-
AuthorSearch Results
-
March 9, 2023 at 5:52 pm #101589
In reply to: SSH brute force attack?
MemberRobin
You can look up who is it:
https://whatismyipaddress.com/ip/146.56.144.31
It’s a static IP from a datacenter. Strange enough. It’s run by Oracle, so you can complain to them, they do have an abuse email address.But, if you have a dynamically IP yourself it might easily be possible the person simply wants to login to the machine connected before to the very IP, not actually to your PC. Observe: Does it stop when you get a fresh dynamic IP? If not, you might have caught something.
And then, the most interesting question:
WHY is the ssh service running at all on your antiX?
By default it is deactivated.
To check on antiX 22 (sysvinit):$ sudo service ssh status sshd is not running ... failed!To check on antiX 23 (runit):
sudo sv check ssh fail: sshd: unable to change to service directory: file does not existSomebody must have activated this service on your PC for some reason.
Check with the two commands
sudo netstat -plant
lsof -i
whether there are some more unknown or unexpected connections.these are login attempts via ssh and I would not feel relaxed with it
If directly connected to internet instead of via an internet router, it is quite common to see login attempts from everywhere. (If your router provide log files, you will see them there also constantly.) Only if you are behind a router, you never should see such a thing on your PC.
So then you have to make your system bullet proof, run a network-check (https://www.heise.de/security/dienste/Netzwerkcheck-2114.html). This check tests whether your system has any open doors, it has proven to be highly reliable for the last 20 years, it is provided by the Federal State Commissioner for Data Protection and Freedom of Information of Niedersachsen and the Heise publisher. Don’t know whether there are similar services besides this one in other countries.
Windows is like a submarine. Open a window and serious problems will start.
March 9, 2023 at 4:41 pm #101580In reply to: SSH brute force attack?
Member
techore
I guess my question is, is there any reason to have SSH running on a personal desktop computer that I never access remotely? Is running SSH a security threat?
I use ssh to manage and maintain desktop and laptop computers, however, if you don’t need it ‘sudo apt remove openssh-server’. Rule of thumb, if you don’t need a listener/service, uninstall or disable. If you do need it, secure it by disabling root login and use keys versus passwords. Securing SSH, correctly, isn’t difficult but it’s a longer discussion.
Was this actually a brute force attack?
Based on the log, it appears that you were directly connected to the internet or on a public network. If true, someone may have identified your OS via fingerprinting as being Debian and was attempting to use the Debian default account and password. Not cool.
March 9, 2023 at 4:15 pm #101574In reply to: SSH brute force attack?
Moderator
caprea
Maybe I’m wrong but it really sounds to me like these are login attempts via ssh and I would not feel relaxed with it.Presumably automated and whole IP ranges are tried through.It’s possible to make changes in the /etc/ssh/sshd_config to allow only certain users the login.
Edit: RJP already answered.- This reply was modified 2 months ago by caprea.
March 9, 2023 at 4:02 pm #101573In reply to: SSH brute force attack?
MemberRJP
https://www.tecmint.com/disable-or-enable-ssh-root-login-and-limit-ssh-access-in-linux/
“Limit SSH User Logins
If you have a large number of user accounts on the systems, then it makes sense that we limit remote SSH access to those users who really need it. Open the /etc/ssh/sshd_config file.”March 9, 2023 at 2:33 pm #101565Topic: SSH brute force attack?
in forum New Users and General QuestionsMember
blur13
I noticed on my conky that there was slight disk/eth0 up down activity constantly. Checked htop and I saw that sshd: unknown [net] and sshd: [accepted] commands appearing around once per second and quickly disappearing. Googled this and did the following:
checked /var/log/auth.log
Mar 9 14:52:25 antix1 sshd[4624]: Invalid user debian from 146.56.144.31 port 33830
Mar 9 14:52:25 antix1 sshd[4624]: pam_unix(sshd:auth): check pass; user unknown
Mar 9 14:52:25 antix1 sshd[4624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.56.144.31
Mar 9 14:52:27 antix1 sshd[4624]: Failed password for invalid user debian from 146.56.144.31 port 33830 ssh2
Mar 9 14:52:29 antix1 sshd[4624]: Connection closed by invalid user debian 146.56.144.31 port 33830 [preauth]
Mar 9 14:52:30 antix1 sshd[4626]: Invalid user debian from 146.56.144.31 port 34642
.
.
