remember that goes to 1200)? Never took either one of those back in my high school days if memory serves.
Archived topic from Anythingforums, old topic ID:4, old post ID:66255
World's Longest Thread
Posted: Sun Jun 29, 2008 11:48 pm
by Red Squirrel
I took the easy way out in school when it came to acting class. I did the lightning, aka button pusher.
Archived topic from Anythingforums, old topic ID:4, old post ID:66256
World's Longest Thread
Posted: Sun Jun 29, 2008 11:58 pm
by Chris Vogel
Cisco_Kid wrote: too lazy to google or investigate otherwise - what is the range of scores on a ACT test?
36.
According to ACT, the average 2007 composite score was 21.2.
I took the ACT
once. You couldn’t pay me enough to take it the number of times my friends did.
Archived topic from Anythingforums, old topic ID:4, old post ID:66257
World's Longest Thread
Posted: Mon Jun 30, 2008 2:20 am
by manadren
I never took the ACT. Mind you I did take the PSAT, SAT and one of the SAT II tests.
Archived topic from Anythingforums, old topic ID:4, old post ID:66258