Probleme cu oscam

**daradici** · 05-03-11, 22:13

In momentul in care fiecare log vine cu username diferit este vorba de un atac. Asa se procedeaza cu programele care incearca sa descopere userii si parolele. Sansele sa gaseasca doua perechi sint mai mari decat ne putem inchipui, sint programe specializate pentru asa ceva. De aceea am intrebat mai jos daca exista vre-un settings in oscam care sa baneze acel IP catre serever, pentru ca e momentul sa iei masuri ! Sau vezi daca ai posibilitatea in router sa nu lasi sa intre nimic din directia acelui IP.
O alta posibilitate (de moment) ar fi sa-ti schimbi portul (si de ce nu si deskey !!!), dar faza cu schimbatul portului nu e o problema prea mare pentru cineva care incearca sa fure date de la tine.

Totusi cred ca singura posibilitate in asemenea cazuri ar fi filtrarea acelui IP, nu am idee de unde nu ma pricep prea mult la minunile de pe retele. Poate cineva care se pricepe va citi aceste randuri si ne va deschide ochii si noua.

Bafta la teste !

**SuperSonic** · 05-03-11, 22:15

Pe forum nu se pun i.p.-uri de asta a fost modificat. Am primit PM de la un user ca si el primeste atacuri la server de pe acelasi ip, totusi nu cred ca e o idee buna expunerea pe forum de ip-uri.

**daradici** · 05-03-11, 22:18

In asemenea cazuri cred ca ar fi mai indicat sa vada toata lumea acel IP sa se fereasca de asemenea probleme.

**delta2k2** · 05-03-11, 22:35

Cate persoane au primit acele atacuri/cereri de la IP-ul respectiv ?

Daca problema persista si sunt mai multi useri "atacati" , cred ca ar trebui afisat IP-ul.

Totusi ... deocamdata ar fi indicat sa folositi PM-ul.

**daradici** · 05-03-11, 23:02

Rezolvarea se pare ca este in oscam.user

failban = 0|2|4
mask for IP based blocking:

0 = ignore (default)
2 = block IP of a disabled account on connecting
4 = block IP of a sleeping account while sleeping comes up

http://streamboard.gmc.to/svn/oscam/...oscam.user.txt

Daca ai reusit sa scapi de intrus sa ne anunti si pe noi, in caz de asemenea probleme sa stie lumea cum sa reactioneze.

Bafta la teste !

**qwess** · 05-03-11, 23:09

Cred ca acela se refera strict pe userul curent, si cred ca pentru astfel de probleme rezolvarea se afla in oscam.conf
http://streamboard.gmc.to/wiki/index...nf#failbantime
si
http://streamboard.gmc.to/wiki/index...f#failbancount

o sa testam si aflam!

**daradici** · 05-03-11, 23:38

S-a gasit solutia !
In oscam.conf se pune asa:

Failbancount = 0
failbantime = 5

In acest caz orice login nereusit o sa aiba IP-ul banat timp de 5 minute in acest caz. Am testat cu un login fals de pe pc si a aparut IP-ul PC-ului in webinfo la failban si timpul care se scurge pana se ridica ban-ul pe acest IP .

Bafta la teste !

**qwess** · 06-03-11, 00:06

confirm, e "scos", nu definitiv, dar solutia e buna pentru cei ce nu pot bloca ip direct din router, sau pentru atacuri de pe ip-uri dinamice.

**daradici** · 06-03-11, 00:09

Timpul poti sa-l maresti, de ex: 60 de minute, sau si mai mult, dar zic ca e suficient ca 5 minute sa fie pus pe "mute".

La o incercare la 60 minute i-i va lua zece secole sa-ti sparga parolele !

Bafta la teste !

**qwess** · 06-03-11, 01:12

asta da, dar pentru teste am apelat la 1 min "pauza" in 2 cicluri plus restart oscam...

apropo:
daradici has exceeded their stored private messages quota and cannot accept further messages until they clear some space.

am zis eu ca e al queda, acum ti-au "blocat" si casuta

**de asta e bine ca fiecare sa-si securizeze webif-urile, evitarea de screen-uri cu liste server, schimbarea user/pass din default, e de ajuns o "poza" si te trezesti cu ditamai traficul in cazul fericit.

