Date: Sun, 25 Jun 2000 11:57:40 -0600 From: "Jamie Hermans" <freebsd@quadrhys.com> To: "'Mike'" <mike@mikesweb.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: RE: telnet log? Message-ID: <000001bfdece$db229850$0a45a8c0@quadrhys.com> In-Reply-To: <4.3.1.2.20000625134256.00b07980@mail.mikesweb.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I use the firewall logging rules (I assume you don't actually have telnet
open, you just want to know who's knocking?)
There are probably more glorious ways of doing this ... portsentry, etc.
Mine works for me ;-)
/etc/rc.firewall
-----
/sbin/ipfw add deny log tcp from any to {your.ip.num.here} 23 via
{interface}
/sbin/ipfw add deny log udp from any to {your.ip.num.here} 23 via
{interface}
-----
/etc/syslog.conf
-----
!ipfw
*.* /var/log/ipfw.log
-----
/usr/src/sys/i386/conf/{yourkernel}
-----
options IPFIREWALL
options IPFIREWALL_VERBOSE
-----
The resulting ipfw.log looks like: (them=1.1.1.1 me=2.2.2.2)
-----
Jun 23 11:18:48 ipfw: 300 Deny TCP 1.1.1.1:832 2.2.2.2:23 in via {interface}
Jun 23 11:18:51 ipfw: 300 Deny TCP 1.1.1.1:832 2.2.2.2:23 in via {interface}
-----
... Jamie
-----Original Message-----
From: owner-freebsd-questions@FreeBSD.ORG
[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Mike
Sent: Sunday, June 25, 2000 11:44 am
To: freebsd-questions@FreeBSD.ORG
Subject: telnet log?
Is there a log of, or a way to log any attempts to telnet into your server?
Thanks
Mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000001bfdece$db229850$0a45a8c0>