Re: SSH Brute force attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jason Opperisano wrote:

On Wed, May 11, 2005 at 03:30:16PM -0400, Pete Toscano wrote:


Freaky.  My output is the same as yours with the exception of the 1.2.11
string.

recent v1.2.11 options:
<snip same stuff that you have>
ipt_recent v0.3.1: Stephen Frost <sfrost@xxxxxxxxxxx>.
http://snowman.net/projects/ipt_recent/

I'm a little confused about the difference between "recent v1.2.11" and
"ipt_recent v0.3.1" Is one a kernel component and the other the
userspace part?



yes, ipt_recent == kernel module. the 1.2.11 is the version of the iptables userspace utility.



I'm also a little confused about p-o-m. Is this something I can apply
without recompiling my (modular) kernel?



no.


I don't agree Jason. You can compile only the needed modules.
Here's a tutorial (in bulgarian sorry, but you can get the idea from the comments/commands) how to do that with fedora core 3:
http://hardtrance.blogspot.com/2005/04/fedora-core-3-patch-o-matic-ipttimeko.html




Are there any good docs on how
to use p-o-m? I didn't see any immediately obvious on the netfilter
site and the p-o-m section seems to end mid-



basic recipe:

- download/extract kernel src
- download/extract iptables src
- download/extract p-o-m
- apply patches from p-o-m
- recompile kernel
- recompile iptables
- reboot, rinse, repeat.

-j

--
"Stewie: Soooo Broccoli, mother says you're very good for me. But I'm
afraid I'm no good for you."
       --Family Guy




regards,
Georgi Alexandrov


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux