From owner-freebsd-questions@FreeBSD.ORG  Fri Aug 26 01:40:46 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 83D0816A41F
	for <freebsd-questions@freebsd.org>;
	Fri, 26 Aug 2005 01:40:46 +0000 (GMT)
	(envelope-from freebsd-questions@auscert.org.au)
Received: from titania.auscert.org.au (gw.auscert.org.au [203.5.112.28])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EA46443D45
	for <freebsd-questions@freebsd.org>;
	Fri, 26 Aug 2005 01:40:45 +0000 (GMT)
	(envelope-from freebsd-questions@auscert.org.au)
Received: from app.auscert.org.au (app [10.0.1.192])
	by titania.auscert.org.au (8.12.10/8.12.10) with ESMTP id
	j7Q1efqA006352; Fri, 26 Aug 2005 11:40:41 +1000 (EST)
Received: from app.auscert.org.au (localhost.auscert.org.au [127.0.0.1])
	by app.auscert.org.au (8.13.1/8.13.1) with ESMTP id j7Q1ehvA013284;
	Fri, 26 Aug 2005 11:40:43 +1000 (EST)
	(envelope-from freebsd-questions@auscert.org.au)
Message-Id: <200508260140.j7Q1ehvA013284@app.auscert.org.au>
To: freebsd-questions@freebsd.org
from: freebsd-questions@auscert.org.au
In-Reply-To: Your message of "Fri, 26 Aug 2005 00:48:11 +0200."
	<20050826004811.7d730f7c.albi@scii.nl> 
Date: Fri, 26 Aug 2005 11:40:43 +1000
Cc: "albi@scii.nl" <albi@scii.nl>
Subject: Re: Illegal access attempt - FreeBSD 5.4 Release - please advise 
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Aug 2005 01:40:46 -0000

> On Fri, 26 Aug 2005 00:24:48 +0200
> Maarten Sanders <maarfree@xs4all.nl> wrote:
> 
> > Nice suggestion, but how do I enable tcp_wrappers with sshd?
> 
> from
> http://lists.freebsd.org/pipermail/freebsd-security/2004-September/002351.htm
> l
> 
> in /usr/src/crypto/openssh/config.h
> find the line :
> /* Define if you want TCP Wrappers support */
> enable it, rebuild etc.

This is the default, so no need to rebuild - you just have to tighten up
your /etc/hosts.allow.  Instead of the default:

	ALL : ALL : allow

try (eg if you have a host 192.168.1.1):

	sshd : 192.168.1.1 : allow
	ALL : ALL : deny

joel