| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
| Jan | Feb | Mar | Apr |
| May | Jun | Jul | Aug |
| Sep | Oct | Nov | Dec |
Since a few years ago, it is beginning to be very common to have hundreds of connection attempts to SSH port, trying common usernames and passwords.
This has several drawbacks: log files can be filled up, SSH service can be irresponsible and, what is worst, some of the attacks could be successful if one of your users has a weak password.
To prevent those attacks, you can use these simple iptables rules that forbid establishing more than 6 connections per minute from every IP:
iptables -N SSH_CHECK iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK iptables -A SSH_CHECK -m recent --set --name SSH iptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 6 --name SSH -j DROP
If you want to have a file crypted, so that noone can see its contents unless they have the correct password, you can use "gpg" to cypher or decypher it. However, its use is a bit complicated.
So, I decided to write a small shell script, called "gpg-vi", which asks for a password, and lets you edit a file, symmetrically crypted using GnuPG with that password.
The script will not let anyone else in that machine to see the contents of the file, but warning: the script writes the contents of the file in plain in a file in /tmp, so that your user id, or root, can see that file until the edition is finished (or even later, because the contents may still be there in the disk after deleting the file).
I have just finished a quick pop-before-smtp implementation in C... I needed it in a hurry, to make my brother able to send e-mails from his laptop (with Win*!) from everywhere without having to change the configuration, and without having an open relay :-)
It is basically a quick-and-dirty hack: it execs "tail -f /var/log/syslog" to see which lines from the logs come from the POP server I am using (teapop), it reads the IP address and stores it in a list, next to a timeout. When some IP in the list changes, it modifies the list of IP addresses that the SMTP server relays (in my case, I use qmail with tcpserver; therefore I exec "tcprules").