.
etc etc for about 2000 linesAdded sshd: 146.56.144.31 to /etc/hosts.deny
so now I’m getting the following in /var/log/auth.log
Mar 9 15:05:49 antix1 sshd[3632]: refused connect from 146.56.144.31 (146.56.144.31)
Mar 9 15:05:54 antix1 sshd[3641]: refused connect from 146.56.144.31 (146.56.144.31)
Mar 9 15:06:00 antix1 sshd[3719]: refused connect from 146.56.144.31 (146.56.144.31)
Mar 9 15:06:05 antix1 sshd[3728]: refused connect from 146.56.144.31 (146.56.144.31)
Mar 9 15:06:11 antix1 sshd[3738]: refused connect from 146.56.144.31 (146.56.144.31)
Mar 9 15:06:17 antix1 sshd[3744]: refused connect from 146.56.144.31 (146.56.144.31)but its still consuming around 1% of CPU and some disk/eth0 activity.
sudo update-rc.d ssh remove
restart computer
Problem solved.
I guess my question is, is there any reason to have SSH running on a personal desktop computer that I never access remotely? Is running SSH a security threat? Was this actually a brute force attack?
March 7, 2023 at 7:32 pm #101417In reply to: GUI to manage (essential) IceWM settings
MemberPPC
Hi Oops – I like the idea of extending the scripts functionality – now that the basis is done, it’s simply, to follow create new functions and just add them to the script! There are lots of stuff I would like to add to script, but I think most people won’t use them, so I left them out. There’s one setting I was tempted to add – the option to only show the system tray “info squares” about network connections that are being used (i.e.- not showing a square for ethernet and another for wi-fi, if only a kind of connection is being used). I like this option because I just use that square has an interative Network connection icon, that provides much more info than just if I’m connected or not…
It’s the variable “NetStatusShowOnlyRunning” (I hope I did not type that wrong).
I find too confusing, having so many squares, so I have usually one (network) or two (network and CPU/RAM). Those two squares show basically all the important info from Conky…P.
March 5, 2023 at 11:58 pm #101267In reply to: What are you “here” with today?
Forum Admin
rokytnji
Been busy with blown down fence. Lulus < my shop pit bull> lives in the house by day and barks all night in her large pen attached to the shop all night.. This is while I am priming the steel ketchen sink. Still have to sand it for paint job.
Body is stove up < country slang for sore bones and muscles > So I am in the easy chair on my chromebook using battery.
harry@antix1:~ $ acpi -b Battery 0: Discharging, 90%, 10:03:29 remaining harry@antix1:~ $ inxi -p Partition: ID-1: / size: 13.36 GiB used: 6.56 GiB (49.2%) fs: ext4 dev: /dev/mmcblk1p2 ID-2: /boot/efi size: 252 MiB used: 274 KiB (0.1%) fs: vfat dev: /dev/mmcblk1p1 ID-3: /media/harry/sda1-usb-PNY_USB_2.0_FD_A size: 29.95 GiB used: 13.69 GiB (45.7%) fs: vfat dev: /dev/sda1 ID-4: swap-1 size: 768 MiB used: 0 KiB (0.0%) fs: swap dev: /dev/mmcblk1p3 harry@antix1:~ $ sudo ps_mem.py; inxi -Fxz [sudo] password for harry: Private + Shared = RAM used Program 152.0 KiB + 36.5 KiB = 188.5 KiB seatd 212.0 KiB + 29.5 KiB = 241.5 KiB gpm 216.0 KiB + 60.5 KiB = 276.5 KiB rpc.idmapd 232.0 KiB + 57.5 KiB = 289.5 KiB init 264.0 KiB + 71.5 KiB = 335.5 KiB rtkit-daemon 316.0 KiB + 69.5 KiB = 385.5 KiB cron 412.0 KiB + 34.5 KiB = 446.5 KiB acpid 340.0 KiB + 111.5 KiB = 451.5 KiB dbus-launch 340.0 KiB + 149.5 KiB = 489.5 KiB icewm-session 440.0 KiB + 109.5 KiB = 549.5 KiB rpcbind 448.0 KiB + 118.5 KiB = 566.5 KiB rpc.statd 376.0 KiB + 221.5 KiB = 597.5 KiB udevil 176.0 KiB + 554.0 KiB = 730.0 KiB saned (2) 644.0 KiB + 408.5 KiB = 1.0 MiB devmon 720.0 KiB + 384.0 KiB = 1.1 MiB dbus-daemon (2) 