home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
linuxmafia.com 2016
/
linuxmafia.com.tar
/
linuxmafia.com
/
pub
/
linux
/
security
/
00index.txt~
< prev
next >
Wrap
Text File
|
2004-10-12
|
7KB
|
133 lines
Date/Time of
Size File Arrival Filename Description
------- ------------ ------------ -----------
5398 000602 14:02 00index.txt This file you are reading.
219837 Apr 27 00:16 aide-0.7.tar.gz Superior replacement for the now-
obsolete Tripwire(R) ASR package.
Source ftp archive:
ftp://ftp.cs.tut.fi/pub/src/gnu/
10066 980122 03:15 anonymous-ftp-config
CERT tips on security for anon ftp
10342 980126 15:56 chkexploit-1.13.tar.gz
Shell script to check for known
security exploits. Very old.
288663 990913 18:58 cops104+.tar.gz COPS security-auditing package for
*ix hosts, by Dan Farmer. Old.
258 990913 19:04 cops-why-not.txt Reasons why one might not want to
use COPS.
8319 000520 21:52 ftp-daemons Survey of all available ftp daemons
for Linux, with an eye to security.
20777 980126 15:56 md5.tar.gz MD5 encryption algorithm, from RSA.
17313 Jan 05 2003 mkchroot Martynas Domarkas's script to make
chroot jails. From:
http://joker.hansabank.lt/mkchroot
601290 980415 00:41 pgp263is.tar.gz Pretty Good Privacy 2.6.3, source code.
International version. Proprietary.
1732 990912 20:10 pgp-any-version-why-not.txt
Reason why all PGP versions are now
obsolete, and should be replaced by
GNU Privacy Guard.
14154 980329 20:07 pgp50-why-not.txt Brad Knowles on why not to use PGP 5.0.
927363 990912 21:49 pgp50i-unix-src.tar.gz
Pretty Good Privacy 5.0 int'l (src).
Proprietaary.
9349 980415 00:41 pgp-redhat-tips.txt
James Youngman's tips about PGP use
under Red Hat Linux.
2279 980126 15:56 satan-1.1.1.README Quick instructions for SATAN 1.1.1.
306360 980126 15:56 satan-1.1.1.linux.fixed2.tar.gz
SATAN 1.1.1 security-auditor
package for networks, by Dan Farmer.
Uses perl and has Web front-end.
Patched to build on Linux. Proprietary.
1711 980126 15:56 satan-doc.README README for the documentation kit.
410736 980126 16:10 satan-doc.tar.gz Full documentation kit for SATAN.
865 990913 18:45 satan-why-not.txt Reasons why one might not want to
use SATAN.
51966 980126 15:56 security-by-break-in.txt
Dan Farmer's article "How to Improve
Your System's Security by Breaking in".
12012 990912 21:41 ssh-clients Information on various SSH clients.
k 11723 2004-10-01 10:20 ssh-dictionary-attack-blacklist
Script and explanatory e-mail by
Victor Danilchenko to monitor
the sshd logs, detect repeated failed
login attempts, notify the sysadmin
of such attempts via e-mail, and
blacklist hosts whence such attempts
originated. Perl script. Licence
terms for the script ("sshd-sentry")
are unstated.
1493 990912 20:49 ssh-why-not.txt Information on SSH alternatives.
9403 Aug 22 2001 sux Francois Gouget's sux is an "su with X"
Bourne shell script, under the MIT X11
licence. From:
http://fgouget.free.fr/sux/
sux-readme.shtml
268578 980126 15:56 tiger-2.2.3.tar.gz Security-auditing package from TAMU.
2214 990912 18:57 tripwire-why-not.txt
Reasons to eschew Tripwire(R) in favour
of AIDE, for now.
212503 980126 15:56 xinetd-2.2.1.tar.gz
Replacement inetd with tcp wrapper.
f00f Subdirectory for Pentium F00F defect.
gnupg Subdirectory for GNU Privacy Guard.
openssh Subdirectory for OpenSSH.
sshbuddy Subdirectory for Charles Wright's SSH
Buddy.
ylonen-ssh Subdirectory for Tatu Ylonen's SSH.
To catalogue:
10916 1998-08-26 17:59 berferd
3952 2000-10-12 19:04 biometrics
11897 2000-04-20 13:27 firewalls
9681 2000-02-29 12:03 intruder-detection-checklist
1564 2000-06-02 17:42 ssh-protocol-v2-why.txt
14745 2000-02-29 12:03 unix-configuration-guidelines
Stuff from:
http://phobos.cs.umass.edu/~danilche/sshd_sentry
Date: Tue, 12 Oct 2004 11:29:30 -0400 (EDT)
From: Victor Danilchenko <danilche@cs.umass.edu>
To: secureshell@securityfocus.com
Subject: Re: OpenSSH -- a way to block recurrent login failures?
Further update, in case anyone cares:
I have implemented the client/server functionality, via
server-push. It won't scale well for large installations, but for medium
or small ones, server-push will work much better than client-pull.
basically the clients try to contact the server each time they blacklist
a new host, and the server maintains an aggregated blacklist. Each time
the aggregated blacklist is updated (when a blacklisting request is made
by three individual clients), the updated blacklist is pushed out to all
the clients -- the server splits the list of clients into a number of
queues, and forks a child to handle the distribution to each queue. The
list of clients is constructed by the expedient of simply registering
the IP of every host that attempts a connection to the server. It's
rather simplistic, but it's been working fine on my network.
Note that this is an alpha-grade release, and the server will
dump a good deal of info (I run it in a terminal in foreground). I
haven't even gotten around to writing in the explicit verbosity flag
into it.
The code is at http://phobos.cs.umass.edu/~danilche/sshd_sentry
-- there's the server code, the client code, and also the SRPM
containing the client and the startup script. Note that my SRPM symlinks
the client into /etc/cron.hourly -- this is for our specific
installation; feel free to remove that line from the spec file before
building your own, should you wish to use the RPM.