---------- Post added 06-03-11 at 00:12 ---------- Previous post was 05-03-11 at 23:14 ----------

dnd plecat in vacanta!

Failbancount = 0
failbantime = 14zile

left ban time Action
13d 23:59:54

<glumesc!>

**laleauaneagra** · 06-03-11, 02:22

referitor la acel ip nu e inregistrat aici pe forum,doar ca e de romtelecom

**stargate** · 06-03-11, 08:23

care aveti atacuri ori unul dintre partenerii vostrii a dat linia voastra si altcuiva ori el o foloseste in doua buxuri in locatii diferite sau una dintre liniile date la schimb a ajuns publica ... de curiosi dati o cautare pe google cu hostul vostru si vedeti ce rezultate aveti .

**daradici** · 06-03-11, 11:28

aici a fost vorba de un caz mai special, acelasi IP incerca sa se logheze cu username diferit la fiecare login.

**saulescu** · 06-03-11, 13:37

Salut! Cine ma poate ajuta si pe mine dintre cei care au postat mai inainte{ vad ca au experienta in oscam} sa pot porni Oscamul pe un IPBox 910 cu un card jijel 1880 galben.De 2 saptamani si nu reusesc. daumai jos configurile:

# oscam.server generated automatically by Streamboard OSCAM 1.00-svn build #3176
# Read more: http://streamboard.gmc.to/oscam/brow...cam.server.txt

[reader]
label = DIGI
enable = 1
protocol = internal
device = /dev/sci0
services =
smargopatch = 1
rsakey = xxxxxx
boxkey = xxxxxx
detect = cd
mhz = 357
cardmhz = 357
caid = 1880
ident = 1880:000000,002011,002111,002113
group = 1
emmcache = 1,3,2
ecmcache = 1
lb_weight = 400
audisabled = 1
auprovid = 001880

[account]
user = local
pwd = local
group = 1
betatunnel = 1833.FFFF:1702,1834.FFFF:1722
chid = 0604:000014,000069,0000F4,0000F5,0000FA

[account]
User = local
HostName = local
Group = 1
AU = Digi

[global]
Nice = 1
logfile = /tmp/oscam.log
disablelog = 0
disableuserfile = 1
preferlocalcards = 1
saveinithistory = 1
lb_mode = 1
lb_save = 100
lb_nfb_readers = 3

[monitor]
port = 989
nocrypt = 127.0.0.1,192.168.1.1-192.168.1.255 #<-pui reteaua ta aici
aulow = 30
hideclient_to = 0
monlevel = 4
appendchaninfo = 1

[newcamd]
key = 0102030405060708091011121314
port = 12000@1880:002011,000000,002111

[cs357x]
Port = 12000
SuppressCMD08 = 1

[dvbapi]
enabled = 1
au = 1
boxtype = ufs910
user = local
pmt_mode = 1
priority =
ignore =
cw_delay =

[webif]
httpport = 8888
httpuser = root
httppwd = relook
httpcss = /var/keys/blue2.css
httptpl =
httpscript =
httprefresh = 5
httpallowed = 127.0.0.1,192.168.1.1-192.168.1.255 # <- pui reteaua ta aici
httpdyndns =
httphideidleclients = 0
httpreadonly = 0

[global]
Nice = 1
logfile = /tmp/oscam.log
disablelog = 0
disableuserfile = 1
preferlocalcards = 1
saveinithistory = 1
lb_mode = 1
lb_save = 100
lb_nfb_readers = 3

[monitor]
port = 989
nocrypt = 127.0.0.1,192.168.1.1-192.168.1.255 #<-pui reteaua ta aici
aulow = 30
hideclient_to = 0
monlevel = 4
appendchaninfo = 1

[newcamd]
key = 0102030405060708091011121314
port = 12000@1880:002011,000000,002111

[cs357x]
Port = 12000
SuppressCMD08 = 1

[dvbapi]
enabled = 1
au = 1
boxtype = ufs910
user = local
pmt_mode = 1
priority =
ignore =
cw_delay =

