From owner-freebsd-questions@FreeBSD.ORG Tue May 9 15:14:54 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1FBE416A416 for ; Tue, 9 May 2006 15:14:54 +0000 (UTC) (envelope-from fbsd@a1poweruser.com) Received: from mta13.adelphia.net (mta13.mail.adelphia.net [68.168.78.44]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED98F43D45 for ; Tue, 9 May 2006 15:14:48 +0000 (GMT) (envelope-from fbsd@a1poweruser.com) Received: from barbish ([70.39.69.56]) by mta13.adelphia.net (InterMail vM.6.01.05.02 201-2131-123-102-20050715) with SMTP id <20060509151448.YJZD9479.mta13.adelphia.net@barbish>; Tue, 9 May 2006 11:14:48 -0400 From: "fbsd" To: "M. Goodell" , "FreeBSD Questions" Date: Tue, 9 May 2006 11:14:42 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <20060509145403.71699.qmail@web32413.mail.mud.yahoo.com> X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1478 Importance: Normal Cc: Subject: RE: System Intrustion Detection X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: fbsd@a1poweruser.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 May 2006 15:14:54 -0000 check the list archives. this subject has been beat to death many times already -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of M. Goodell Sent: Tuesday, May 09, 2006 10:54 AM To: FreeBSD Questions Subject: System Intrustion Detection More and more each day I am seeing my root emails contain hundreds of entries like this: May 8 02:23:35 warpstone sshd[26092]: Failed password for root from 222.185.245.208 port 50519 ssh2 May 8 16:37:41 warpstone ftpd[34713]: FTP LOGIN FAILED FROM 211.44.250.152, Administrator Basically, people are attemtpting to hack into my server often with a few thousands of attempts each day. What measures can I take to stop these attempts? Is there a way I can detect these attacks and automatically cut them off? Are any of the security ports effective against this? Thank you! M Goodell --------------------------------- Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low rates. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"