Re: random usernames in attempts to break in to my machine?
On Tuesday, 5 April 2022 03:23:11 EDT tomas@tuxteam.de wrote:
> On Tue, Apr 05, 2022 at 03:01:30AM -0400, gene heskett wrote:
> > On Tuesday, 5 April 2022 01:46:32 EDT tomas@tuxteam.de wrote:
> [fail2ban]
>
> > Well, it seems to me that if something as automatic as fail2ban were
> > to be used, its better use would be in the router, stopping such
> > before it reaches into the home network [...]
>
> The fly in this ointment is that fail2ban relies on feedback from the
> server applications (mail server, web server, sshd etc) to adscribe
> "suspicious activity" (whatever that is: you get to decide with your
> configs) to source IP addresses. Typically login failures and their
> ilk, gleaned from the corresponding log files.
>
> And those apps aren't running in your router. So you'll have to teach
> fail2ban to run in some distributed fashion (perhaps it does this out-
> of-the-box, I don't know).
>
> You gotta be careful: kicking out an IP for just one login failure
> might shut *you* out because you forgot to ssh-add your key (or because
> you mistyped your password once). OTOH, if "they" keep changing their
> IP address for each retry, you wouldn't catch them otherwise. So it is
> a fine line to walk. You might try to trigger on more specific
> patterns, which means you'll have to adapt your recognisers, yadda,
> yadda.
>
> Take care & don't forget having fun. That's what computers are for,
> after all.
>
In my case, since about the middle 70's when I bought my first
programmable calculator. It's been a long ride, Tomas, 99% of it
enjoyable and educational. And it's only included 2 msdos/windows
machines. When I was thinking about retiring, and maybe doing some
consulting, I bought an hp lappy to take on the road, but networking
didn't work, so mandrake was installed in about a week. I came up thru a
unix like os on trs-80 color computers, called os9. then bought an amiga
that eventually was replaced by a 400mhz k6 running red hat 5. By then I
had gotten interested in CNC machinery so I went unbuntu for a couple
years as that what early emc ran on, but they switched to debian about a
year before wheezy, emc was forced to change the name to LinuxCNC, and
the latest is that LinuxCNC has been invited into debian, s/b in bookworm
when its stable.
I probably am not the only one now, but certainly the most visible one,
who is running linuxcnc on a pi, started with a pi3b, now a pi4b, on the
planet, to run a medium sized lathe I converted to cnc when I found the
lathe I paid 2 grand for, had so much broken stuff, the only salvation
was to cnc it. I had the basic castings. Replaceing all the gears etc,
with two motors, teaching it a whole new list of dance steps it could not
do in 1048 when it was made. Including electronic wear compensation for
13 thousandths of bed wear right in front of the chuck. The motors drive
ball screws, and balls screws can move things as little as .00002", so
its more accurate now than when it was new. And about 5x faster than a
man turning cranks can do.
Computers were invented to do work FOR us, but they can also make a LOT
of work when they miss-behave. So our job is to figure out ways they can
miss-behave, and write programs that prevent that. Sadly, that concept
isn't often taught in CS-101 classes.
So here we are, in 2022, 87 yo, trying to survive the latest man made
pandemic engineered to reduce the planets population. I've got to drive
around 125 miles today, paying ppty taxes and refreshing all my vehicle
stickers. And the 15th, is income tax day so thats got to be collected
and done yet this week. Then I can go back to self-quaranteening except
for the occasional grocery getter trip. Or the scripts that keep the
hardware in my chest working well.
Take care Tomas, and stay well.
> --
> t
Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis
Reply to: