Port22_Login_root_ScanBot

Members
  • Posts

    25
  • Joined

  • Last visited

Everything posted by Port22_Login_root_ScanBot

  1. SOLVE COAGULA 621MB is now reported within cache drive pool. I still need need to take a closer look at the file structure
  2. *1.) I have a reported error within Log as follows ;> Mar 21 22:14:47 Dell cache_dirs: ERROR: excluded directory 'VM\ backup' does not exist. *> 1.) >Question, Is this the correct location to edit, (this simple test1), a potential backslash VM\ syntax error and replace with this corrective action VM/ ? <(is the solution for the potential missing directory "VM/backup" or "VM/ backup")? I will try this edit from this GUI menu bar > Tools > Unraid OS > Config File Editor > Editing: /boot/config/plugins/dynamix.cache.dirs/dynamix.cache.dirs.cfg options="-e "Appdatabackup" -e "CommunityApplicationsAppdataBackup" -e "VM\ backup" -e "appdata" -e "isos" -l off" options="-e "CommunityApplicationsAppdataBackup"-e "appdata" -e "isos" -l off" Next within Midnight commander locate this > /boot/config/shares/VM backup.cfg F8 to delete
  3. *1.) I have a reported error within Log as follows ;> Mar 21 22:14:47 Dell cache_dirs: ERROR: excluded directory 'VM\ backup' does not exist. *> 1.) >Question, Is this the correct location to edit, (this simple test1), a potential backslash VM\ syntax error and replace with this corrective action VM/ ? <(is the solution for the potential missing directory "VM/backup" or "VM/ backup")? I will try this edit from this GUI menu bar > Tools > Unraid OS > Config File Editor > Editing: /boot/config/plugins/dynamix.cache.dirs/dynamix.cache.dirs.cfg options="-e "Appdatabackup" -e "CommunityApplicationsAppdataBackup" -e "VM\ backup" -e "appdata" -e "isos" -l off" remove^backslash options="-e "Appdatabackup" -e "CommunityApplicationsAppdataBackup" -e "VM backup" -e "appdata" -e "isos" -l off"
  4. Sorry I didn't look first. As I am having a bit of difficulty in how to find something. Thank you, I am quite green on how UNRAID works. I hope I am projecting the impression, I am willing to learn, rather then an unrealistic belief in why windows doesn't work out of the box. Please, if you may, if I may ask. What would be the best approach in looking at the file structure, being Linux. In the context, that I might have to contribute in making an effort. In examining, my small adjustments at a time. * My question is should I be using Midnight Commander or within the Tools tab > Unraid OS > Config File Editor in exploring my adjustment of the type of simplicity, software purity text Slackware uses. Scratching my head in seeing *.conf , *.cfg and *.xml I am motivated in understanding how UNRAID works, does it matter if I use Midnight Commander or the Config File Editor. Do I need to be concerned which one is used, for non-persistent changes on reboot reverting back. As I explore in making one step at time is adjustments? Thank you again.
  5. What does your doinst.sh file look like, (if UNRAID is using slackware) would this have anything to do with the symlink cleanup? I just downloaded UNRAID about a week ago and do not know much in how UNRAID is actually working under the hood
  6. * END ALL ENGAGEMENT ACTIVITIES, outside help is not required* * The activities I find myself invested in engaging in (time wasted) can be potentially avoided. For others, whom discover to find themselves in this similar situation by Their ISP...* * I contacted customer service of my ISP. Using my social engineering skill set, it is my opinion, there may be an IT cyber security blue team monitoring traffic.* I will mention an up tick of phone calls from Florida today, odd that no one was on the end of line. My mitigations going forward, advice and opinion. 1.) I need to let go of my self interest in using one device to do all and those other feelings about that modem, let it go... What other equipment do some individuals have an interest in using? > $$$ Perhaps a Rpi4 installed with PieHole, other software and monitor log your port traffic here, at the DMZ modem access point. A.) Let the ISP play their game with the hostile hijacking of the modem, (the hackers and port scanning bots have a target of attention, a user/password to breach {let them waste their time doing that activity and monitor that inbound traffic of the username/password failures, admin, tech, cusadmin, admin1, password, ect.}). In my case example, my cleaver ISP has an external IP address point of entry that is authenticated and forwarded to the first access point. It appears my ISP might be monitoring that traffic on their end for suspicious activity. See * three above ^ good for them, I am washing my hands of what ever it is and moving forward in securing my side. Thank you all for any participation in pen testing Mediacom cable infrastructure leading to my open ports lacking a firewall. B.) Install a second router LAN Hub to the first modem you can access and have user based control. Once you can ascertain what that first modem is doing. What is the IP address set by the ISP for your side of the traffic of the first modem used? Set up the second point of access, for example your type of LAN structure to be used and build it. $$$ Thank you, MEDIAcons cable for hijacking my modem, dropping my firewall, leaving my ports wide open and installing your malware into my property...d!(%w@&$ 1.) Its is quite clear that MediacomCable is still continuing in their well documented, greed based deceptive bait-n-switch, repetitive behavioral patterns of poor choices in business practice and customer disservice. 2.) Its is quite clear that MediacomCable employees are being used by corporate policies, customer service scripts provided by mediacom to be the mouths and hands into steering unwitting customers into accepting the [rental fee equipment]. (MediacomCable financial motive, MediaCom Cable is comfortable in losing a few "customer supplied equipment" customers. That become pissed off by the scripts, customer services uses supplied by MediaCom Cable. Even if the "customer supplied equipment" customer has just enough knowledge to manually set up ones own supplied equipment?) $$ 3.) Its is quite clear that MediacomCable treats customers differently based on "customer provided equipment" or MediaCom Cable [rental fee equipment] that is being being used. A.) MediaCom Cable customers have limited modem access via [ homewifi.mediacable.com .] A customer that has "customer supplied equipment" do not have access to the full use of their own property that has been hijacked by [provisioning] the "customer supplied equipment." That is left in a unmanageable state without a firewall, ports left wide open and MediaCom Cable potential malware. Downloaded by the [provisioning] and locking the "customer supplied equipment" user access to the "customer supplied equipment" own property >my modem<. Very Important As a public service reminder, as the title did give, my permission to do what? HACK MY MODEM "is now revoked". If these type of activities are of interest. For ones own educational purpose or field of interest. Please do so responsibly, I going forward should not be determined to held responsible for another persons actions of ones own voluntary volution. There are legal oppertunites to pursue, as in, when someone gives a limited permission to do so. An organized intuition request from an outside 3rd party testing. HACK MY BOX educational constructive outlets. https://www.hackthebox.eu
  7. Ah thanks, I was digging around looking for my manufacturer and model number. To clear this idea up where i am at and my ISP provider stance on this issue... I am locked out to get to any form of a limited user interface at the device level that existed before the Mediacom cable install. I get a wheel of death when attempting to get to the original IP address 192.168.0.1 that mediacom refuses me access to. The IP address appears to have been changed to another IP address. The wheel of death times out not allowing any username/password window pop up to begin with at the device point 196.168.0.1. (My cleaver ISP provider Mediacom cable also appears to be using a different credentials IP address starting point [ homewifi.mediacable.com ]for a redirect to the device IP address as well) If I do get to Mediacom limited user-face access, for example homewifi.mediacable.com and a new user/password popup window does appear. ( Mediacom stance/excuse is, "because this is not mediacom rental equipment and is a customer provided equipment, I am not allowed access". (a username/password) to have access to get to my property settings at the device level, past their malware installed onto the modem) In the address bar on top of the browser page, typing in the following parms might work. homewifi.mediacable.com/security.asp or homewifi.mediacable.com/administrator.asp to bypass their login credentials.(If I was at the device level access point, but the malware is expecting a redirect from {IP elsewhere} not directly from 192.168.0.1 but a redirected IP address with the cleared credentials check.) From here bookmark/save this location <(the step that accurately bypasses the medcom cable popup user/password credential page). Go back to my ISP user/password webpage [enter the correct user/password credentials] {that does not exist, because they refuse to set up a customer account, because it is customer provided equipment} to get past their webpage login point. Using the new bookmark saved location, use that location to get behind the ISP webpage layer to get into the device layer of the Linux language the device is actually using. Sorta like the VM layer the ISP uses with the webpage GUI, but the next layer behind is the persistent storage of the changed settings the device is actually using. For example, if port forwarding is not working, or any changes at the ISP webpage upper layer is not actually saved to the device.
