Systems Status

Announce? RSS Feed RSS

Blog?RSS Feed RSS

Help Topics

Deschutes Facilities

Campus Facilities

User Account Info

Roundcube Mail

Contact Systems

ipv6 ready

Misc

Over the last couple of years we have added a dynamic firewall to all of the Systems Staff maintained computers. The intent is to block access to internet computers that try to break in to our systems. This is a short overview of our system.

  1. All of the computers we maintain log information to a central log host.
  2. Our log host uses FOS software to analyze the log files and identify the IP addresses attacking hosts.
  3. We add these IP addresses to the kernel level firewall built in to both our server and workstation computers.

The basic rules we use to identify an attacker are 15 ssh login failures from IP address over a period of 5 days. However, the failure count is reset after a successful login from that IP address. We block an attacking IP address for one day from all Systems Staff maintained computers, except we allow http access to www.cs.uoregon.edu and systems.cs.uoregon.edu.

To avoid repeated password mistakes when connecting by ssh, you should consider configuring ssh keys to allow password-less login from your computer.

References

Notes

Your computer (IP Address: 3.145.161.194) is not currently on our firewall block list!

Edited: September 06, 2019, at 10:12 am
Copyright © 2024, University of Oregon, All rights reserved
Privacy Policy