using centos7 and denyhosts 2.9 i noticed some strange behavior.
My config is set to:
DENY_THRESHOLD_INVALID = 3
DENY_THRESHOLD_VALID = 10
Which, in my understanding is like: after 3 failed login attempts of NON-EXISTING users from hosts X, deny that host.
After 10 failed logins attempts from EXISTING users from hosts X, deny that host.
While the latter works just fine, the DENY_THRESHOLD_INVALID = 3 setting does not work.
What i noticed is that the /var/log/secure, that danyhosts parses, does handly logns from non-existing accounts and logins from account that exist but are using the wrong pasword, are handled differently.
Aug 10 12:32:42 ftp sshd[27176]: Invalid user adminx from xxx.128.30.135 port 42800
Aug 10 12:32:42 ftp sshd[27176]: input_userauth_request: invalid user adminx [preauth]
Aug 10 12:32:42 ftp sshd[27176]: Connection closed by xxx.128.30.135 port 42800 [preauth]
vs.
Aug 10 12:33:46 ftp sshd[27238]: Failed password for exchange from xxx.128.30.135 port 42802 ssh2
Does anyone know of denyhosts has problems parsing the /var/log/secure file on centos with non-existing accounts vs. existing accounts that use wrong passwords?
Denyhosts debug log also does not say anything. It seems to ignore the login attempt from non-existend users.
any help would be appreciated. Thanks.
Been trying to run a wallet app in tails os ver 4.28 with no success. I'm getting denied error when using it with proxychains. Being a noob here, would someone assist me in letting me know what I'm doing incorrect here. I've included terminal output & proxychain config info for reference here.
amnesia#amnesia:~/Persistent$ chmod +x Neuron-v0.101.2-x86_64.AppImage
amnesia#amnesia:~/Persistent$ proxychains ./Neuron-v0.101.2-x86_64.AppImage
ProxyChains-3.1 (http://proxychains.sf.net)
|S-chain|-<>-127.0.0.1:9050-<><>-127.0.0.1:8114-<--denied
06:16:58.553 › Network: connection dropped
|DNS-request| localhost
|DNS-request| localhost
|DNS-response| localhost is 127.0.0.1
|S-chain|-<>-127.0.0.1:9050-|DNS-request| localhost
<><>-127.0.0.1:8114-<--denied
|DNS-response| localhost is 127.0.0.1
|S-chain|-<>-127.0.0.1:9050-<><>-127.0.0.1:8114-|DNS-request| localhost
<--denied
06:17:00.145 › Network: fail to connect to the network. Is CKB node running?
06:17:00.323 › Network: switched to: {
id: 'mainnet',
name: 'default node',
remote: 'http://localhost:8114',
genesisHash: '0x92b197aa1fba0f63633922c61c92375c9c074a93e85963554f5499fe1450d0e5',
type: 0,
chain: 'ckb'
}
06:17:01.453 › Main window: The main window is ready to show
|DNS-response| localhost is 127.0.0.1
|S-chain|-<>-127.0.0.1:9050-|DNS-request| localhost
<><>-127.0.0.1:8114-<--denied
|DNS-response| localhost is 127.0.0.1
|S-chain|-<>-127.0.0.1:9050-<><>-127.0.0.1:8114-|DNS-request| localhost
<--denied
|DNS-response| localhost is 127.0.0.1
|S-chain|-<>-127.0.0.1:9050-<><>-127.0.0.1:8114-<--denied
|DNS-response| localhost is 127.0.0.1
|DNS-request| localhost
|DNS-request| localhost
|S-chain|-<>-127.0.0.1:9050-<><>-127.0.0.1:8114-<--denied
06:17:03.705 › CKB: external RPC on default uri not detected, starting bundled CKB node.
06:17:03.707 › CKB: Initializing node...
06:17:03.708 › CKB: init: config file detected, skip ckb init.
06:17:03.708 › CKB: starting node...
06:17:04.116 › CKB: process closed
|DNS-response| localhost is 127.0.0.1
|S-chain|-<>-127.0.0.1:9050-|DNS-request| localhost
<><>-127.0.0.1:8114-<--denied
|DNS-response| localhost is 127.0.0.1
|S-chain|-<>-127.0.0.1:9050-<><>-127.0.0.1:8114-<--denied
|DNS-request| localhost
|DNS-response| localhost is 127.0.0.1
|S-chain|-<>-127.0.0.1:9050-<><>-127.0.0.1:8114-|DNS-request| localhost
<--denied
^C|DNS-response|: localhost does not exist
Aborted
proxychain.config file
#dynamic_chain
strict_chain
#random_chain
#chain_len = 2
#quiet_mode
proxy_dns
# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks4 127.0.0.1 9050
Appreciate any assistance in this matter.
So, didn't get a response from the community as of yet. I did some exploration and enabled the following in proxychains config file
enabled dynamic_chain and commented strict_chain
replace socks4 with socks5
This got rid of the denied issue, but gave me a timeout issue.
