On Wed, 27 Nov 2013, Mark Wickens wrote:
DS10L with 1 HDD is 176 watts.
That's less than my ES40...quad-proc with 2 HDD and it hits 800W. ;)
--
Cory Smelosky
http://gewt.net Personal stuff
http://gimme-sympathy.org Projects
On Wed, Nov 27, 2013 at 3:13 AM, Mark Wickens <mark at wickensonline.co.uk> wrote:
DS10L with 1 HDD is 176 watts.
IIRC - the supply was rated at 450W peak.
On 27 Nov 2013, at 02:01, Sampsa Laine <sampsa at mac.com> wrote:
On 26 Nov 2013, at 23:08, Hans Vlems <hvlems at zonnet.nl> wrote:
No, I get telnet attempts from it, es and nl domains lately. I put a text in sys$announce that tells the, error, user that the system is privately owned, alle access attempts are logged and monitored and that unauthorized access is not allowed. The attempts are now down to a couple every 24 hours and no longer every 5 minutes.
Just got an SSH bruteforce attempt from Korea, decided to have a look at the chap's machine:
nmap -p1-65535 -T5 -sV -oAhax0r -P0 14.63.222.153
The "attack" stopped pretty quickly after that lol.
Mainland China based IP attacked me this morning, stopped after 27 seconds of my nmap scan.
The scanners don't like to be scanned it seems :)
Might write an automatic ArcSight rule to trigger these..
sampsa
On 26 Nov 2013, at 23:08, Hans Vlems <hvlems at zonnet.nl> wrote:
No, I get telnet attempts from it, es and nl domains lately. I put a text in sys$announce that tells the, error, user that the system is privately owned, alle access attempts are logged and monitored and that unauthorized access is not allowed. The attempts are now down to a couple every 24 hours and no longer every 5 minutes.
Just got an SSH bruteforce attempt from Korea, decided to have a look at the chap's machine:
nmap -p1-65535 -T5 -sV -oAhax0r -P0 14.63.222.153
The "attack" stopped pretty quickly after that lol.
Sampsa
Anybody have an idea of how many amps (at 220V) a DS10 with 3 HDDs will consume?
What about an rx2600?
sampsa <sampsa at mac.com>
mobile +44 7961 149465
No, I get telnet attempts from it, es and nl domains lately. I put a text in sys$announce that tells the, error, user that the system is privately owned, alle access attempts are logged and monitored and that unauthorized access is not allowed. The attempts are now down to a couple every 24 hours and no longer every 5 minutes.
Hans
Van: Sampsa Laine
Verzonden: dinsdag 26 november 2013 23:32
Aan: hecnet at Update.UU.SE
Beantwoorden: hecnet at Update.UU.SE
Onderwerp: [HECnet] Telnet/SSH attacks
Am I the only one who's almost constantly being hit by login scans (usually from China or weird places like Kazakhstan - sorry Oleg) on their Internet facing Telnet/SSH ports?
It's not like they get in or anything, my guess is that this is just part of a larger scan so if you guys are getting hit as well, I won't worry that I'm being targeted :)
sampsa <sampsa at mac.com>
mobile +44 7961 149465
Stupid! Disable TELNET for anything but your local net. You do NOT want
plain text sent over the internet!
Also, SSH2 kills the CPU on a lot of VAX boxes. I'm toying with the idea of a SSH-only jumpbox..
On 26 Nov 2013, at 22:56, "Brian Schenkenberger, VAXman-" <system at TMESIS.COM> wrote:
Dennis Boone <drb at msu.edu> writes:
Am I the only one who's almost constantly being hit by login scans
(usually from China or weird places like Kazakhstan - sorry Oleg) on
their Internet facing Telnet/SSH ports?
It's not like they get in or anything, my guess is that this is just
part of a larger scan so if you guys are getting hit as well, I won't
worry that I'm being targeted :)
Pretty much if it's connected to the internet, it's getting
dictionary-scanned on any open telnet and ssh ports. The scanners have
gotten a little smarter in the last 8 years or so -- they no longer
generate so many parallel connections that you notice them because of
load or socket starvation.
I put in firewall rules to block addresses which generate too many ssh
connections in a period of time, mostly to prevent the log spam.
Stupid! Disable TELNET for anything but your local net. You do NOT want
plain text sent over the internet!
As for SSH, moving it off of port 22 seems to quiet things down. Use one
of the port numbers in the ephemeral range like 22222. Of course, you'll
need to tell your ssh client that you're using a different port using the
-p option.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
I agree with both points for production "real" boxes, SSH in pubkey mode on random port, no telnet.
But for public access hobby systems that significantly increases the barrier to entry for new users. I run SSH but in pubkey mode only, Telnet is used by the vast majority of my users, these are hobby system, I haven't had any complaints.
Dennis Boone <drb at msu.edu> writes:
Am I the only one who's almost constantly being hit by login scans
(usually from China or weird places like Kazakhstan - sorry Oleg) on
their Internet facing Telnet/SSH ports?
It's not like they get in or anything, my guess is that this is just
part of a larger scan so if you guys are getting hit as well, I won't
worry that I'm being targeted :)
Pretty much if it's connected to the internet, it's getting
dictionary-scanned on any open telnet and ssh ports. The scanners have
gotten a little smarter in the last 8 years or so -- they no longer
generate so many parallel connections that you notice them because of
load or socket starvation.
I put in firewall rules to block addresses which generate too many ssh
connections in a period of time, mostly to prevent the log spam.
Stupid! Disable TELNET for anything but your local net. You do NOT want
plain text sent over the internet!
As for SSH, moving it off of port 22 seems to quiet things down. Use one
of the port numbers in the ephemeral range like 22222. Of course, you'll
need to tell your ssh client that you're using a different port using the
-p option.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
