Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment How to check which processes need to be restarted (Score 1) 303

Once you have upgraded your copy openssl you can determine which processes need to be restarted by running the following command (only tested on Linux):

sudo lsof +c0 |grep DEL |grep libssl |awk '{ print $1 }' |sort |uniq

Note that just because a process is listed here doesn't mean it is vulnerable to the leak, it just means that it is linked to the vulnerable version of libssl.

Comment Re:Highly annoying (Score 1) 360

I use netfilter/iptables with the 'recent' and 'tarpit' modules to block SSH brute force attempts:
$IPTABLES -N SSH_ATTACK
$IPTABLES -A INPUT -i $EXT_IF -p tcp --dport 22 -m state --state NEW -m recent --name SSH --set --rsource -j SSH_ATTACK
$IPTABLES -A SSH_ATTACK -s $TRUSTED_HOST -j RETURN
$IPTABLES -A SSH_ATTACK -m recent ! --rcheck --seconds 60 --hitcount 3 --name SSH --rsource -j RETURN
$IPTABLES -A SSH_ATTACK -j LOG --log-level $LOGLEVEL --log-prefix "SSH Brute Force Attempt: "
$IPTABLES -A SSH_ATTACK -p tcp -j TARPIT
More info is available in this message on the Netfilter mailing list.

If possible, use the 'TARPIT' module because it significantly slows down the automated scanners that are being used to perpetrate these attacks.

Slashdot Top Deals

We will have solar energy as soon as the utility companies solve one technical problem -- how to run a sunbeam through a meter.

Working...