Archive

Archive for December, 2004

Blocking ssh hackers

December 8th, 2004 Pankaj Comments

I wrote a very simple shell script to use iptables to block ip addresses that are use various rootkits to try and hack into your box over ssh. I’ve tried, unsuccessfully, to find something on the web that would integrate snort into doing this but no luck. Hence, this simple script which I’ve included into an hourly cron job. If I have the time, I’ll try to make this script a bit more distro independent and smarter. Until then, feel free to grab it.


#!/bin/sh

# Author: Pankaj Jain <pjain001 covad net>

# $Date: 2004/12/08 21:54:28 $

# $Revision: 1.1 $

#

# This is a simple script to parse /var/log/secure for ssh hacking attempts and block the whole subnet

# It might be a little overzealous but so what.

# This particular script is specific to Redhat and Fedora systems but could easily be adapted to other distros.

#

# GPL version 2 applies. No warranties, explicit or implied.

# You are free to modify the script and improve it as long as it is released under the GPL.

# I would also appreciate any changes to the script that you may incorporate.

#

for i in `grep 'Failed password' /var/log/secure | egrep -v 'pankaj|irfan' | awk '{print \$11 \$13}' | cut -d ':' -f 4| cut -d '.' -f 1-3 | uniq`

do

echo "Blocking ${i}.0/24"

/sbin/iptables -I INPUT -s ${i}.0/24 -j DROP

done

# $Log: blocksshhacks.sh,v $

# Revision 1.1 2004/12/08 21:54:28 pankaj

# Initial revision

#

Categories: Misc. Tags:

Learning Linux and Fedora Core 3

December 6th, 2004 Pankaj Comments

I’ve been using Solaris and Linux for more than eight years now and couldn’t bare the thought of having to use Windows. I always thought it would be easy for anyone to use Linux if they were slightly technical. However, I’ve been learning that most *nix systems are still very far away from becoming mainstream desktop products. The ability for technical people from a Windows world to easily move to a Linux desktop is still much more difficult than using Windows or OSX.

Most of my Linux experience has been with RedHat and Fedora distributions. Though I have used Mandrake and SuSE, I found that Mandrake and SuSE were definitely more desktop friendly than Redhat or Fedora. However, even with Mandrake and SuSE (and really, all Linux distros), there are a few things, IMHO, that make the move for anyone but the most highly technical much more difficult than I had originally thought.

  • Documentation/Help System is still very technical and not for the average user
  • The benefits of freedom in the *nix world are lost on the non-technical
  • There are too many options for doing the same thing, e.g. Four main web browsers are available on Fedora Core 3, Konqueror, Mozilla, FireFox, Epiphany – which one should a non-technical user pick?
  • The installation and un-installation of software is still very cumbersome for those used to “point-and-click”
  • Applying system updates such as the latest version of X from x.org or the newest stable kernel, or updating FireFox is an even more daunting task than installing new software

Overall, though companies like Linspire, Mandrake and Novell are making tremendous progress, I think Linux being used by the average home user is still quite a while away. Linux vendors will need to incorporate many of the dumbing down features that Windows has incorporated so that non-technical users will be able to effectively use Linux.

For power users, the flexibility of choice is a boon but for non-technical or new users, that same flexibility can be quite daunting. Hardware support in the Linux kernel has been improving rapidly. I can plugin my third generation iPod into Fedora Core 3, see it as a USB drive, and use GtkPod to manage all my music. Evolution handles all my calendaring, addresses, and email as well as Outlook or Lotus Notes ( however, it would be nice if Novell/Ximian put the “Summary” page back into Evolution 2.0 ).

Categories: Misc. Tags:

LinOSX TechnoMash is Digg proof thanks to caching by WP Super Cache!