[Sysadmin] Test through cerf
William Anderson
neuro at well.com
Sat Dec 24 22:38:05 UTC 2016
On Sat, Dec 24, 2016 at 9:47 PM, Dean Mah <dean.mah at gmail.com> wrote:
> There are two perl scripts that monitor log files for repeated attempts at
> ssh and for repeated mailman subscriptions. If the scripts detect that,
> they add the IP address to a temporary timeout. Blocking the first is
> obvious. Blocking the second prevents a DOS attack where mailman freezes up
> and stops sending mail.
Yeah, but what have you done to iptables? /sbin/iptables symlinks to
xtables-multi, and that's zero-sized with a timestamp of today.
iptables are managed with service iptables-persistent, and rules are
stored in /etc/iptables/rules.v4. Except they can't be managed
because /sbin/iptables is broken.
> The only thing that I migrated was lists.evolt.org. I haven't done anything
> else to migrate from Tron as a whole.
Yeah, the vhost for lists had the wrong VirtualHost binding stanza;
that's fixed, and everything else is fine.
> Also, I only changed DNS for lists.
Cool.
-n
More information about the Sysadmin
mailing list