Date: Wed, 2 Mar 2005 10:46:59 +0300 From: "Eugene M. Minkovskii" <emin@mccme.ru> To: Stevan Tiefert <stevan@rot-1.de> Cc: freebsd-questions@freebsd.org Subject: Re: sshd Message-ID: <20050302074659.GA22958@mccme.ru> In-Reply-To: <20050302075507.P23359@mail.rot-1.de> References: <20050302075507.P23359@mail.rot-1.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 02, 2005 at 08:00:13AM +0100, Stevan Tiefert wrote: " Hello list, " " when I am watching the /var/log/auth.log I see many missed logins from " IP-addresses I never tried to login from. Am I right that they is a hacker " trying to login on my mashine, because he was using loginnames I never " created on my mashine like patrick, lydia, green, admin, and so on...? " " With regards " Stevan Tiefert It seems to you are right. If you know that you go to you mashine only from one or two IP, you can write it in your firewall. For example, if you use ipfw: ext_if=rl0 trusted_ip=1.2.3.4,3.4.2.1 ipfw add allow tcp from $trusted_ip to me ssh in recv $ext_if ipfw add allow tcp from me ssh to $trusted_ip out xmit $ext_if Or something else. " _______________________________________________ " freebsd-questions@freebsd.org mailing list " http://lists.freebsd.org/mailman/listinfo/freebsd-questions " To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- Sensory yours, Eugene Minkovskii Сенсорно ваш, Евгений Миньковский
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050302074659.GA22958>