Reached out the wallet tech team for assistance. They responded stating wallet synchronization fails when it's behind a firewall, vpn, anti-virus. Wallet behind a proxy configuration also disrupts the synchronization. I had a very slim hope that this would work and that faded quickly with their response. This closes out this open question.
I solved the problem by connecting to the internet (usually not connected) and running "sudo apt-get update" . After the update was done (a few seconds) I restarted tails (USB Stick variant) and then the problem was gone.
I'm trying to connect to ClamAV daemon clamd on localhost 3310 port via telnet comand in terminal:telnet 127.0.0.1 3310
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
nIDSESSION [pressed ENTER button on keyboard]
nPING [pressed ENTER]
But it gives error:
1: Only nCMDS\n and zCMDS\0 are accepted inside IDSESSION. ERROR
1: Error processing command. ERROR
Connection closed by foreign host.
Entered zPING\0 [pressed ENTER] or nPING\n useless, prompts that error again.
Can you suggest anything?
Slackware OS, trying to setup fetchmail
I have coded this .fetchmailrc file:
set daemon 600 //fetches mail every hour or 60 minutes.
set logfile /root/fetchmail.log
poll 10.200.***.** protocol POP3
user "bob" password "bob" is "bob" here preconnect "date>>/root/fetchmail.log"
ssl
no rewrite
keep
It worked before but now it is failing to retrieve mail, i checked the fetchmail.log file and i get this error:
Thu Nov 5 10:15:32 GMT 2015
fetchmail: connection errors for this poll:
name 0: connection to 10.200.***.**:pop3s [10.200.***.**/995] failed: Connection refused.
fetchmail: POP3 connection to 10.200.***.** failed: Connection refused
fetchmail: Query status=2 (SOCKET)
I've reset the daemons, ended the process and no progress.
I had exactly the same problem on a Mageia 5 Linux. Apparently, I
solved it by redoing network configuration, which the Mageia can do
with a single click on the relevant Configure button in the Network
Center window.
I did not touch my .fetchmailrc file.
It used to be working, but out of the blue, it stopped sending mail. I thought I set everything up in both linux and exchange to function correctly, but we're not receiving the emails - internally or externally.
I'm not that knowledgeable about linux, so I use webmin to get around.
So, we have our shopping cart and online forms on the linux server that will email users confirmations and such. It won't receive any mail, so I don't need to worry about that. It only sends mail out, both inside our network, and outside. Here is a recent addition to the mail log:
Dec 6 11:51:04 istalinux2 sendmail[1696]: rB6Gp4lr001696: from=www-data, size=246, class=0, nrcpts=1, msgid=, relay=www-data#localhost
Dec 6 11:51:05 istalinux2 sm-mta[1697]: rB6Gp4hY001697: from=, size=485, class=0, nrcpts=1, msgid=, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Dec 6 11:51:05 istalinux2 sendmail[1696]: rB6Gp4lr001696: to="John Smith" jsmith#ista-in.org, ctladdr=www-data (33/33), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30246, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (rB6Gp4hY001697 Message accepted for delivery)
Dec 6 11:51:05 istalinux2 sm-mta[1699]: rB6Gp4hY001697: to=jsmith#ista-in.org, delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=120485, relay=10.20.51.30, dsn=5.1.2, stat=Host unknown (Name server: 10.20.51.30: host not found)
Dec 6 11:51:05 istalinux2 sm-mta[1699]: rB6Gp4hY001697: to=www-data#istalinux2.ista-in.org, delay=00:00:01, mailer=local, pri=120485, dsn=5.1.1, stat=User unknown
Dec 6 11:51:05 istalinux2 sm-mta[1699]: rB6Gp4hY001697: rB6Gp5hY001699: postmaster notify: User unknown
Dec 6 11:51:05 istalinux2 sm-mta[1699]: rB6Gp5hY001699: to=root, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=30000, dsn=2.0.0, stat=Sent
I have a receive connector set up in Exchange to receive incoming mail from our linux server and pass it through.
I am using sendmail in linux - but I honestly don't care how it's set up, as long as it works and doesn't break, lol. Please help me make sure all my settings in linux are correct ... and keep in mind that I am NOT a linux guy.
The problem seems to be this part:
relay=10.20.51.30, dsn=5.1.2, stat=Host unknown (Name server: 10.20.51.30: host not found)
I assume that 10.20.51.30 is the ip address of your exchange server. Now, without seeing the actual configuration files, it's a bit hard to find out what you did wrong, but normally, when you specify a mail relay, you have to use either a) a real dns name, not an ip, or b) enclose the ip in [] brackets - just like the line before that one, which says relay=[127.0.0.1].
Try enclosing the 10.20.51.30 in [] brackets, or, use the name of the exchange server instead of the IP, and make sure your DNS server can resolve that name.