Date: Thu, 30 Mar 2006 20:06:41 -0800 From: "jdow" <jdow@earthlink.net> To: <freebsd-questions@freebsd.org> Subject: Re: sshd BREAKIN ? Message-ID: <155301c65478$84e97960$0225a8c0@Wednesday> References: <20060331034841.1387.qmail@web35812.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
From: "Tang Ho Yim" <hoyimtang@yahoo.com>
>I got a error messages from /var/log/auth.log which is about sshd......
>
> .....sshd : reverse mapping checking getaddrinfo for core-01.148.rdcw.com failed -
> POSSIBLE BREAKIN ATTEMPT !
>
> all my sshd_config is default setting except I have change to "PasswordAuthentication
> NO , PermitEmptyPasswords NO , and ChallengeResponseAuthentication NO"
>
> Is that I am being hack ?
> last command show who is login before but it seem ok....
> What should I do ?
Somebody is trying; and, that somebody is failing. You need something
akin to "DenyHosts" (which works on tcpwrappers) or one of the other
BSD compatible tools of a roughly similar sort. I'd suggest wandering
through the list archive. In the last month or two we've been over this
before, repeatedly.
{^_^}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?155301c65478$84e97960$0225a8c0>