  8. Both in one device...The POE-coax cable line, Mediacom cable from the pole that connects to the first filter/spliter at the customer location. Where the POE is no longer needed and the coax cable DMZ continues to a modem (my customer supplied LAN HUB firewall equipment) which allows devices on my side to be routed together that also has WiFi broadcast capabilities in one device. A little bit confusing, so I will leave out the switch that is also connected between cable modem and all other devices on my side of the access point...toss in Wiregaurd/UNRAID/Dockers that have problems of its own on a fresh install. The first step is establish the DMZ on the Mediacom cable line and regain control of my property, the gateway access point modem. First objective is to regain control of the cable modem, change the username/password and enable the firewall and port blocking features within the cable modem that has been hijacked by the ISP provider Mediacom cable. Thank you BRiT for contributing some methodology in the username and password http://www.dslreports.com/tools
  9. Now that I been able start up the cable modem/router WLAN I can give myself permission, to attempt to take control of my equipment. Looks like my next course of action should be focusing upon being a bit LAZY and remember to use a encrypted VM ~# get clone https://gethub.com/arismelachroinos/lscript.get via arch ~# cd lscript ^ ~#/lscript# ls ~#/lscript# chmod +x install.sh ~`#/lscript# ./install.sh lets take a look at some unique tools, shall we? HACK THE BOX 🤨 https://github.com/kimocoder/wifite2 via kali For me it WILL BE just a matter of time, if something like this is of interest...look at YT for NetworkChuck and legally HACK THE BOX
  10. That was how I was getting around them the first rounds with media-com cable, when they was telling me my cable modem/router was faulty. I did the manual reset to get back to step one where they could see my equipment on the cable line. Yes, I am extremely pissed finding out it was provisioned and I'm locked out and it appears the firewall is off as well. It is so bad I do not have access to the wireless to try from windows shell administrator C:\>netsh netsh>wlan show profile netsh>wlan show profile"the router"key=clear to crack my own wlan key content password. Since WLAN was never set up, I do not even have the ability to search for saved password on any local machine. I'm just in a bad bind, there was no need for mediacom cable to pull their garbage on my equipment. I'm still trying trying to regain control of a basic firewall issue that has given me nothing but port-bot pinging grief That did cross my mind to dump mediacom cable for the obvious and well documented repetitive bait-n-switch behavioral deceptive business practice problems... I think a love hate relationship is well in order for a that "dish" best served cold. Besides for $23.00 mo. I don't plan to go anywhere for now...
  11. My ISP Mediacom highjacked my property >the router< this router is not a Mediacom cable rental. For the first week after installation, Mediacom claimed my router was faulty, which I said. No its not and >I declined their [rental fee cable modem offer].< During this time I could manually reset the router to get into the router 192.168.0.1 no problems here. Customer service call center could see the cable modem, until they reset the modem and attempted to [provision] the setup remotely. Which caused the router be be stuck on downloading the provisioning file. (I doubt, if there was a configuration file even sent). In this mode customer service would explain they now cant see the router on their end and nothing more would be done. I would get the typical political double speak run around any questions, to avoid the question and really say nothing at all at the end. Only for me to ask the question not answered... Then get deflected to contact the manufacture of the router. Which I never did, because it was B.S to begin with. Finally I got someone on the line whom could see the modem and asked one person to turn off the bridge mode or check for a double NAT configuration file incidence. BAM magickly at a lift of a finger the real problem of Mediacom blocking/denying the service magically went away. (Same thing at a push of a button, when a customer hasn't payed the bill...The CM Mac address gets "denial" of the service ban). Short story short, after the CM MAC address ban was lifted and the cable router [provisioning] file was actually sent. I moved on to a fresh UNRAID install... to discover ports being jackhammered, flood of alerts seeing password denials on users TECH, ADMIN, ROOT, ADMIN1, CUSADMIN. I was wondering why I couldn't log into the router to check on the firewall. Take a look at the # ifconfig, ipconfig /all screenshot some dickwads at Mediacom warped the settings and also appear to have reset the username and password. I tried a lot of things like 192.168.0.1/administration.asp or 192.168.0.1/security.asp I haven't gotten very far Anyone here have a idea for me to regain control of my router??? Or hack the router and change the username and password and help me get my router back.
