Date: Thu, 11 Aug 2005 13:28:52 -0700 (PDT) From: ann kok <annkok2001@yahoo.com> To: freebsd-questions@freebsd.org Subject: what is wrong for my ipfw? and how intruder can do it? Message-ID: <20050811202852.69489.qmail@web53315.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hi all I am using freebsd 4.11 as router and run ipfw I has ipfw rules to restrict ssh access from all interfaces eg: ipfw add 22 deny log tcp from any to x.x.x.x/32 22 The firewall rule is fine when testing from outside and can get info from /var/log/security Deny TCP x.x.x.x:20411 x.x.x.x:22 in via dc0 But I don't know that ip can bypass the ipfw firewall rule and can access the computer. Finally it was blocked by tcpwrapper. I got this from /var/log/messages Aug 09 06:10:29 firewall sshd[51057]: refused connect from x.x.x.137 (x.x.x.137) what is wrong for my ipfw? and how intruder can do it? do you have any ideas? Thank you __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050811202852.69489.qmail>