[webif]
httpport = 8888
httpuser = root
httppwd = relook
httpcss = /var/keys/blue2.css
httptpl =
httpscript =
httprefresh = 5
httpallowed = 127.0.0.1,192.168.1.1-192.168.1.255 # <- pui reteaua ta aici
httpdyndns =
httphideidleclients = 0
httpreadonly = 0

oscam.log

2011/03/06 8:56:36 295737D0 s max. logsize=unlimited
2011/03/06 8:56:36 295737D0 s client timeout=5000 ms, fallback timeout=2500 ms, cache delay=0 ms
2011/03/06 8:56:36 295737D0 s auth size=4972
2011/03/06 8:56:36 295737D0 s services reloaded: 0 services freed, 14 services loaded
2011/03/06 8:56:36 295737D0 s userdb reloaded: 5 accounts loaded, 0 expired, 0 disabled
2011/03/06 8:56:36 295737D0 s signal handling initialized (type=sysv)
2011/03/06 8:56:36 295737D0 s 359 service-id's loaded
2011/03/06 8:56:36 295737D0 s can't open file "/var/keys/oscam.tiers" (err=2), no tier-id's loaded
2011/03/06 8:56:36 295737D0 s can't open file "/var/keys/oscam.provid" (err=2), no provids's loaded
2011/03/06 8:56:36 295737D0 s can't open file "/var/keys/oscam.ird" (errno=2) irdeto guessing not loaded
2011/03/06 8:56:36 295737D0 s monitor: initialized (fd=6, port=989)
2011/03/06 8:56:36 295737D0 s camd33: disabled
2011/03/06 8:56:36 295737D0 s camd35: initialized (fd=7, port=12000)
2011/03/06 8:56:36 295737D0 s cs378x: disabled
2011/03/06 8:56:36 295737D0 s newcamd: initialized (fd=8, port=12000, crypted)
2011/03/06 8:56:36 295737D0 s CAID: 1880
2011/03/06 8:56:36 295737D0 s provid #0: 002011
2011/03/06 8:56:36 295737D0 s provid #1: 000000
2011/03/06 8:56:36 295737D0 s provid #2: 002111
2011/03/06 8:56:36 295737D0 s cccam: disabled
2011/03/06 8:56:36 295737D0 s radegast: disabled
2011/03/06 8:56:36 295737D0 s http thread started
2011/03/06 8:56:36 295737D0 s creating thread for device /dev/sci0
2011/03/06 8:56:36 2A74B4E8 h HTTP Server listening on port 8888
2011/03/06 8:56:36 295737D0 s loadbalancer: can't read from file /tmp/.oscam/stat
2011/03/06 8:56:36 295737D0 s waiting for local card init
2011/03/06 8:56:36 2AF4B4E8 r reader thread started (thread=2AF4B4E8, label=digi, device=/dev/sci0, detect=cd, mhz=357, cardmhz=357)
2011/03/06 8:56:36 2AF4B4E8 r digi card detected
2011/03/06 8:58:37 2AF4B4E8 r Error activating card.
2011/03/06 9:00:38 2AF4B4E8 r Error activating card.
2011/03/06 9:02:40 2AF4B4E8 r Error activating card.
2011/03/06 9:02:40 2AF4B4E8 r card initializing error
2011/03/06 9:02:40 295737D0 s init for all local cards done
2011/03/06 9:02:40 295737D0 s anti cascading disabled
2011/03/06 9:02:40 2B7634E8 c plain dvbapi-client granted (local, au=off)
2011/03/06 9:02:40 2B7634E8 c dvbapi: can't open priority file /var/keys/oscam.dvbapi
2011/03/06 9:02:41 2B7634E8 c dvbapi: [ADD PID 0] CAID: 1802 ECM_PID: 13E6 PROVID: 000000
2011/03/06 9:02:41 2B7634E8 c dvbapi: [ADD PID 1] CAID: 1880 ECM_PID: 13E7 PROVID: 000000
2011/03/06 9:02:41 2B7634E8 c dvbapi: new program number: 04A1 (Antena 2)
2011/03/06 9:02:41 2B7634E8 c local (1802&000000/04A1/92:F6BC): rejected group (0 ms) (of 0 avail 0) - Antena 2 (no matching reader)
2011/03/06 9:02:41 2B7634E8 c dvbapi: try pids again #1
2011/03/06 9:02:41 2B7634E8 c local (1880&000000/04A1/89:BA7D): rejected group (0 ms) (of 0 avail 0) - Antena 2 (no matching reader)
2011/03/06 9:02:41 2B7634E8 c local (1802&000000/04A1/92:F6BC): rejected group (0 ms) (of 0 avail 0) - Antena 2 (no matching reader)
2011/03/06 9:02:41 2B7634E8 c dvbapi: try pids again #2
2011/03/06 9:02:41 2B7634E8 c local (1880&000000/04A1/89:BA7D): rejected group (0 ms) (of 0 avail 0) - Antena 2 (no matching reader)
2011/03/06 9:02:41 2B7634E8 c local (1802&000000/04A1/92:F6BC): rejected group (0 ms) (of 0 avail 0) - Antena 2 (no matching reader)
2011/03/06 9:02:42 2B7634E8 c dvbapi: try pids again #3
2011/03/06 9:02:42 2B7634E8 c dvbapi: can't decode channel
2011/03/06 9:02:42 2B7634E8 c local (1880&000000/04A1/89:BA7D): rejected group (0 ms) (of 0 avail 0) - Antena 2 (no matching reader)

