Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment How to check which processes need to be restarted (Score 1) 303

Once you have upgraded your copy openssl you can determine which processes need to be restarted by running the following command (only tested on Linux):

sudo lsof +c0 |grep DEL |grep libssl |awk '{ print $1 }' |sort |uniq

Note that just because a process is listed here doesn't mean it is vulnerable to the leak, it just means that it is linked to the vulnerable version of libssl.

Comment Re:Highly annoying (Score 1) 360

I use netfilter/iptables with the 'recent' and 'tarpit' modules to block SSH brute force attempts:
$IPTABLES -N SSH_ATTACK
$IPTABLES -A INPUT -i $EXT_IF -p tcp --dport 22 -m state --state NEW -m recent --name SSH --set --rsource -j SSH_ATTACK
$IPTABLES -A SSH_ATTACK -s $TRUSTED_HOST -j RETURN
$IPTABLES -A SSH_ATTACK -m recent ! --rcheck --seconds 60 --hitcount 3 --name SSH --rsource -j RETURN
$IPTABLES -A SSH_ATTACK -j LOG --log-level $LOGLEVEL --log-prefix "SSH Brute Force Attempt: "
$IPTABLES -A SSH_ATTACK -p tcp -j TARPIT
More info is available in this message on the Netfilter mailing list.

If possible, use the 'TARPIT' module because it significantly slows down the automated scanners that are being used to perpetrate these attacks.

Slashdot Top Deals

Any circuit design must contain at least one part which is obsolete, two parts which are unobtainable, and three parts which are still under development.

Working...