804.0 KiB + 427.5 KiB = 1.2 MiB desktop-session 812.0 KiB + 482.0 KiB = 1.3 MiB getty (6) 1.3 MiB + 89.5 KiB = 1.4 MiB sshd 1.4 MiB + 336.5 KiB = 1.7 MiB ntpd 1.3 MiB + 399.5 KiB = 1.7 MiB sudo 1.6 MiB + 197.5 KiB = 1.8 MiB connmand 1.7 MiB + 472.5 KiB = 2.1 MiB bash 2.0 MiB + 263.5 KiB = 2.3 MiB bluetoothd 3.1 MiB + 22.5 KiB = 3.2 MiB haveged 2.9 MiB + 414.5 KiB = 3.3 MiB udevd 3.7 MiB + 356.5 KiB = 4.0 MiB cupsd 3.7 MiB + 1.0 MiB = 4.7 MiB conky 5.1 MiB + 544.5 KiB = 5.6 MiB wpa_supplicant 4.0 MiB + 3.7 MiB = 7.7 MiB volumeicon 6.3 MiB + 2.1 MiB = 8.3 MiB icewm 12.3 MiB + 740.5 KiB = 13.0 MiB slimski 10.0 MiB + 4.8 MiB = 14.9 MiB roxterm 25.7 MiB + 5.0 MiB = 30.7 MiB Xorg 445.9 MiB + 98.3 MiB = 544.3 MiB firefox-esr (8) --------------------------------- 660.6 MiB ================================= System: Kernel: 5.10.153-antix.1-amd64-smp arch: x86_64 bits: 64 compiler: gcc v: 10.2.1 Desktop: IceWM v: 3.3.1 Distro: antiX-22_x64-full Grup Yorum 18 October 2022 base: Debian GNU/Linux 11 (bullseye) Machine: Type: Laptop System: GOOGLE product: Candy v: 1.0 serial: <superuser required> Mobo: GOOGLE model: Candy v: 1.0 serial: <superuser required> UEFI: coreboot v: MrChromebox-4.18.1 date: 10/27/2022 Battery: ID-1: BAT0 charge: 37.3 Wh (89.9%) condition: 41.5/44.5 Wh (93.4%) volts: 12.4 min: 11.4 model: Samsung DELL XK status: discharging CPU: Info: dual core model: Intel Celeron N2840 bits: 64 type: MCP arch: Silvermont rev: 8 cache: L1: 112 KiB L2: 1024 KiB Speed (MHz): avg: 1669 high: 2500 min/max: 500/2582 cores: 1: 2500 2: 839 bogomips: 8666 Flags: ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx Graphics: Device-1: Intel Atom Processor Z36xxx/Z37xxx Series Graphics & Display driver: i915 v: kernel arch: Gen-7 bus-ID: 00:02.0 Device-2: Suyin Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-3:4 Display: server: X.Org v: 1.20.11 driver: X: loaded: modesetting unloaded: fbdev,vesa dri: i965 gpu: i915 resolution: 1366x768~60Hz API: OpenGL v: 4.2 Mesa 20.3.5 renderer: Mesa DRI Intel HD Graphics (BYT) direct-render: Yes Audio: Device-1: Intel Atom Processor Z36xxx/Z37xxx Series High Definition Audio driver: snd_hda_intel v: kernel bus-ID: 00:1b.0 Sound API: ALSA v: k5.10.153-antix.1-amd64-smp running: yes Sound Server-1: PulseAudio v: 14.2 running: no Network: Device-1: Intel Wireless 7260 driver: iwlwifi v: kernel bus-ID: 01:00.0 IF: wlan0 state: up mac: <filter> Bluetooth: Device-1: Intel Bluetooth wireless interface type: USB driver: btusb v: 0.8 bus-ID: 1-4:6 Report: hciconfig ID: hci0 rfk-id: 0 state: up address: <filter> bt-v: 2.1 lmp-v: 4.0 Drives: Local Storage: total: 44.65 GiB used: 20.26 GiB (45.4%) ID-1: /dev/mmcblk1 vendor: Hynix model: HAG2e size: 14.68 GiB ID-2: /dev/sda type: USB vendor: PNY model: USB 2.0 FD size: 29.97 GiB Partition: ID-1: / size: 13.36 GiB used: 6.56 GiB (49.2%) fs: ext4 dev: /dev/mmcblk1p2 ID-2: /boot/efi size: 252 MiB used: 274 KiB (0.1%) fs: vfat dev: /dev/mmcblk1p1 Swap: ID-1: swap-1 type: partition size: 768 MiB used: 0 KiB (0.0%) dev: /dev/mmcblk1p3 Sensors: System Temperatures: cpu: 38.0 C mobo: N/A Fan Speeds (RPM): N/A Info: Processes: 135 Uptime: 15m Memory: 3.75 GiB used: 1017.5 MiB (26.5%) Init: SysVinit runlevel: 5 Compilers: gcc: 10.2.1 Packages: 1644 Shell: Bash v: 5.1.4 inxi: 3.3.25 harry@antix1:~The day the winds blew my fence down. Telephone pole posts sunk 5 feet down with cement. Snapped the poles at the base.
It was a biblical day as far wind speeds and time duration of them.
Not sure yet if I have the energy to handle this .
Fun and games in West Texas.Sometimes I drive a crooked road to get my mind straight.
Not all who Wander are Lost.