-------------------------------------------------------------------------------
>> OSCam << cardserver started at Sun Mar 6 09:28:02 2011
-------------------------------------------------------------------------------
2011/03/06 9:28:02 295737D0 s >> OSCam << cardserver started version 1.00-unstable_svn, build #4744 (sh4-amino-linux)
2011/03/06 9:28:02 295737D0 s version=1.00-unstable_svn, build #4744, system=sh4-amino-linux, nice=1
2011/03/06 9:28:02 295737D0 s client max. idle=120 sec, debug level=0
2011/03/06 9:28:02 295737D0 s max. logsize=102400 Kb
2011/03/06 9:28:02 295737D0 s client timeout=5000 ms, fallback timeout=2000 ms, cache delay=150 ms
2011/03/06 9:28:02 295737D0 s auth size=4972
2011/03/06 9:28:02 295737D0 s services reloaded: 0 services freed, 14 services loaded
2011/03/06 9:28:02 295737D0 s userdb reloaded: 4 accounts loaded, 0 expired, 0 disabled
2011/03/06 9:28:02 295737D0 s signal handling initialized (type=sysv)
2011/03/06 9:28:02 295737D0 s 359 service-id's loaded
2011/03/06 9:28:02 295737D0 s can't open file "/var/keys/oscam.tiers" (err=2), no tier-id's loaded
2011/03/06 9:28:02 295737D0 s can't open file "/var/keys/oscam.provid" (err=2), no provids's loaded
2011/03/06 9:28:02 295737D0 s can't open file "/var/keys/oscam.ird" (errno=2) irdeto guessing not loaded
2011/03/06 9:28:02 295737D0 s monitor: initialized (fd=6, port=989)
2011/03/06 9:28:02 295737D0 s camd33: disabled
2011/03/06 9:28:02 295737D0 s camd35: initialized (fd=7, port=12000)
2011/03/06 9:28:02 295737D0 s cs378x: disabled
2011/03/06 9:28:02 295737D0 s newcamd: initialized (fd=8, port=12000, crypted)
2011/03/06 9:28:02 295737D0 s CAID: 1880
2011/03/06 9:28:02 295737D0 s provid #0: 002011
2011/03/06 9:28:02 295737D0 s provid #1: 000000
2011/03/06 9:28:02 295737D0 s provid #2: 002111
2011/03/06 9:28:02 295737D0 s cccam: disabled
2011/03/06 9:28:02 295737D0 s radegast: disabled
2011/03/06 9:28:02 295737D0 s http thread started
2011/03/06 9:28:02 295737D0 s creating thread for device /dev/sci0
2011/03/06 9:28:02 295737D0 s loadbalancer: can't read from file /tmp/.oscam/stat
2011/03/06 9:28:02 295737D0 s waiting for local card init
2011/03/06 9:28:02 2A74B4E8 h HTTP Server listening on port 8888
2011/03/06 9:28:02 2AF4B4E8 r reader thread started (thread=2AF4B4E8, label=digi, device=/dev/sci0, detect=cd, mhz=357, cardmhz=357)
2011/03/06 9:28:02 2AF4B4E8 r digi card detected
2011/03/06 9:30:03 2AF4B4E8 r Error activating card.
2011/03/06 9:32:05 2AF4B4E8 r Error activating card.
2011/03/06 9:34:06 2AF4B4E8 r Error activating card.
2011/03/06 9:34:07 2AF4B4E8 r card initializing error
2011/03/06 9:34:07 295737D0 s init for all local cards done
2011/03/06 9:34:07 295737D0 s anti cascading disabled
2011/03/06 9:34:07 2B7634E8 c plain dvbapi-client granted (local, au=on (1 reader))
2011/03/06 9:34:07 2B7634E8 c dvbapi: can't open priority file /var/keys/oscam.dvbapi
2011/03/06 9:34:08 2B7634E8 c dvbapi: [ADD PID 0] CAID: 1802 ECM_PID: 1036 PROVID: 000000
2011/03/06 9:34:08 2B7634E8 c dvbapi: [ADD PID 1] CAID: 1880 ECM_PID: 1037 PROVID: 000000
2011/03/06 9:34:08 2B7634E8 c dvbapi: new program number: 03EB (Antena 1)
2011/03/06 9:34:08 2B7634E8 c local (1802&000000/03EB/92:0152): rejected caid (160 ms) (of 0 avail 0) - Antena 1 (invalid caid 1802)
2011/03/06 9:34:09 2B7634E8 c dvbapi: try pids again #1
2011/03/06 9:34:09 2B7634E8 c local (1880&000000/03EB/89:0C6D): rejected group (160 ms) (of 0 avail 0) - Antena 1 (no matching reader)
2011/03/06 9:34:09 2B7634E8 c local (1802&000000/03EB/92:0152): rejected caid (160 ms) (of 0 avail 0) - Antena 1 (invalid caid 1802)
2011/03/06 9:34:09 2B7634E8 c dvbapi: try pids again #2
2011/03/06 9:34:09 2B7634E8 c local (1880&000000/03EB/89:0C6D): rejected group (160 ms) (of 0 avail 0) - Antena 1 (no matching reader)
2011/03/06 9:34:09 2B7634E8 c local (1802&000000/03EB/92:0152): rejected caid (160 ms) (of 0 avail 0) - Antena 1 (invalid caid 1802)
2011/03/06 9:34:09 2B7634E8 c dvbapi: try pids again #3
2011/03/06 9:34:09 2B7634E8 c dvbapi: can't decode channel
2011/03/06 9:34:09 2B7634E8 c local (1880&000000/03EB/89:0C6D): rejected group (160 ms) (of 0 avail 0) - Antena 1 (no matching reader)