  12. I see perhaps you are curious in how UNRAID works, as well as I am, going forward. Unfortunately, I haven't reached the point in having a suspenseful MOVER function work correctly. In my case, it appears nothing is in my 30.4MB cache. root@cosmos:/mnt/cache/appdata/swag/ Can you point me in the right direction in. How did you get to the location, on your machine,> root@cosmos:/... /mnt/cache/appdata/... < this is as far as I can dig into UNRAID file structure /mnt/... I am certainly not, on my local machine, able to get into root. Using your syntax of your local file structure, as in above "root@cosmos:/..." I do have the understanding, perhaps on my local machine, the next parent up from /mnt/... should be the "root@?/..." directory, ? should be different on my local machine than your setup. I have also come across "nobody users" on my local file structure. Are you using midnight commander or binhex-krusader to look at a file? Into ascertaining the potential parameter error coding. In your perfect example above, your personal objective in taking the time to do research, using a solid mythological scientific approach in proper research. Asking for an objective opinion... and crickets. It is my opinion, perhaps, that is what swag is doing and the service that swag uses...to retrieve validated encrypted certifications. I vaguely remembering that particular line is within .../swag/letsencrypt/... documentation website. https://docs.linuxserver.io/general/swag Cert Provider (Let's Encrypt vs ZeroSSL) As of January 2021, SWAG supports getting certs validated by either Let's Encrypt or ZeroSSL. Both services use the ACME protocol as the underlying method to validate ownership. Our Certbot client in the SWAG image is ACME compliant and therefore supports both services. /live/obfuscated-domain.co.uk < is that anything to do with any websites you are hosting or the purpose for the need for encryption? Apologies wuftymerguftyguff / cosmos, coding is not my expertise, my field is more compartmentalized in hardware. At 6.9.1 does mover deal with symlinks in shares properly at all? Maybe it not just a docker thing?
  13. *> B) >Question, do I need to be concerned about the data in the cache drive pool? Is the cache drive pool a copy or is the original data moved from from disk to cache and then become volatile data to corruption? Found it, the first mistake I made was to begin at the forums discovering years of potentially confusing out dated material. https://wiki.unraid.net/Articles/Getting_Started#Assigning_Devices_to_the_Array_and_Cache Creating a cache-pool adds protection for cached data. If you only assign one cache device to the system, data residing there before being moved to the array on a schedule is not protected from data loss. To ensure data remains protected at all times (both on data and cache disks), you must assign more than one device to the cache function, creating what is called a cache-pool. Cache pools can be expanded on demand, similar to the array. [Edit] Still does not solve, why it appears no data is in the cache drive pool, only 30.4MB is on the cache drive?
