New user's registration have been closed due to high spamming and low trafic on this forum. Please contact forum admins directly if you need an account. Thanks !

Search found 45 matches

by mcg
23 Dec 2009, 18:36
Forum: B2 & B3 Support
Topic: AFP-support useless for OS X Leopard users?
Replies: 6
Views: 8065

Re: AFP-support useless for OS X Leopard users?

What problems are you having? I have no trouble connecting my Snow Leopard machines to Bubba via AFP. Here's my AppleVolumes.default file: ~/ "$u" cnidscheme:cdb options:usedots,upriv /home/Media/ "Media" cnidscheme:dbd options:nohex,usedots,upriv,noadouble dbpath :/var/lib/netat...
by mcg
23 Dec 2009, 18:34
Forum: B2 & B3 Feature Requests
Topic: SSH brute force attack prevention
Replies: 22
Views: 35222

Re: SSH brute force attack prevention

I think I'm going to try something like this soon. I'm getting the same fail2ban errors that Carl was getting. I don't want to have to periodically reset fail2ban. To me, there's no practical difference between banning IPs with multiple *failures* versus banning IPs with multiple *attempts*. After a...
by mcg
23 Dec 2009, 14:00
Forum: My Bubba
Topic: Does anyone want to trade some storage space?
Replies: 2
Views: 5780

Re: Does anyone want to trade some storage space?

I can't take you up on your offer here, but I think perhaps by bumping this more eyeballs might see it and you'll get some interest. I think it's a great idea, and in fact I'm in the process of implementing it by installing a second Bubba|Two at my parents' place. They were in need of a firewall any...
by mcg
23 Dec 2009, 10:00
Forum: B2 & B3 Feature Requests
Topic: SSH brute force attack prevention
Replies: 22
Views: 35222

Re: SSH brute force attack prevention

I will say, however, that I don't think fail2ban is a good choice for a Bubba release. The risk of error in dynamically modifying iptables doesn't seem consistent with the desire for stability and consistency in a Bubba server. In my view, a static set of iptables rules, such as those suggested in t...
by mcg
23 Dec 2009, 09:57
Forum: B2 & B3 Feature Requests
Topic: SSH brute force attack prevention
Replies: 22
Views: 35222

Re: SSH brute force attack prevention

I've installed fail2ban, and sure enough it has successfully thwarted one attack already. Interestingly this one was from a Comcast circuit in Connecticut, not China, but who knows who actually *controls* that bot... Puma, fail2ban is pretty general. All it does is monitor the logs you specify for t...
by mcg
22 Dec 2009, 18:31
Forum: B2 & B3 Feature Requests
Topic: SSH brute force attack prevention
Replies: 22
Views: 35222

Re: SSH brute force attack prevention

Thanks, Carl. I've gone ahead and tried this. I needed only the SSH support for now, really; I don't use the FTP server or the Email server. Now to wait for those Chinese to try again :)
by mcg
22 Dec 2009, 14:06
Forum: B2 & B3 Support
Topic: Disabling horde & kronolith
Replies: 4
Views: 6623

Re: Disabling horde & kronolith

I don't think it's a startup issue---it's the cron job that runs every 5 minutes or so that bugs me.

If I don't hear from anyone I'll just edit the crontab. I just like doing things the "clean" way if there is one :)

Thanks for your help on both issues!
by mcg
22 Dec 2009, 14:04
Forum: B2 & B3 Feature Requests
Topic: SSH brute force attack prevention
Replies: 22
Views: 35222

Re: SSH brute force attack prevention

That's certainly a feasible option for me, although somewhat inconvenient, so I'd probably use it only for the WAN connection coupled with the two-sshd-instance solution I mentioned earlier.
by mcg
22 Dec 2009, 12:01
Forum: B2 & B3 Support
Topic: Disabling horde & kronolith
Replies: 4
Views: 6623

Disabling horde & kronolith

Since I don't use these packages, I'd like to disable them completely---specifically, I'd like to prevent the frequent cron jobs. What's the best/cleanest way to do that? Is there a single package I can safely remove? Should I just comment out the lines in the crontab? Ideally I'd like an approach t...
by mcg
22 Dec 2009, 11:44
Forum: B2 & B3 Feature Requests
Topic: SSH brute force attack prevention
Replies: 22
Views: 35222

SSH brute force attack prevention

Hey folks, A couple of days ago I started getting some unsuccessful login attempts logged into auth.log that eventually blossomed into a full-blown brute-force attack on my SSH port. I noticed it because it was slowing down my DHCP access. Here's just a snippet of what that looks like. Dec 20 14:29:...
by mcg
13 Dec 2009, 23:14
Forum: B2 & B3 Support
Topic: locked out by faulty sshd config -- an idea
Replies: 4
Views: 6925

Re: locked out by faulty sshd config -- an idea

My understanding is that the rescue system will allow you to SSH in, because it uses the default sshd_config on the stick. From there you can go over to your disk install and make the corrections you need.
by mcg
18 Nov 2009, 11:23
Forum: My Bubba Server
Topic: Bubba on batteries :P
Replies: 14
Views: 30705

Re: Bubba on batteries :P

Another idea: the Belkin Residential Gateway Battery Backup: 12V, 30W
http://www.belkin.com/IWCatProductPage. ... _Id=355124
Seems kind of pricey when new, but I've seen some used ones out there.
by mcg
18 Nov 2009, 10:44
Forum: My Bubba Server
Topic: Bubba on batteries :P
Replies: 14
Views: 30705

Re: Bubba on batteries :P

OK, sorry for three posts in a row, but I really think I'm onto something here. Here's the manufacturer's web site, with an entire list of "FTTx Telecom" power supplies: http://www.cyberpowersystems.com/products/telecom-equipment.html Each has different voltage and power ratings. The key q...
by mcg
18 Nov 2009, 10:34
Forum: My Bubba Server
Topic: Bubba on batteries :P
Replies: 14
Views: 30705

Re: Bubba on batteries :P

I actually have a 12V UPS in my garage---it is used to power my fiber-to-the-home (FTTH) transceiver. Here's another page that advertises something like that:
http://www.provantage.com/cybersheild-d ... 092274.htm
by mcg
18 Nov 2009, 10:32
Forum: My Bubba Server
Topic: Bubba on batteries :P
Replies: 14
Views: 30705

Re: Bubba on batteries :P

dacc, I was looking at this *exact* page. It seems to me that the 3A model should be sufficient. I wanted to connect the Bubba to a UPS, and this seems like the most sensible way to go about it. If anyone else has any thoughts I would definitely like to hear them.