From owner-freebsd-stable@FreeBSD.ORG Fri Aug 22 00:30:54 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 671EE1065675 for ; Fri, 22 Aug 2008 00:30:54 +0000 (UTC) (envelope-from freebsd@meijome.net) Received: from sigma.octantis.com.au (ns2.octantis.com.au [207.44.189.124]) by mx1.freebsd.org (Postfix) with ESMTP id 204588FC14 for ; Fri, 22 Aug 2008 00:30:54 +0000 (UTC) (envelope-from freebsd@meijome.net) Received: (qmail 20699 invoked from network); 21 Aug 2008 19:04:13 -0500 Received: from 124-170-190-142.dyn.iinet.net.au (HELO ayiin) (124.170.190.142) by sigma.octantis.com.au with (DHE-RSA-AES128-SHA encrypted) SMTP; 21 Aug 2008 19:04:12 -0500 Date: Fri, 22 Aug 2008 10:04:08 +1000 From: Norberto Meijome To: freebsd-stable@freebsd.org Message-ID: <20080822100408.4bee3751@ayiin> In-Reply-To: <48ADCFD5.8020902@aldan.algebra.com> References: <48ADA81E.7090106@aldan.algebra.com> <20080821200309.GA19634@eos.sc1.parodius.com> <48ADCFD5.8020902@aldan.algebra.com> X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i386-portbld-freebsd7.0) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAGFBMVEX+/v7++v6YOTrq8PCcuIX989UvOSj++v0BNCbpAAAAB3RJTUUHsQwfFzs7RBhzUQAAAhJJREFUOI1dU8GOqzAMNKIoV1bvwD1i0ysqrHplIdBrVSX7ATSbd03VVvn9tQNtQy0hjAdn7LED4AAcPtWm9RV+MPSfxhBLx9ajd6X/ngB6/mTwnRSZua7i7Ca+0ctZKo4Qmz+JY13X6I3nFZBxIYW1PbgfQ5RP8g0XlltEWGf3cV03joYpRnFbvYDKbXjZlXyyhEZA4lI+cN3NaVXE4VKjSwTExO10eTEkkJVqIAD5z0nUBQJluQDRSQjcrBiHAJxZlAH5CUMBMC7OcJ4LMQNnxhZ1HYPscMc6J4UlWRMNwzOpCcAHKSICd1EDn83abdREIbXsHkD1OinP1aCUCOEVRaa1lMcvywUWdYgk13JQUpYNKmvXQ8Kw5ML9YI5h8SakctBc7E/IYuLhYd/zZIk+1gM1vNweQBvHE0j+oYah3sMqAytQYlZk6+ANaaawJdu3OFzYGMZ3iGpa3qMlq9ZH0VZTgrCtw/ngdYkEIIpSbP1bWQAdFdX9vocBdkH2qVjVmuMu3gI5rjs814EUdrCZgWlPaxZZ3RiLFUtr+ud0PXwp2dnQSNXgePt6AZpBj6UMJ7VQkzN4utVeaSW1Dhn/kblGrKeMvNGnzwX4zuEDarYz1KdPtR60Gul0Gued+515SJXhCsl+Tx/3kY/UDvicPll9mfu50t3tvQ/thZpJYgeuwdSKNJ6tCD98MCgoxLDaPxbwqqwPWaWiAAAAAElFTkSuQmCC Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: machine hangs on occasion - correlated with ssh break-in attempts X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Aug 2008 00:30:54 -0000 On Thu, 21 Aug 2008 16:28:05 -0400 Mikhail Teterin wrote: > Myself -- and the owner of the box -- travel quite a bit, ssh-ing "home" > from anywhere in the world. why not setup a SSL-based vpn ? lock everything down except the port of the vpn. try openvpn. > Although we could, I suppose, find out the > destination-country's IP-allocation and add it before leaving, that > would be quite tedious to manage... geoip attached to pf rules :P has anyone done it? But I can tell you it isn't that reliable...you want to have a way to bypass it. b _________________________ {Beto|Norberto|Numard} Meijome "Why do you sit there looking like an envelope without any address on it?" Mark Twain I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.