I'm not outa place. I'm from outer space.Linux Registered User # 475019
How to Search for AntiX solutions to your problemsMarch 3, 2023 at 7:52 pm #101048In reply to: What are you “here” with today?
Moderator
Brian Masinick
Firefox-Nightly, which has extra debugging code in it, runs with more memory than the release, but gives users an early view of upcoming changes and an opportunity to evaluate and test them; I’m using it now, so it’s consuming more memory than the other browsers I use. No problem here; even with this older hardware, this system has as much system memory as my much newer HP-14 laptop.
Here’s the current memory consumption; it’s MUCH less when I don’t have so much going on…
sudo ps_mem.py Private + Shared = RAM used Program 112.0 KiB + 13.5 KiB = 125.5 KiB runit 128.0 KiB + 16.5 KiB = 144.5 KiB runsvdir 148.0 KiB + 21.5 KiB = 169.5 KiB seatd 136.0 KiB + 40.5 KiB = 176.5 KiB sleep 296.0 KiB + 73.5 KiB = 369.5 KiB cron 368.0 KiB + 102.5 KiB = 470.5 KiB icewm-session 388.0 KiB + 84.5 KiB = 472.5 KiB dbus-launch 364.0 KiB + 143.5 KiB = 507.5 KiB udevil 420.0 KiB + 112.0 KiB = 532.0 KiB svlogd (4) 452.0 KiB + 405.0 KiB = 857.0 KiB avahi-daemon (2) 768.0 KiB + 185.5 KiB = 953.5 KiB gconfd-2 664.0 KiB + 332.5 KiB = 996.5 KiB dconf-service 672.0 KiB + 329.5 KiB = 1.0 MiB devmon 696.0 KiB + 370.5 KiB = 1.0 MiB getty (5) 812.0 KiB + 343.5 KiB = 1.1 MiB desktop-session 1.1 MiB + 464.5 KiB = 1.5 MiB dbus-daemon (3) 924.0 KiB + 684.0 KiB = 1.6 MiB sudo (2) 1.6 MiB + 333.5 KiB = 1.9 MiB runsv (17) 1.8 MiB + 282.5 KiB = 2.1 MiB udevd 1.9 MiB + 225.5 KiB = 2.1 MiB bluetoothd 2.3 MiB + 997.0 KiB = 3.3 MiB bash (2) 2.9 MiB + 445.5 KiB = 3.3 MiB at-spi2-registryd 2.2 MiB + 1.3 MiB = 3.5 MiB sshd 3.0 MiB + 607.5 KiB = 3.6 MiB cupsd [updated] 3.6 MiB + 122.5 KiB = 3.7 MiB connmand 4.2 MiB + 369.5 KiB = 4.5 MiB conky 5.1 MiB + 517.5 KiB = 5.6 MiB at-spi-bus-launcher 4.8 MiB + 1.2 MiB = 6.0 MiB wpa_supplicant 5.6 MiB + 1.1 MiB = 6.7 MiB icewm 6.9 MiB + 2.3 MiB = 9.3 MiB volumeicon 8.9 MiB + 850.5 KiB = 9.7 MiB slimski 11.7 MiB + 1.5 MiB = 13.2 MiB ntpd 12.4 MiB + 3.4 MiB = 15.8 MiB roxterm 19.2 MiB + 3.6 MiB = 22.7 MiB zzzfm 48.1 MiB + 24.1 MiB = 72.2 MiB Xorg 714.2 MiB + 139.9 MiB = 854.1 MiB firefox-bin (12) --------------------------------- 1.0 GiB =================================--
Brian MasinickMarch 3, 2023 at 6:41 am #100987In reply to: Odd message during upgrade
Member
sybok
Hi, I sometimes see that when I run such an update remotely (connected via SSH) or when running as root.
My guess is that it if you login as root (or remotely via SSH), the corresponding desktop session is not started and hence the corresponding Python class of the GTK-whatever is ‘None’ and it does not have the expected attributes.
Hence I consider it harmless.
If someone has another explanation, I am willing to learn.February 28, 2023 at 8:34 pm #100798In reply to: keyboard mapping
MemberRobin
What I’m looking for is a way to add a new key combination so than when I hit the altGr-a key I get the “ą” character. Same for altGr-e that gives the brand new “ę” char, and so on.
Then you want to check out the method I described in posting #100677 above.
