Jul 1 15:41:24 paranux2 sshd[22177]: Accepted password for ROOT from 61.11.13.154 port 62560
61.11.13.154 sounds like it might be from Dishnet DSL IP block... this means the actual user will be NATted from behind this IP.
Anyhow if you've only been logging in with SSH your root password was never sent unencrypted. Hence its pretty unlikely that anyone could have gotten your password in just two tries! A cracker clever enough to launch a man-in-the-middle attack or something would also know enough to erase the logs and cover his/her tracks!
I think it may be a false alarm. Just check if the admin (or you!) logged in from a cable connection somewhere!
Hi, I have been running a iptables firewall on my red hat machine. How do I an enable socket5 proxy on it? Regards, Kunal Jhunjhunwala
"Minds think with ideas, not information. No amount of data, bandwidth, or processing power can substitute for inspired thought." - Clifford Stoll
On Thu, 4 Jul 2002, Kunal Jhunjhunwala wrote:
I have been running a iptables firewall on my red hat machine. How do I an enable socket5 proxy on it?
it's socks, and you'll have to get a socks proxy server to install there. It doesn't have much to do with your iptables firewall, except you'll have to enable any ports that you want to let through.
Socks is a proxy protocol that specifies which ports on internal machines can connect to which ports on external machines. Socks doesn't understand anything about the protocols that it allows through. If I'm not mistaken, I think it runs at the TCP layer.
Philip
Hey,
Thanks for the information.. Any suggestions on which server to use?
Regards, Kunal Jhunjhunwala
"Minds think with ideas, not information. No amount of data, bandwidth, or processing power can substitute for inspired thought." - Clifford Stoll ----- Original Message ----- From: "Philip S Tellis" philip@konark.ncst.ernet.in To: linuxers@mm.ilug-bom.org.in Sent: Thursday, July 04, 2002 5:49 PM Subject: Re: [ILUG-BOM] sock proxy?
On Thu, 4 Jul 2002, Kunal Jhunjhunwala wrote:
I have been running a iptables firewall on my red hat machine. How do I
an
enable socket5 proxy on it?
it's socks, and you'll have to get a socks proxy server to install there. It doesn't have much to do with your iptables firewall, except you'll have to enable any ports that you want to let through.
Socks is a proxy protocol that specifies which ports on internal machines can connect to which ports on external machines. Socks doesn't understand anything about the protocols that it allows through. If I'm not mistaken, I think it runs at the TCP layer.
Philip
-- It's a fixer-upper. What's the problem? We get a bunch of priests in here ...
-- Homer Simpson Treehouse of Horror
-
Kunal Jhunjhunwala -
Philip S Tellis -
Ravindra Jaju -
Vinay Pai