New user's registration have been closed due to high spamming and low trafic on this forum. Please contact forum admins directly if you need an account. Thanks !
Search found 45 matches
- 08 Feb 2010, 16:55
- Forum: B2 & B3 Support
- Topic: Continuous flashing blue light - help!
- Replies: 4
- Views: 6498
Re: Continuous flashing blue light - help!
Ouch, that's a bummer. Obviously you want to avoid erasing your data. What I would do is boot up using the USB stick, but with its configuration file edited to run in "rescue" mode. (See the instructions on this.) That way, you can poke around to see what the problem might be.
- 02 Feb 2010, 01:10
- Forum: B2 & B3 Support
- Topic: Recovering RAID
- Replies: 12
- Views: 16105
Re: Recovering RAID
Yeah, I just do an periodic rsync from my main system disk to a backup disk.
- 01 Feb 2010, 21:59
- Forum: B2 & B3 Feature Requests
- Topic: SSH brute force attack prevention
- Replies: 22
- Views: 35204
Re: SSH brute force attack prevention
Yes, that's a great alternative too. Only downside is that you have to have ready access to a knock client on any machine from which you intend to original an SSH connection. But honestly, I think that in my case, I would. Might have to look into this more.
- 27 Jan 2010, 17:46
- Forum: B2 & B3 Support
- Topic: error mess?
- Replies: 3
- Views: 6001
Re: error mess?
Also look here
http://forum.excito.net/viewtopic.php?f=10&t=2086
If you change everything from SSH to FTP suggested there, it should help.
http://forum.excito.net/viewtopic.php?f=10&t=2086
If you change everything from SSH to FTP suggested there, it should help.
- 27 Jan 2010, 17:39
- Forum: B2 & B3 Support
- Topic: error mess?
- Replies: 3
- Views: 6001
Re: error mess?
Yep, someone's doing a brute force attack on your server. Google "iptables brute force attack" for potential solutions. Most of them talk about SSH but they apply to FTP as well. But the easiest solution is not to turn off the FTP server completely or to configure your Bubba not to allow F...
- 27 Jan 2010, 17:24
- Forum: B2 & B3 Feature Requests
- Topic: DPAP (iPhoto server) support
- Replies: 1
- Views: 4866
Re: DPAP (iPhoto server) support
OK, what I'm finding is that libdmapsharing requires libsoup2.4, but Etch only has libsoup2.2. Unfortunately the API changed between versions so there's really no going back without some effort. I wonder if libsoup2.4 can be compiled easily...
- 18 Jan 2010, 21:55
- Forum: B2 & B3 Feature Requests
- Topic: SSH brute force attack prevention
- Replies: 22
- Views: 35204
Re: SSH brute force attack prevention
This is what I'm using. Add this to the end of your INPUT rules (in /etc/networking/firewall.conf) -A INPUT -p tcp -m tcp --dport 22 -m recent --set --name SSH #-A INPUT -p tcp -m tcp --dport 22 -m recent --update --seconds 60 --hitcount 4 --rttl --name SSH -j LOG --log-prefix "SSH Attack: &quo...
- 15 Jan 2010, 16:17
- Forum: B2 & B3 Feature Requests
- Topic: SSH brute force attack prevention
- Replies: 22
- Views: 35204
Re: SSH brute force attack prevention
Hadn't seen that before, but its functionality closely resembles that of fail2ban, which is already in the Debian package list. I preferred to stick with a static iptables-based solution for my application, and that has been working well for me so far.
- 07 Jan 2010, 15:15
- Forum: B2 & B3 Support
- Topic: Disabling horde & kronolith
- Replies: 4
- Views: 6621
Re: Disabling horde & kronolith
Time for a followup question! It looks like that even if kronolith isn't being used, it is still consuming resources: specifically, mysqld opens all of the files in /var/lib/mysql/{horde,kronolith}, etc. So it's using open file descriptors as well. Yeah, that's maybe harmless, but if I'm not using t...
- 05 Jan 2010, 11:01
- Forum: B2 & B3 Feature Requests
- Topic: DPAP (iPhoto server) support
- Replies: 1
- Views: 4866
DPAP (iPhoto server) support
I wouldn't have bothered to ask, because I didn't think such a thing existed... but there is this: http://www.flyn.org/projects/dmapd/index.html This provides both an iTunes server AND an iPhoto server. Now, there are probably good reasons to stick with Firefly, but this could be used to serve the p...
- 05 Jan 2010, 10:48
- Forum: B2 & B3 Feature Requests
- Topic: Bubba as a time machine
- Replies: 6
- Views: 12752
Re: Bubba as a time machine
Another way to go about it is to give Time Machine its own partition.
- 24 Dec 2009, 23:57
- Forum: B2 & B3 Support
- Topic: Mediatomb config.xml unreadable
- Replies: 7
- Views: 7960
Re: Mediatomb config.xml unreadable
Try this:
chmod a+rx /etc/mediatomb
chmod a+r /etc/mediatomb/config.xml
That's overkill but it probably ought to help. If that doesn't work or you get a "permission denied" here, try doing it as root.
chmod a+rx /etc/mediatomb
chmod a+r /etc/mediatomb/config.xml
That's overkill but it probably ought to help. If that doesn't work or you get a "permission denied" here, try doing it as root.
- 24 Dec 2009, 08:13
- Forum: B2 & B3 Support
- Topic: AFP-support useless for OS X Leopard users?
- Replies: 6
- Views: 8065
Re: AFP-support useless for OS X Leopard users?
Hmm... I didn't have to do anything special, either to my Mac or to my Bubba, to get my AFP connection working.
- 24 Dec 2009, 08:08
- Forum: B2 & B3 Feature Requests
- Topic: SSH brute force attack prevention
- Replies: 22
- Views: 35204
Re: SSH brute force attack prevention
Hmm, what I'm seeing in your logs isn't that bad: one failed attempt every 10-15 minutes or so. I wouldn't worry about that. What I'm trying to prevent is several failed attempts *per second*. That said, a whitelist is certainly doable, as long as the IP addresses you're likely to log in from is fix...
- 23 Dec 2009, 23:10
- Forum: B2 & B3 Feature Requests
- Topic: SSH brute force attack prevention
- Replies: 22
- Views: 35204
Re: SSH brute force attack prevention
OK, this is what I've done to get things working. First, I went ahead and added a rule right at the top of my INPUT and FORWARD lists to drop INVALID packets: -A INPUT -m state --state INVALID -j DROP This, combined with the rule that accepts all RELATED and ESTABLISHED packets, means that I can be ...