To lookup the proper key number you want to edit, just type in terminal window (e.g. Roxterm, enlarge the window to avoid additional confusing linebreaks):
xmodmap -pkeThen you can modify a single key by a line similar to those in my above example:
xmodmap -e keycode 29 = y Y y Y leftarrow U215C leftarrow xmodmap -e keycode 29 = y Y y Y ssharp U215C ssharpIf a character is named, you can use its name (like leftarrow, rightarrow, without the XK_ prefix), otherwise you’ll have to lookup its respective unicode number (there are some more lists available) and enter something like U017F or U1E9E instead (omit the + character between U and the code number). The codes behind the key number are in a specific order. Please read man xmodmap carefully to understand what you have to change in a line from the output. (The -pke option is designed to allow you directly to copy the line you want to change from it, apply the modifications, and feed it back to console in order to make the additions/changes to the keyboard mapping. Also try
xmodmap -grammar
to learn different approaches of managing the keymapping with xmodmap, it allows to enter the modifier bindings for a key directly this way.You will have to experiment with it until you succeed, I assure you.
Windows is like a submarine. Open a window and serious problems will start.
February 25, 2023 at 10:13 pm #100652In reply to: antiX-23-alpha1-runit-full (64bit) for testing
Moderator
Brian Masinick
Fresh login with the Kernel: 4.19.0-256-antix.1-amd64-smp x86_64 sudo ps_mem.py Private + Shared = RAM used Program 112.0 KiB + 17.5 KiB = 129.5 KiB runit 128.0 KiB + 21.5 KiB = 149.5 KiB runsvdir 148.0 KiB + 30.5 KiB = 178.5 KiB seatd 296.0 KiB + 115.5 KiB = 411.5 KiB cron 388.0 KiB + 121.5 KiB = 509.5 KiB dbus-launch 408.0 KiB + 140.0 KiB = 548.0 KiB svlogd (4) 368.0 KiB + 272.5 KiB = 640.5 KiB icewm-session 388.0 KiB + 288.5 KiB = 676.5 KiB udevil 464.0 KiB + 467.0 KiB = 931.0 KiB avahi-daemon (2) 648.0 KiB + 437.5 KiB = 1.1 MiB devmon 760.0 KiB + 378.0 KiB = 1.1 MiB dbus-daemon (2) 700.0 KiB + 467.5 KiB = 1.1 MiB getty (5) 816.0 KiB + 435.5 KiB = 1.2 MiB desktop-session 932.0 KiB + 756.0 KiB = 1.6 MiB sudo (2) 1.5 MiB + 418.5 KiB = 1.9 MiB runsv (17) 1.6 MiB + 464.5 KiB = 2.1 MiB bash 1.9 MiB + 535.5 KiB = 2.4 MiB bluetoothd 964.0 KiB + 1.5 MiB = 2.5 MiB udevd (2) 2.2 MiB + 662.5 KiB = 2.9 MiB conky 2.9 MiB + 664.5 KiB = 3.6 MiB cupsd 2.2 MiB + 1.3 MiB = 3.6 MiB sshd 3.5 MiB + 270.5 KiB = 3.8 MiB connmand 4.6 MiB + 1.3 MiB = 5.9 MiB wpa_supplicant 3.3 MiB + 3.4 MiB = 6.7 MiB volumeicon 5.4 MiB + 2.4 MiB = 7.8 MiB icewm 8.9 MiB + 1.4 MiB = 10.3 MiB slimski 9.5 MiB + 3.7 MiB = 13.1 MiB zzzfm 11.8 MiB + 1.5 MiB = 13.3 MiB ntpd 12.1 MiB + 5.1 MiB = 17.1 MiB roxterm 100.7 MiB + 1.6 MiB = 102.2 MiB Xorg --------------------------------- 209.5 MiB =================================--
Brian MasinickFebruary 25, 2023 at 10:00 pm #100651In reply to: antiX-23-alpha1-runit-full (64bit) for testing
Moderator
Brian Masinick
sudo ps_mem.py
Private + Shared = RAM used Program112.0 KiB + 12.5 KiB = 124.5 KiB runit
128.0 KiB + 16.5 KiB = 144.5 KiB runsvdir
148.0 KiB + 21.5 KiB = 169.5 KiB seatd
292.0 KiB + 72.5 KiB = 364.5 KiB cron
364.0 KiB + 118.5 KiB = 482.5 KiB icewm-session
