<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 1/10/2013 4:09 AM, Greg Kuhnert
wrote:<br>
</div>
<blockquote
cite="mid:0C890953-0193-46C6-AE40-E7DBADAC7DCC@compassnetworks.com.au"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<base href="x-msg://966/">
<div>DFIX is available for all versions of Blueonyx.</div>
<div><br>
</div>
<div>Regards,</div>
<div>Greg.</div>
<div><br>
</div>
<br>
<div>
<div>On 10/01/2013, at 9:22 PM, Steffan <<a
moz-do-not-send="true" href="mailto:mailinglist@tikklik.nl">mailinglist@tikklik.nl</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<blockquote type="cite">
<div link="blue" vlink="purple" style="font-family: Helvetica;
font-size: medium; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: 2; text-align: -webkit-auto; text-indent:
0px; text-transform: none; white-space: normal; widows: 2;
word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; " lang="NL">
<div class="WordSection1" style="page: WordSection1; ">
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><span
style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); ">Hello Greg,<o:p></o:p></span></div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><span
style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); "> </span></div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><span
style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); ">Is the DFIX
allready for 5107, in the past ity only worked on 5106<o:p></o:p></span></div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><span
style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); "> </span></div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><span
style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); "> </span></div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><span
style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); ">Thanxs<o:p></o:p></span></div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><span
style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); "><br>
Steffan<o:p></o:p></span></div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><span
style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); "> </span></div>
<div>
<div style="border-style: solid none none;
border-top-width: 1pt; border-top-color: rgb(181, 196,
223); padding: 3pt 0cm 0cm; ">
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><b><span
style="font-size: 10pt; font-family: Tahoma,
sans-serif; ">Van:</span></b><span
style="font-size: 10pt; font-family: Tahoma,
sans-serif; "><span class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="mailto:blueonyx-bounces@mail.blueonyx.it"
style="color: purple; text-decoration:
underline; ">blueonyx-bounces@mail.blueonyx.it</a><span
class="Apple-converted-space"> </span>[<a class="moz-txt-link-freetext" href="mailto:blueonyx">mailto:blueonyx</a>-<a
moz-do-not-send="true"
href="mailto:bounces@mail.blueonyx.it"
style="color: purple; text-decoration:
underline; ">bounces@mail.blueonyx.it</a>]<span
class="Apple-converted-space"> </span><b>Namens<span
class="Apple-converted-space"> </span></b>Greg
Kuhnert<br>
<b>Verzonden:</b><span
class="Apple-converted-space"> </span>woensdag 9
januari 2013 20:43<br>
<b>Aan:</b><span class="Apple-converted-space"> </span>BlueOnyx
General Mailing List<br>
<b>Onderwerp:</b><span
class="Apple-converted-space"> </span>[BlueOnyx:11954]
Re: Blocking brute force SSH login attempts<o:p></o:p></span></div>
</div>
</div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><o:p> </o:p></div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">DFIX is a
free product available from the new combined Compass /
BlueOnyx / Solarspeed stores. It blocks SSH brute
force attacks and much more. To get DFIX, you will
need to register to one of the stores if you have not
already done so, and "purchase" the free bundle for
$0. You can then install via NewLinQ.<o:p></o:p></div>
</div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><o:p> </o:p></div>
</div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">Note: Anyone
who has previously had an account with either
Solarspeed or Compass, you should first try to reset
your password in the new store - and then connect to
NewLinQ using the instructions at the link below. It
is important for all clients to perform this step to
get access to any updates/patches for any of your
purchases.<o:p></o:p></div>
</div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><o:p> </o:p></div>
</div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">The
instructions to connect to NewLinQ are here. <a
moz-do-not-send="true"
href="http://www.compassnetworks.com.au/delivery"
style="color: purple; text-decoration: underline; ">http://www.compassnetworks.com.au/delivery</a><o:p></o:p></div>
</div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><o:p> </o:p></div>
</div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">Regards,<o:p></o:p></div>
</div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">Greg.<o:p></o:p></div>
</div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><o:p> </o:p></div>
</div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><o:p> </o:p></div>
<div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">On
10/01/2013, at 1:14 AM, Fungal Style <<a
moz-do-not-send="true"
href="mailto:wayin@hotmail.com" style="color:
purple; text-decoration: underline; ">wayin@hotmail.com</a>>
wrote:<o:p></o:p></div>
</div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><br>
