Date: Sun, 1 Oct 2017 17:26:37 +0200 From: Matthias Apitz <guru@unixarea.de> To: freebsd-questions@freebsd.org Subject: Re: help - under attack Message-ID: <20171001152637.GA60730@c720-r314251> In-Reply-To: <59D10736.2070504@gmail.com> References: <59D10736.2070504@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--17pEHd4RhPHOinZp Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable El d=C3=ADa domingo, octubre 01, 2017 a las 11:18:14a. m. -0400, Ernie Luza= r escribi=C3=B3: > Hello list; >=20 > Installed 11.1 from scratch and after about 2-3 weeks I finally got=20 > around to inspecting the /var/logs. I have never seen the auth.log file= =20 > roll over before, so this peaked my interest. It was full of failed=20 > login attempts. My firewall blocks all inbound traffic, so I am very=20 > baffled be what I see in the log. Any suggestions on how this can be=20 > happening? >=20 > Sep 29 03:09:14 fbsd sshd[33675]: Connection closed by 149.202.179.216=20 > port 48876 [preauth] > ... If you have a firewall (about which you have not said anything), how can SYN-SYN-ACK happen on port 22? matthias --=20 Matthias Apitz, =E2=9C=89 guru@unixarea.de, =E2=8C=82 http://www.unixarea.d= e/ =E2=98=8E +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub 8. Mai 1945: Wer nicht feiert hat den Krieg verloren. 8 de mayo de 1945: Quien no festeja perdi=C3=B3 la Guerra. May 8, 1945: Who does not celebrate lost the War. --17pEHd4RhPHOinZp Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEXmn7rBYYViyzy/vBR8z35Hb+nREFAlnRCSoACgkQR8z35Hb+ nRHP6w/9G92xPvBe3xAlEuNWwetU17PD4ASJhyVqvzfEBNfUNPq2n/5ZJ/KJB7VA x7M9VmtZidAEG9ueTLU8p5s6xWd5IQmCD1CTM9DGx9mHSj1Uh2HxiJxCW95BuIWH JkaeaCVLWyuvuQl5vzmXdm+ZfaCr/o54GtdQ7QdNKbeGwyPP9rHuWw+FTkwRDqsD s2D4Mx5c12y0aJBRNGNRpuY4+H4GIwxCH1rW+niiDMY7nA54kEgdOyOHd0KdDdhA SzK0RWk3rzyuc9B7BtKh0svExUnZ8h1RQGXXPnf7/30q2LMEA5Oy4U5v4sCOyOa8 6SXX6rOxpmqk/zubJM7BUCQSxdLPnIUM1evTMx6tUFnAxIcBb4SSGloPN3BOAQMK w2TKhpSr47NJx/yFTwbcapvt8PZCoIcM0mn3u3b4tTnEiZMqyM8RP6zJd2g9PVR3 vLXzagKt9R/zDEzb3h1WGfBB1pA78YCd3hSE+zM5KPWWvLRZtQQbynPex+m4xShW roA61/NB4FWpjpkwYB1hj+kYaKJBCE9xToD+485YDJMOjJF8AF8C7cVJKWtH+QX8 qGNBqQxNF1bppGCvoHYFvP/a+VRJZ+9rK1WW9HIioReoYU53xp1wOB8hn2cN4P/j XwzkAZKoDvaVIgdJWtY6ifAHTe68MMvRa9Va80qYxoRXemNNOXE= =2vrJ -----END PGP SIGNATURE----- --17pEHd4RhPHOinZp--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171001152637.GA60730>