-------------------------------------------------------------------------------
>> OSCam << cardserver started at Sun Mar 6 09:57:45 2011
-------------------------------------------------------------------------------
2011/03/06 9:57:45 295737D0 s >> OSCam << cardserver started version 1.00-unstable_svn, build #4744 (sh4-amino-linux)
2011/03/06 9:57:45 295737D0 s version=1.00-unstable_svn, build #4744, system=sh4-amino-linux, nice=1
2011/03/06 9:57:45 295737D0 s client max. idle=120 sec, debug level=0
2011/03/06 9:57:45 295737D0 s max. logsize=unlimited
2011/03/06 9:57:45 295737D0 s client timeout=5000 ms, fallback timeout=2500 ms, cache delay=0 ms
2011/03/06 9:57:45 295737D0 s auth size=4972
2011/03/06 9:57:45 295737D0 s services reloaded: 0 services freed, 14 services loaded
2011/03/06 9:57:45 295737D0 s userdb reloaded: 5 accounts loaded, 0 expired, 0 disabled
2011/03/06 9:57:45 295737D0 s signal handling initialized (type=sysv)
2011/03/06 9:57:45 295737D0 s 359 service-id's loaded
2011/03/06 9:57:45 295737D0 s can't open file "/var/keys/oscam.tiers" (err=2), no tier-id's loaded
2011/03/06 9:57:45 295737D0 s can't open file "/var/keys/oscam.provid" (err=2), no provids's loaded
2011/03/06 9:57:45 295737D0 s can't open file "/var/keys/oscam.ird" (errno=2) irdeto guessing not loaded
2011/03/06 9:57:45 295737D0 s monitor: initialized (fd=6, port=989)
2011/03/06 9:57:45 295737D0 s camd33: disabled
2011/03/06 9:57:45 295737D0 s camd35: initialized (fd=7, port=12000)
2011/03/06 9:57:45 295737D0 s cs378x: disabled
2011/03/06 9:57:45 295737D0 s newcamd: initialized (fd=8, port=12000, crypted)
2011/03/06 9:57:45 295737D0 s CAID: 1880
2011/03/06 9:57:45 295737D0 s provid #0: 002011
2011/03/06 9:57:45 295737D0 s provid #1: 000000
2011/03/06 9:57:45 295737D0 s provid #2: 002111
2011/03/06 9:57:45 295737D0 s cccam: disabled
2011/03/06 9:57:45 295737D0 s radegast: disabled
2011/03/06 9:57:45 295737D0 s http thread started
2011/03/06 9:57:45 295737D0 s creating thread for device /dev/sci0
2011/03/06 9:57:45 2A74B4E8 h HTTP Server listening on port 8888
2011/03/06 9:57:45 295737D0 s loadbalancer: can't read from file /tmp/.oscam/stat
2011/03/06 9:57:45 295737D0 s waiting for local card init