<br>
<o:p></o:p></div>
<div>
<div>
<div style="margin: 0cm 0cm 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; "><span
style="font-size: 10pt; font-family: Tahoma,
sans-serif; ">As far as I know... yes and
no....<br>
<br>
BO will block accounts and IPs that are
attempted to be brute forced, but the account
needs to exist, well that has been my
experience....<br>
<br>
I tend to use the iptables and block /32 or if
it is from China or other known hacking
countries then a /24 is a minimum...<span
class="apple-converted-space"> </span><br>
<br>
I have been thinking of routing everything
through a firewall or sorts so that the
hackers will usually hit it first then get the
IP blocked (as all other servers would be on a
virtual LAN)... or something like that.... but
it needs more thought at this stage and I just
dont have the time to look too far into it.<br>
<br>
If anyone has a good solution (preferrably
free) then I am open to suggestions too (much
like most on this list I would assume).<br>
<br>
HTH<br>
<br>
Brian<br>
<o:p></o:p></span></div>
<div>
<div class="MsoNormal" style="margin: 0cm 0cm
0.0001pt; font-size: 12pt; font-family: 'Times
New Roman', serif; text-align: center; "
align="center"><span style="font-size: 10pt;
font-family: Tahoma, sans-serif; ">
<hr id="stopSpelling" align="center"
size="2" width="100%"></span></div>
<p class="MsoNormal" style="margin: 0cm 0cm
12pt; font-size: 12pt; font-family: 'Times New
Roman', serif; "><span style="font-size: 10pt;
font-family: Tahoma, sans-serif; ">From:<span
class="apple-converted-space"> </span><a
moz-do-not-send="true"
href="mailto:james@slor.net" style="color:
purple; text-decoration: underline; ">james@slor.net</a><br>
To:<span class="apple-converted-space"> </span><a
moz-do-not-send="true"
href="mailto:blueonyx@blueonyx.it"
style="color: purple; text-decoration:
underline; ">blueonyx@blueonyx.it</a><br>
Date: Wed, 9 Jan 2013 09:07:31 -0500<br>
Subject: [BlueOnyx:11940] Blocking brute
force SSH login attempts<o:p></o:p></span></p>
<div>
<div>
<div style="margin: 0cm 0cm 0.0001pt;
font-size: 12pt; font-family: 'Times New
Roman', serif; "><span style="font-size:
10pt; font-family: Tahoma, sans-serif; ">Is
there a simple way in BlueOnyx to
auto-block hosts that fail to login via
SSH too many times? Something similar
to the Failed Logins settings for the
BlueOnyx login page but for SSH?<o:p></o:p></span></div>
</div>
<div style="margin: 0cm 0cm 0.0001pt;
font-size: 12pt; font-family: 'Times New
Roman', serif; "><span style="font-size:
10pt; font-family: Tahoma, sans-serif; "> <o:p></o:p></span></div>
<div>
<div style="margin: 0cm 0cm 0.0001pt;
font-size: 12pt; font-family: 'Times New
Roman', serif; "><span style="font-size:
10pt; font-family: Tahoma, sans-serif; ">thanks<o:p></o:p></span></div>
</div>
</div>
<div style="margin: 0cm 0cm 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; "><span
style="font-size: 10pt; font-family: Tahoma,
sans-serif; "><br>
_______________________________________________
Blueonyx mailing list<span
class="apple-converted-space"> </span><a
moz-do-not-send="true"
href="mailto:Blueonyx@mail.blueonyx.it"
style="color: purple; text-decoration:
underline; ">Blueonyx@mail.blueonyx.it</a><a
moz-do-not-send="true"
href="http://mail.blueonyx.it/mailman/listinfo/blueonyx"
style="color: purple; text-decoration:
underline; ">http://mail.blueonyx.it/mailman/listinfo/blueonyx</a><o:p></o:p></span></div>
</div>
</div>
<div style="margin: 0cm 0cm 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; "><span
style="font-size: 10pt; font-family: Tahoma,
sans-serif; ">_______________________________________________<br>
Blueonyx mailing list<br>
<a moz-do-not-send="true"
href="mailto:Blueonyx@mail.blueonyx.it"
style="color: purple; text-decoration:
underline; ">Blueonyx@mail.blueonyx.it</a><br>
<a moz-do-not-send="true"
href="http://mail.blueonyx.it/mailman/listinfo/blueonyx"
style="color: purple; text-decoration:
underline; ">http://mail.blueonyx.it/mailman/listinfo/blueonyx</a><o:p></o:p></span></div>
</div>
</div>
<div style="margin: 0cm 0cm 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; "><o:p> </o:p></div>
</div>
</div>
_______________________________________________<br>
Blueonyx mailing list<br>
<a moz-do-not-send="true"
href="mailto:Blueonyx@mail.blueonyx.it" style="color:
purple; text-decoration: underline; ">Blueonyx@mail.blueonyx.it</a><br>
<a moz-do-not-send="true"
href="http://mail.blueonyx.it/mailman/listinfo/blueonyx"
style="color: purple; text-decoration: underline; ">http://mail.blueonyx.it/mailman/listinfo/blueonyx</a><br>
</div>
</blockquote>
</div>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Blueonyx mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Blueonyx@mail.blueonyx.it">Blueonyx@mail.blueonyx.it</a>
<a class="moz-txt-link-freetext" href="http://mail.blueonyx.it/mailman/listinfo/blueonyx">http://mail.blueonyx.it/mailman/listinfo/blueonyx</a>
</pre>
</blockquote>
I like that firewall rule G.<br>
I block all ftp and shell access in hosts.deny and install a little
php script I made in each user /~web when<br>
the domain is created. If valid users need ftp or shell access they
login to their user web<br>
and the ip address is captured and put in hosts.allow it tracks
their ip and if it changes<br>
they just revisit their web dir. then any attackers I find in logwatch
get put in iptables.<br>
Its a sloppy way to control access but works..<br>
David<br>
</body>
</html>