  14. Unfortunately, I am a new purchaser of UNRAIDd, experiencing a hand full of issues of a stripped down basic fresh install. I have not proceeded this far to the point you appear to be at, to attempt the back up process. Why back up something that is still broke... The outdated videos, tutorials and forums do not address the "prefer setting". Might have changed from ten years ago, since DOS 5.1.1? I myself was confused of which setting should this be set on? The Prefer option, when first encountering this error upon fresh install setup, or the outdated documentation mentioning of Yes, No options? The 6.9.1 install still has a bug in the file structure, SpaceInvader 0ne encountered in the videos...several years back. The same three directories > Appdatabackup are missing, now called CommunityApplicationsAppdataBackup. The same bug, has followed the new name change, also misses creating the file structure in both events... My problem encountered is, >nothing is on the cache drive<, because the directories are missing from a fresh install...like it always has been when first encountered, years ago. These do look updated and promising, I'm sorry I am the one to have to be the apologist in behalf of LimeTech. I cant even get up to the starting line to dig into these yet. symlinks? Odd if by chance the links are for other apps or dockers that was moved back onto the array. so to speak are now broken not in cache anymore? [edit] then again might be links to webpages and certificates?< In my case with the cache drive the directories do not exist and I have the opposite problem, nothing on the cache drive? I have little knowledge of swag, but it might become useful to recreate my ISP certifications of there websites to redirect malware traffic "from my ISP" and back to "return to sender" into becoming my new black Rpi4 hole🤣 for the grief in hijacking my property ">the router<" changing my router IP address, dropping the firewall to download unauthorized software onto my property and locking me out of my property and changing the username and password on the >router<. Are you web hosting? How important may the orphaned files be left in cache? I hear of incidences of growing garbage in cache that may or may not exist. As your observation of file size mismatching. The easy opt out might be to reformat the cache drive slap it back in and move on? More rants, take cover... A large repository of maybe, potential, perhaps, might contain something useful, if not out of date. Robj cat in the lime hat...Last visited May 18, 2017 oops a daisy. https://forums.unraid.net/forum/55-general-support/ Anyone notice the last dates of the pinned "DATES" in General Support help??? 2015 really??? https://forums.unraid.net/profile/10290-squid/ SQUID on the other hand appears to to be doing a huge amount of lifting in what is LimeTech job and responsibilities? Without you Sir, it is my opinion, LimeTech forums will become an empty hollow shell in unresponsiveness http://lime-technology.com/forum/index.php?topic=48972 Try the Fix Common Problems plugin app, misses all the log errors in each of the dockers in the current state distributed for a fresh install. * I therefor must change my aptitude to change this into a learning experience from why this stuff does not work, into how I(been)RAIDd works. Pihole DoT-DoH, cloudflare, hideme_privoxy, adguardhome, LanguageTool, mumble, P3R-Brave-Browser. Do not work on a UNRAID fresh install. pihole, wireshark and adguardhome use the same port 53, 3000 ports for example. docker: Error response from daemon: driver failed programming external connectivity on endpoint AdGuard-Home Error starting userland proxy: listen tcp 0.0.0.0:3000: bind: address already in use. <(now) *(My ISP has compounded the problem in hijacking my property >router< in an attempt to what I assume and my opinion, to install dd-wrt or openwrt on a router that lacks +4MB of [provisioning storage] and locked me out of my property 192.168.1.0. By changing my property, >the router< IP address and installing a new username / password Fu(%!n& morons)). Without a firewall, that was been removed from my router to install mediacom malware onto the router for ad forwarders and big-tech port bot scanners. As a last ditch attempt, on my LAN side of the router, I have attempted to install pihole DoT DoH onto every device...Right now a RPi4 is looking like a viable option to redir3ct their jack hammering traffic, return to ISP sender, mediacomcable servers So, for now, I am blind to what the routers DNS info has been changed to... Whereas wireshark works on 3000, adguard and pihole dot doh didnt work on 3000 before the wireshark repository pull request was downloaded to begin with. Adding a 4000 port + parm in UNRAID for adguard didn't do anything as ports 53 and 3000 are still used after port 4000 has been added. No effective option within the current UNRAID user interface to change the port. (An useless attempt to begin with, I think). As I still am still blind to what my >router< DNS has been provisioned with... 8.8.4.4 or 1.1.1.1 I would prefer the ISP hub I'm connected to right now for locking me out of my property and with malice intent in changing my router IP user interface and all the malware downloaded onto my equipment. Rant over, man I got my hands full
