why dont you change it into a higher port .... eg: 33022 then allow it on ur firewall's config... then reload jdoe: there are rate limiting (but not to my understanding, blocking) being done on port 22, ask support@ for details win 2 you need http://todd.fries.net/pub/lose.pl heh, nice script :) i'd have to modify it to catch /names too ;) its a regex match, program to your fancy. toddf: should have specified, temp blocking :) the protection generally mitigates most ssh port attackers letting legitimate stuff through, but if you connect at at high rate you might get some unwanted throttling http://todd.fries.net/pub/lose.pl i need new fingers :) yay freebsd 8.2 released. woo wooohoo quick! everyone csup your VPSes! :D lol who thinks arp should have a freebsd mirror for us? ;) would be good advertising for arp nice upgrade comin vcs: I'm pretty active int he FreeBSD community, and I couldn't tell you which companies host the mirrors right now. so, I don't know how effective the advertising would be. If you can sup RELENG_8_2, the whole tree should be there, right? hello. boo any arpnetworks employees around? fyi, $coworker (with an arp vps) says lots of hosts in 203.81/16 have been scanning him on 21, 22, and 443/tcp for the last couple days. whats new tons of zombies out there trying to assimilate "Portscans to my VPS aren't unusual, but this traffic pattern seems different than normal." just thought i'd mention it, feel free to ignore it just make sure you have secure passwords, should take care of 50% of the danger of being cracked. _pe: if you ask us what you need, we may be able to answer you here. otherwise, and email to support@arpnetworks.com is the best. jpalmer: thanks, i've filed an issue, of course; just thought it might be easier to chat. a_j__c: well, in all honesty, you should probably disable password based auth for remote connections (such as ssh) use ssh keys only, and only leave password based auth enabled at the console. ^ _pe: is this the plan9 issue? i'm trying to install plan 9 but the install kernel just stops. since filing my issue i've received advice that the virtio drivers may be the problem. jpalmer: yep dont use passwords at all ;) _pe: may I ask why plan9? public key auth is way better in every way shape and form _pe: I see the ticket, but I don't have the access to change your drivers or CD media. It'll likely get done this evening though. a_j_c: going to experiment with moving some of my hosted sites to plan 9. i only have ssh accessible from a /16 and a /32 and i use keys. i think i'm good. _pe: oh ok jpalmer: thanks. i'm not knowledgeable about kvm/qemu so i'm not sure what might help. i have run plan 9 under qemu 0.9.1 on openbsd for a while, but my initial setup just worked and i haven't done further reading about qemu. jlgaddis: I do something similar. I only allow SSH keys, and only allow it from specific hosts (which I call "keyhole servers") the keyhole servers run NO services, other than ssh. and have some pretty intense firewalls including a bruteforce timeout. I then SSH into the keyhole server from my remote locations (wherever that may be) using agent forwarding. then from there I ssh into the actual destination server. sort of like a piggyback step. jpalmer: hey, how much would it add to the monthly cost to add an ipv4 + 512MB ram? a_j_c: i've gone through the usual sort of religious conversion to plan 9, but as there are few users, worldwide, and even fewer developers, life in that world can be challenging. :) _pe: no doubt. I myself have never used plan9 it's an interesting system. unfortunately there's no modern web browser so for a lot of folks it ends up being a passing fancy. fink: /msg fink ping doh who's ping? that guy over there in the corner :P he's on first hey at least I didn't "/msg fink your server as at 1.2.3.4 and the root password is abracadabra!" HOW DID YOU KNOW MY PASSWORD WTF fink: found written on a piece of paper in your wallet :) _pe: oh, did i leave that at your gf's place by accident? hiyooooo ;) _pe: sorry, that was unacceptable, my apologies hehe was trying to decide whether to up the ante :) [generic rejoinder involving pimping] piming|yomama mom didn't bring home much money last night. _pe: LOL, you don't need me :) jpalmer: *nod* we call 'em "jumpboxes" hah, my "gf" is technically my fiancee, for 1 more weekend. I get married next saturday. my condolences^H^H^H^H^H^H^H^Hgratulations, sir congratulations lol so its safe to assume you won't be on here as much? :P jk haha jpalmer: congrats oof. time to plan on an 8.2 upgrade for my boxes so, what does ArpNetworks bring to the table that $current_provider doesn't? BSD, Ipv6 a_j__c - depends on $current_provider good service good prices well, they don't have BSD for one thing and only 50GB bandwidth how can I view a list of listening ports/programs? I used to use `netstat -nlptu` on linux (-n = numeric IPs, -l = listening only, -p = show program name, -t = tcp, -u = udp (thus no unix sockets)), but I see that netstat is significantly different on openbsd. man sockstat cheers a_j__c: err, not found, no man page is that something in ports? nope, can't find it there either. what? sockstat isn't a man page? man 1 sockstat man: no entry for sockstat in the manual. that's messed up well, there's several copies of it online I'm running 4.8 stable oh you're on openbsd a_j__c: what good will a man page do if the command doesn't exist? oh, I'm sorry I thought this was #openbsd whoops no its #arpnetworks hehe yeah, I got my windows mixed up. thanks for trying though :) I tried :) meh, fstat | grep internet | grep -v '<--' | grep -v '<->' | grep -v -- '-->' somebody email support@ with the feature request: freebsd mirror :) jpalmer: even without advertising, hosting a mirror would be cool. i have the bandwidth, might as well use it for a good cause up_the_irons: I'd send the e-mail, but I'm not really a FreeBSD user :) i c another ipv6 mirror would be <3tastic lucky: ah yes, I could do that :)