Date: Tue, 08 Feb 2005 10:13:02 -0600 From: Paul Schmehl <pauls@utdallas.edu> To: crzdgns1@starpower.net, freebsd-questions@freebsd.org Subject: Re: Newbie Security Concerns Message-ID: <C49781123B26911E1C5B1509@utd49554.utdallas.edu> In-Reply-To: <c5ead59.cb785457.81e0700@ms07.mrf.mail.rcn.net> References: <c5ead59.cb785457.81e0700@ms07.mrf.mail.rcn.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--On Tuesday, February 08, 2005 11:01:11 AM -0500 crzdgns1@starpower.net wrote: > > I am a new user of UNIX and FreeBSD and have never had to do any > administration or security configuration myself before. I am running > IP Firewall on FreeBSD-5.3-RELEASE. Last night I was checking my > logs and discovered that sshd reported many illegal users. Does > that mean my system i compromised? As configured, there are only > three accounts on my system, root, toor, and one user account for > me. I suppose you need more information from me, but am not sure > what to provide. Any help would be greatly appreciated. > In addition to the firewall, you should edit /etc/hosts.allow and only allow remote access from trusted hosts. That will completely stop the random ssh login attempts. man (5) hosts_access Paul Schmehl (pauls@utdallas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C49781123B26911E1C5B1509>