  15. Thank you, that is very important to know, as I was not aware of some more critical limitations. Right headless, ssh remote and external VMs. I was wondering why, there was no way to change the default browser. Being greyed out and always on for default, although in the CA there is a Brave browser there? Rack this one up for the newbie, this was the point of this UNRAID...Command behind the firewalls, DMZ and disposable VMs on the lines... Except didn't make it that far, my ISP Mediacom enemy behind the line stab in the back "special" [provisioning] on the router. Any one heard of this new layer to, Mediacom stupid S#!T to keep customers from using their own equipment? Thanks jonathanm Thank you, mgutt Buttoning that 22 down in favor of wireguard
  16. Trurl is smelling the bacon of customers equipment and the additional rental fee equipment... we are on the same page, why I have found the source of the problem of finding >my dilly swinging in the wild< Again look below The router has been [provisioned] by the ISP for ease of hook up. what info is the gateway, DNS, ect. As most people wouldn't have a clue, so any call to customer service is them resetting the router and [provisioning] that information into the router to avoid being manually entered, right? Except the capt. overlooked obvious a few are capable of doing this on a server...right? Again to repeat myself, if it wasn't clear. Why would I be outside the LAN on the bare metal setup of a newly purchased UNRAID complicated by avoiding a new cable install that does not include the ISP equipment? To discover something about the equipment I am familiar with, not Media-Com "special [provisioning]" of the router that changed the base manufacture settings of the router and >192.168.0.1 is now not accessible, right?< All I can do right now is have a very strong root password on the U(been)RAID...and do a personnel drive by to hunt down an installer. To ascertain his work order procedure as customer service appears not to be willing to give customers access to the router! Yet they can reset it, right? What happens to the SSID for the wireless after a customer service reset of a router? back to what admin admin or admin password? What mitigations have >the blue team< done? Obliviously this router has an external off switch and off that vector of attack goes... By the way having "root" is still a poor choice for an administrator privileged account, where are the port scanners going? to the root? What did they find? Another security weakness in Firefox cached link saved in the grab and dash after the port scan provided some information
  17. Thank you, we are correct, the port scanners in most probability will not stop this activity on the internet. What mitigations I have done, was to change the blank password to a real password. Yes you are correct the necessity for networking, the opening limited port access. Right now I'm not interested in that, in the context that all my ports are open. Yes I have attempted to firewall up and block ports. We are on the same page. To answer the question "If you don't want those attacks, why is your server directly connected to the internet?" Back to [>MediaCom Cable<], IP facing gateway. In Dec FCC laid down a ruling allowing customers to hook up routers and cut the "rental fee" off the bill from any IP provider. No matter what manufacture of the router, the manufacturer provides the firmware to whatever IP provider. The cable router is hooked up with the "cm Mac" address. Whatever IP provider [provisions] the router with the info cleared by the linux code writers. Long story short MediaCom has blocked access ie(192.168.0.1) to even get back inside "my property" >the router< I have already contacted mediacom about the core issue of why I am open to the internet [because i now do not have access into my router to see if the firewall is up and block ports]
  18. Mar 17 09:22:48 Dell sshd[21859]: Connection from 81.161.63.103 port 9174 on 173.25.218.106 port 22 rdomain "is now posted" on the web, "use any search engine," (not by me). Mar 17 10:06:06 Dell sshd[30866]: Connection from 178.62.214.52 port 39540 on 173.25.218.106 port 22 rdomain "" Mar 17 10:06:06 Dell sshd[30866]: error: kex_exchange_identification: Connection closed by remote host Mar 17 10:06:06 Dell sshd[30866]: Connection closed by 178.62.214.52 port 39540 Observing the above Method of Operation above... U(been)RAID exclusivity to use FireFox gives the port scanning bots something useful...information. What is this information? Appears to be this "HOT POST" 178.62.214.52
