Re: [Devil-Linux-discuss] Bugreports for 1.2.12: GRSecurity and libipt_recent.so

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I don't help you for GRSecurity (I use server release) but for dictionary
based attacks and brute force attacks try Denyhosts (works very well), info to:
http://denyhosts.sourceforge.net

Alberto

+--------------------------+
|   Dott. Alberto Benati   |
|   System Administrator   |
|   Faculty of Economics   |
|  University of  Ferrara  |
| be...@ec... |
|  Tel: +39 0532 45 5012   |
+--------------------------+


---------- Original Message -----------
From: Vesselin Kostadinov <vk...@ex...>
To: dev...@li...
Sent: Sun, 11 Feb 2007 10:17:36 +1030
Subject: [Devil-Linux-discuss] Bugreports for 1.2.12: GRSecurity and
libipt_recent.so

> 1. I noticed the following message on startup:
> 
> Setting GRSecurity parameters: /etc/init.d/rc3.d/S22grsecurity: line 
> 33: /proc/sys/kernel/grsecurity/rand_pids: No such file or directory
> /etc/init.d/rc3.d/S22grsecurity: line
> 
> 33: /proc/sys/kernel/grsecurity/rand_tcp_src_ports: No such file or directory
> 
> (these are 2 lines actually, the mail client breaks them)
> 
> I cant see any real problem coming out of this though. I am not a 
> GRSecurity expert by any means.
> 
> 2. There seems to be missing library required by some netfilter modules:
> 
> # modprobe ipt_recent    #loads OK!
> # iptables  -A SSH_CHECK -m recent --set --name SSH
> iptables v1.3.7: Couldn't load match 
> `recent':/usr/lib/iptables/libipt_recent.so: cannot open shared 
> object file: No such file or directory
> 
> Try `iptables -h' or 'iptables --help' for more information.
> 
> File /usr/lib/iptables/libipt_recent.so is missing indeed, however 
> there are quite a few other netfilter libraries there.
> 
> If somebody knows a reasonably good alternative way for defending 
> from dictionary ssh attacks please let me know.
> 
> Regards
> 
> Vesselin
> 
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your 
> job easier. Download IBM WebSphere Application Server v.1.0.1 based 
> on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Devil-linux-discuss mailing list
> Dev...@li...
> https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss
------- End of Original Message -------