Date: Fri, 6 Aug 2004 08:26:01 -0500 From: "James A. Coulter" <jacoulter@jacoulter.net> To: freebsd-questions@freebsd.org Subject: Newbie Security Question Message-ID: <20040806132601.GA3043@sara.mshome.net>
next in thread | raw e-mail | index | archive | help
I recently got my firewall up and configured (many thanks to JJB and everyone else for their help) and have been reading the daily security message from root with a great deal of interest. My question is, when I see entries like this: Aug 5 17:55:54 sara sshd[2099]: Failed password for root from 209.120.224.13 +port 40515 ssh2 Aug 5 17:55:55 sara sshd[2101]: Failed password for root from 209.120.224.13 +port 60426 ssh2 Aug 5 17:55:55 sara sshd[2103]: Failed password for root from 209.120.224.13 +port 54447 ssh2 Aug 5 17:55:59 sara sshd[2105]: Failed password for root from 209.120.224.13 +port 44460 ssh2 is it safe to assume someone has been trying to hack my system? I did a whois search on the IP and it went to a provider in Colorado. I'm asking because I'm curious - thanks again for everyone's help. Jim C.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040806132601.GA3043>