  19. The activity on my end has now been Redir3cted traffic to this post..."ITS A HOT POST" This is now a direct link past your forum firewalls... Thank you, I have had my hands full at the moment, I Am On The Blue Team! The successful breaches that get past U(been)RAID ignorance to use "root" as the unchangeable default. The outside attempts to breach the 55,000 open ports on my end... "The Router" [more on this a bit later >Media-Com Cable< ] Port scanning for the obvious admin, root, tech, admin1, ect. The more determined hackers that latch on a port and discover unraid default user name "root" get a present, as in a capture ">unraid very unsecured use of Firefox<"of information. then they leave me alone with this redirect to here... WHY is the ability to change taken away by U(been)RAID to "only use Firefox?" I would rather use >brave browser< or TOR directly Mar 17 09:22:48 Dell sshd[21859]: Connection from 81.161.63.103 port 9174 on 173.25.218.106 port 22 rdomain "" Check your server for 81.161.163.103 thats not me im the other one > port 9174 on 173.25.218.106 port 22 rdomain < Thanks trurl, the old usage, customer service tactic [deflection] away from the core issue, towards wireguard is useless. Why would I need to open up any more vectors of security breaches, U(been)RAID lack of security has done well enough without another, right? Back to [>MediaCom Cable<], IP facing gateway. In Dec FCC laid down a ruling allowing customers to hook up routers and cut the "rental fee" off the bill from any IP provider. No matter what manufacture of the router, the manufacturer provides the firmware to whatever IP provider. The cable router is hooked up with the "cm Mac" address. Whatever IP provider [provisions] the router with the info cleared by the linux code writers. Long story short MediaCom has blocked access ie(192.168.0.1) to even get back inside "my property" >the router< Lets get off the dumb as XXXX blame game right now! I AM ON THE BLUE TEAM<
  20. Thank you all, for all the interest in this post about the inherent lack of security, perhaps built into U(been)RAID. I did take note of the knowledge base the GRC Shields Up provides, myself coming from the legends of the old DOS shell ported into the operating system "not to be named". Well frustrated with the "now not to be named" OS, only uselessness to be used within a sandboxie VM. Time has come to embrace Linux and build upon the Basic retraining language skill-set Arch, Kali and Garuda truly offers... Wow I I have let my guard down and become lazily accustom to the GUI. https://www.localcdn.org/ https://www.localcdn.org/test/check ,<link is a fine tool as well that expands upon the GRC Shills UP. From the base U(been)RAID install fails in all the simplest security tests, leaving fresh installs dillies swinging in the wild unlike Garuda, Tails, Qubes built in attention to security baked in without extensive configuration recompiling.
  21. I don't know, I just bought this and installed a few hours ago. I'm a bit behind the learning curve and found my dilly swinging in the wild. Only thing I had time to do is reduce the deny thresholds to 1 in denyhost. The one swinging the [ pam unix ]was getting through... Being new I couldn't even log into my router to see if the fire wall was up and I misplaced my switch info that is between Unraid and the router. I pulled the plug on the outside and looked at the system log... to find a big hot mess and 4 usb not connected go offline. The keyboard was stuck on machine gun fire preventing the mouse click to stop the array or safely shut down. Thanks for being here, what ever that pam unix is had me pegged appears using several vm incidences and hops. All for a fresh install with nothing on it, and a ton of failed password attempts...on a blank password, facepalm
  22. In less than twelve hours purchasing and installing Unraid Pro, more than 300+ successful "root" login [preauth] attempts using sshd, ssh2, telnet, [ pam_unix ] < that ignore Denyhost v 2.6 blocking. Does Unraid have any protection at all or is all the ports wide open for U(been)Raid? Let's put ARCH UNRAID back into this U(been)RAID Sshd 116.98.167.66 port 41236 on 173.25.218.106 port 22 rdomain 173.25.113.8 client.mchsi.com FOR root 171.240.196.230 ssh2 221.181.185.151 ssh2 221.181.185.19 ssh2 user=root 221.181.185.140 on 173.25.218.106 221.181.185.220 103.70.155.156 telnet 98.182.170.20 telnet 124.13.77.214 192.241.217.209 222.187.239.31 176.213.59.129
  23. Why is the Unraid default "root" user account always the target after a successful ssh2 port scanning holes entries? I would think an easy attempt to try the empty defaulted enter key would be easy enough? Facepalm, several every minute of failed password attempts from Asia isp. Hahaha...not so funny within hours after the purchase of pro key and downloading community apps and dockers.