352.0 KiB + 156.5 KiB = 508.5 KiB udevil
420.0 KiB + 118.0 KiB = 538.0 KiB svlogd (4)
492.0 KiB + 408.0 KiB = 900.0 KiB avahi-daemon (2)
736.0 KiB + 190.0 KiB = 926.0 KiB dbus-launch (2)
760.0 KiB + 211.5 KiB = 971.5 KiB gconfd-2
648.0 KiB + 392.5 KiB = 1.0 MiB devmon
816.0 KiB + 378.5 KiB = 1.2 MiB desktop-session
968.0 KiB + 470.5 KiB = 1.4 MiB getty (7)
864.0 KiB + 759.0 KiB = 1.6 MiB sudo (2)
1.3 MiB + 491.0 KiB = 1.8 MiB dbus-daemon (4)
1.7 MiB + 353.5 KiB = 2.0 MiB runsv (19)
1.8 MiB + 295.5 KiB = 2.1 MiB udevd
1.9 MiB + 272.5 KiB = 2.2 MiB bluetoothd
1.8 MiB + 437.5 KiB = 2.2 MiB bash
2.6 MiB + 389.5 KiB = 3.0 MiB dconf-service
2.9 MiB + 609.5 KiB = 3.5 MiB cupsd
2.2 MiB + 1.3 MiB = 3.5 MiB sshd
3.0 MiB + 585.5 KiB = 3.6 MiB at-spi-bus-launcher
3.6 MiB + 131.5 KiB = 3.7 MiB connmand
4.2 MiB + 452.5 KiB = 4.6 MiB conky
4.7 MiB + 1.2 MiB = 5.9 MiB wpa_supplicant
6.4 MiB + 1.6 MiB = 7.9 MiB icewm
7.3 MiB + 2.3 MiB = 9.6 MiB volumeicon
8.9 MiB + 955.5 KiB = 9.8 MiB slimski
11.7 MiB + 1.5 MiB = 13.1 MiB ntpd
12.4 MiB + 3.9 MiB = 16.3 MiB roxterm
14.1 MiB + 3.8 MiB = 17.9 MiB zzzfm
48.1 MiB + 24.3 MiB = 72.4 MiB Xorg
469.3 MiB + 114.6 MiB = 583.9 MiB firefox-bin (9)
———————————
779.2 MiB
=================================This is Firefox Nightly 112.0a1 (2023-02-24) (64-bit) on antiX 23 Alpha 1 with a single tab open.
--
Brian MasinickFebruary 24, 2023 at 1:58 pm #100551In reply to: What are you “here” with today?
Memberolsztyn
Firefox almost 1Gb memory footprint?
With careful configuration of Chrome or Chromium (such as ungoogled one) seems more memory frugal. Not scientific comparison, just practical experience:
On Thinkpad X220 (i5, 4Gb ram) antiX 23 fully configured:
demo@antix1:~
$ sudo ps_mem.py
[sudo] password for demo:
Private + Shared = RAM used Program104.0 KiB + 14.5 KiB = 118.5 KiB pause
112.0 KiB + 15.5 KiB = 127.5 KiB runit
128.0 KiB + 18.5 KiB = 146.5 KiB runsvdir
144.0 KiB + 24.5 KiB = 168.5 KiB seatd
104.0 KiB + 83.5 KiB = 187.5 KiB dash
108.0 KiB + 85.5 KiB = 193.5 KiB openbox-autosta
212.0 KiB + 178.0 KiB = 390.0 KiB cat (2)
292.0 KiB + 104.5 KiB = 396.5 KiB cron
348.0 KiB + 127.5 KiB = 475.5 KiB dbus-launch
356.0 KiB + 218.5 KiB = 574.5 KiB udevil
460.0 KiB + 397.5 KiB = 857.5 KiB menu-cached
484.0 KiB + 449.0 KiB = 933.0 KiB avahi-daemon (2)
648.0 KiB + 424.5 KiB = 1.0 MiB devmon
744.0 KiB + 356.0 KiB = 1.1 MiB dbus-daemon (2)
816.0 KiB + 415.5 KiB = 1.2 MiB desktop-session
960.0 KiB + 512.5 KiB = 1.4 MiB getty (7)
944.0 KiB + 832.0 KiB = 1.7 MiB sudo (2)
1.5 MiB + 352.5 KiB = 1.9 MiB runsv (17)
880.0 KiB + 1.1 MiB = 1.9 MiB chrome_crashpad_handler (2)
1.7 MiB + 207.5 KiB = 1.9 MiB udevd
1.6 MiB + 444.5 KiB = 2.0 MiB bash
2.3 MiB + 102.5 KiB = 2.4 MiB nacl_helper
1.9 MiB + 1.1 MiB = 3.0 MiB connmand
2.7 MiB + 367.5 KiB = 3.0 MiB cupsd
2.7 MiB + 1.2 MiB = 3.9 MiB sshd
4.9 MiB + 1.2 MiB = 6.1 MiB wpa_supplicant
5.1 MiB + 1.1 MiB = 6.3 MiB slimski
6.5 MiB + 4.2 MiB = 10.8 MiB openbox
8.3 MiB + 6.5 MiB = 14.8 MiB x-terminal-emul
10.4 MiB + 5.7 MiB = 16.1 MiB lxpanel
36.8 MiB + 17.2 MiB = 54.0 MiB Xorg
251.3 MiB + 173.0 MiB = 424.3 MiB chrome (11)
———————————
563.4 MiB
=================================
demo@antix1:~
$- This reply was modified 2 months, 2 weeks ago by olsztyn.
