Date: Tue, 11 Jan 2005 00:46:06 -0600 From: artware <artware@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: Blacklisting IPs Message-ID: <fd0919510501102246646d8e52@mail.gmail.com> In-Reply-To: <41E318B2.3020108@makeworld.com> References: <20050110035717.27062.qmail@web41008.mail.yahoo.com> <fd091951050109222052228399@mail.gmail.com> <41E318B2.3020108@makeworld.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the input, everyone! Port-knocking is overkill at this point, but I did do the following things to sshd_config: Set port to non-default PermitRootLogin no LoginGraceTime 45s AllowUsers lists only one user -- me. :) I also did route -nq add -host xxx.xxx.xxx.xxx 127.0.0.1 -blackhole... I think telnet was disabled by default in the base 5.3 install... I know this attack was probably random, but the whole reason I took over as sysadmin and switched to FreeBSD is that our RHE box was being broken into almost nightly -- so I'm sensitive to security concerns. Is there anything else I should consider doing to the stock FreeBSD to fortify it? It already feels about 100 times more secure than RH... - ben
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fd0919510501102246646d8e52>