2011/03/06 9:57:45 2AF4B4E8 r reader thread started (thread=2AF4B4E8, label=digi, device=/dev/sci0, detect=cd, mhz=357, cardmhz=357)
2011/03/06 9:57:45 2AF4B4E8 r digi card detected
2011/03/06 9:59:46 2AF4B4E8 r Error activating card.
2011/03/06 10:00:47 2A74B4E8 h Refresh Reader/Tiers requested by WebIF from 192.168.1.5
2011/03/06 10:01:36 2A74B4E8 h Refresh Reader/Tiers requested by WebIF from 192.168.1.5
2011/03/06 10:01:47 2AF4B4E8 r Error activating card.
2011/03/06 10:03:49 2AF4B4E8 r Error activating card.
2011/03/06 10:03:49 2AF4B4E8 r card initializing error
2011/03/06 10:03:49 295737D0 s init for all local cards done
2011/03/06 10:03:49 295737D0 s anti cascading disabled
2011/03/06 10:03:49 2B7634E8 c plain dvbapi-client granted (local, au=off)
2011/03/06 10:03:49 2B7634E8 c dvbapi: can't open priority file /var/keys/oscam.dvbapi
2011/03/06 10:03:50 2B7634E8 c dvbapi: [ADD PID 0] CAID: 1802 ECM_PID: 1036 PROVID: 000000
2011/03/06 10:03:50 2B7634E8 c dvbapi: [ADD PID 1] CAID: 1880 ECM_PID: 1037 PROVID: 000000
2011/03/06 10:03:50 2B7634E8 c dvbapi: new program number: 03EB (Antena 1)
2011/03/06 10:03:50 2B7634E8 c local (1802&000000/03EB/92:3EBD): rejected group (0 ms) (of 0 avail 0) - Antena 1 (no matching reader)
2011/03/06 10:03:50 2B7634E8 c dvbapi: try pids again #1
2011/03/06 10:03:50 2B7634E8 c local (1880&000000/03EB/89:64AE): rejected group (1 ms) (of 0 avail 0) - Antena 1 (no matching reader)
2011/03/06 10:03:50 2B7634E8 c local (1802&000000/03EB/92:2815): rejected group (0 ms) (of 0 avail 0) - Antena 1 (no matching reader)
2011/03/06 10:03:51 2B7634E8 c dvbapi: try pids again #2
2011/03/06 10:03:51 2B7634E8 c local (1880&000000/03EB/89:64AE): rejected group (0 ms) (of 0 avail 0) - Antena 1 (no matching reader)
2011/03/06 10:03:51 2B7634E8 c local (1802&000000/03EB/92:2815): rejected group (0 ms) (of 0 avail 0) - Antena 1 (no matching reader)
2011/03/06 10:03:51 2B7634E8 c dvbapi: try pids again #3
2011/03/06 10:03:51 2B7634E8 c dvbapi: can't decode channel
2011/03/06 10:03:51 2B7634E8 c local (1880&000000/03EB/89:64AE): rejected group (0 ms) (of 0 avail 0) - Antena 1 (no matching reader)

Orice sfat e bine venit,multumesc!

**livs** · 06-03-11, 16:15

De ce "smargopatch = 1" ?
Incearca fara.

Thread: Probleme cu oscam

Thread Tools

Display

Posting Permissions