Live antiX Boot Options (Previously posted by Xecure):
https://antixlinuxfan.miraheze.org/wiki/Table_of_antiX_Boot_ParametersFebruary 23, 2023 at 3:18 pm #100447In reply to: GUI to manage (essential) IceWM settings
Moderator
Brian Masinick
Yeah, that file is pretty big if you keep all of the comments in it.
I decided to cut mine down considerably; here’s the current one.
If anyone is interested, we can share the big one with the complete set of options.
It has several hundred lines; one of them is in the 800-900 line range and
that is why I cut mine down!UseMouseWheel=0 # 0/1 AutoReloadMenus=1 # 0/1 ShowTaskBar=1 # 0/1 TaskBarAtTop=0 # 0/1 TaskBarKeepBelow=0 # 0/1 TaskBarAutoHide=0 # 0/1 TaskBarShowClock=1 # 0/1 TaskBarShowAPMAuto=1 # 0/1 TaskBarShowMailboxStatus=0 # 0/1 TaskBarShowWorkspaces=1 # 0/1 TaskBarShowStartMenu=1 # 0/1 TaskBarShowWindowListMenu=0 # 0/1 TaskBarShowCPUStatus=1 # 0/1 CPUStatusShowAcpiTemp=1 # 0/1 CPUStatusShowCpuFreq=1 # 0/1 TaskBarShowMEMStatus=1 # 0/1 TaskBarShowNetStatus=1 # 0/1 TaskBarShowCollapseButton=0 # 0/1 TaskBarDoubleHeight=0 # 0/1 ShowProgramsMenu=0 # 0/1 ShowSettingsMenu=1 # 0/1 ShowFocusModeMenu=1 # 0/1 ShowThemesMenu=1 # 0/1 ShowLogoutMenu=1 # 0/1 ShowHelp=0 # 0/1 ShowLogoutSubMenu=1 # 0/1 ShowRun=1 # 0/1 ShowWindowList=0 # 0/1 ConfirmLogout=0 # 0/1 ClickMotionDistance=32 # [0-32] ClickMotionDelay=2000 # [0-2000] IconPath="/usr/share/icons:/usr/share/pixmaps/papirus:/usr/share/icons/papirus-antix/48x48/apps:/usr/share/icons/papirus-antix/48x48/mimetypes" MailCommand="claws-mail" LockCommand="xlock" ClockCommand="yad --calendar --mouse --close-on-unfocus --undecorated --skip-taskbar --button=gtk-ok:1" RunCommand="gexec" OpenCommand="" # menu file browser - eg. spacefm or rox or desktop-defaults-run -fm TerminalCommand="x-terminal-emulator" LogoutCommand="desktop-session-exit" ShutdownCommand="sudo halt" RebootCommand="sudo reboot" CPUStatusCommand="lxtask" NetStatusCommand="cmst" NetworkStatusDevice="[wp]*" TimeFormat="%r" #US format? DateFormat="%c" KeyWinMaximizeVert="Alt+Ctrl+Up" KeyWinArrangeN="Alt+Ctrl+KP_Up" # Up-Move window Top KeyWinArrangeNE="Alt+Ctrl+KP_Prior" # PgUp-Move window Top Right KeyWinArrangeE="Alt+Ctrl+KP_Right" # Right-Move window to Right KeyWinArrangeSE="Alt+Ctrl+KP_Next" # PgDn-Move window to Bottom Right KeyWinArrangeS="Alt+Ctrl+KP_Down" # Down-Move window to Bottom KeyWinArrangeSW="Alt+Ctrl+KP_End" # End-Move window to Bottom Left KeyWinArrangeW="Alt+Ctrl+KP_Left" # Left-Move window to Left KeyWinArrangeNW="Alt+Ctrl+KP_Home" # Home-Move window to Top Left KeyWinArrangeC="Alt+Ctrl+KP_Begin" # 5-Center window KeySysSwitchNext="Alt+Tab" KeySysSwitchLast="Alt+Shift+Tab" KeySysWinNext="Alt+Esc" KeySysWinPrev="Alt+Shift+Esc" KeySysWinMenu="Shift+Esc" KeySysDialog="Alt+Ctrl+Del" KeySysMenu="Ctrl+Esc" KeySysWindowList="Alt+Ctrl+Esc" KeySysAddressBar="Alt+Ctrl+Space" KeySysWorkspacePrev="Alt+Ctrl+Left" KeySysWorkspaceNext="Alt+Ctrl+Right" KeySysWorkspaceLast="Alt+Ctrl+Down" KeySysWorkspacePrevTakeWin="Alt+Ctrl+Shift+Left" KeySysWorkspaceNextTakeWin="Alt+Ctrl+Shift+Right" KeySysWorkspaceLastTakeWin="Alt+Ctrl+Shift+Down" KeySysWorkspace1="Alt+1" KeySysWorkspace2="Alt+2" KeySysWorkspace3="Alt+3" KeySysWorkspace4="Alt+4" KeySysWorkspace1TakeWin="Alt+Ctrl+Shift+1" KeySysWorkspace2TakeWin="Alt+Ctrl+Shift+2" KeySysWorkspace3TakeWin="Alt+Ctrl+Shift+3" KeySysWorkspace4TakeWin="Alt+Ctrl+Shift+4" KeySysTileVertical="Alt+Shift+F2" KeySysTileHorizontal="Alt+Shift+F3" KeySysCascade="Alt+Shift+F4" KeySysArrange="Alt+Shift+F5" KeySysArrangeIcons="Alt+Shift+F8" KeySysMinimizeAll="Alt+Shift+F9" KeySysHideAll="Alt+Shift+F11" KeySysUndoArrange="Alt+Shift+F7" KeySysShowDesktop="Alt+Ctrl+d" KeySysCollapseTaskBar="Alt+Ctrl+h" WorkspaceNames=" Web ", " Mail ", " Term ", " Edit " TaskBarClockLeds=0 # 0/1 TitleBarHeight=32 # [0-128] ScrollBarX=18 # [0-64] DesktopBackgroundCenter=0 # 0/1 SupportSemitransparency=1 # 0/1 DesktopBackgroundScaled=1 # 0/1 DesktopBackgroundImage="" DesktopBackgroundColor=""--
Brian MasinickFebruary 19, 2023 at 11:50 pm #100097Topic: Firewall settings – antiX-22 Full
in forum SoftwareMember
dukester
Got antiX installed on an older iMac. Works like a charm!
The 19.3 install on my laptop has a firewall setting icon in Control Centre/NetworkI can’t find any firewall config in Control Centre in antiX-22.
Do I need to further config/install something?I’m trying to ssh into the iMac from my laptop and/or use FileZilla. TIA
- This topic was modified 2 months, 3 weeks ago by dukester.
--
dukester -
AuthorSearch Results
Search Results for 'ssh'
-
Search Results
-
Topic: SSH brute force attack?
I noticed on my conky that there was slight disk/eth0 up down activity constantly. Checked htop and I saw that sshd: unknown [net] and sshd: [accepted] commands appearing around once per second and quickly disappearing. Googled this and did the following:
checked /var/log/auth.log
Mar 9 14:52:25 antix1 sshd[4624]: Invalid user debian from 146.56.144.31 port 33830
Mar 9 14:52:25 antix1 sshd[4624]: pam_unix(sshd:auth): check pass; user unknown
Mar 9 14:52:25 antix1 sshd[4624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.56.144.31
Mar 9 14:52:27 antix1 sshd[4624]: Failed password for invalid user debian from 146.56.144.31 port 33830 ssh2
Mar 9 14:52:29 antix1 sshd[4624]: Connection closed by invalid user debian 146.56.144.31 port 33830 [preauth]
Mar 9 14:52:30 antix1 sshd[4626]: Invalid user debian from 146.56.144.31 port 34642
.
.
.
etc etc for about 2000 linesAdded sshd: 146.56.144.31 to /etc/hosts.deny
so now I’m getting the following in /var/log/auth.log
Mar 9 15:05:49 antix1 sshd[3632]: refused connect from 146.56.144.31 (146.56.144.31)
Mar 9 15:05:54 antix1 sshd[3641]: refused connect from 146.56.144.31 (146.56.144.31)
Mar 9 15:06:00 antix1 sshd[3719]: refused connect from 146.56.144.31 (146.56.144.31)
Mar 9 15:06:05 antix1 sshd[3728]: refused connect from 146.56.144.31 (146.56.144.31)
Mar 9 15:06:11 antix1 sshd[3738]: refused connect from 146.56.144.31 (146.56.144.31)
Mar 9 15:06:17 antix1 sshd[3744]: refused connect from 146.56.144.31 (146.56.144.31)but its still consuming around 1% of CPU and some disk/eth0 activity.
sudo update-rc.d ssh remove
restart computer
Problem solved.
I guess my question is, is there any reason to have SSH running on a personal desktop computer that I never access remotely? Is running SSH a security threat? Was this actually a brute force attack?
Got antiX installed on an older iMac. Works like a charm!
The 19.3 install on my laptop has a firewall setting icon in Control Centre/NetworkI can’t find any firewall config in Control Centre in antiX-22.
Do I need to further config/install something?I’m trying to ssh into the iMac from my laptop and/or use FileZilla. TIA
- This topic was modified 2 months, 3 weeks ago by dukester.
--
dukester