Date: Sun, 8 Aug 2004 00:17:28 -0500 From: "Eric Crist" <ecrist@secure-computing.net> To: "'Mike Bruce'" <mgb@orion.org.uk>, <questions@freebsd.org> Subject: RE: Hacker Scans - Advice requested Message-ID: <000701c47d07$01e674e0$6401a8c0@Nomad> In-Reply-To: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAhdeYsBRyHkSJ5HKC20bRU8KAAAAQAAAAsedKuxZVrEumlOCT326K9AEAAAAA@orion.org.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Mike Bruce > Sent: Sunday, August 08, 2004 12:16 AM > To: questions@freebsd.org > Subject: Hacker Scans - Advice requested > > > Please can you help me? > > I am getting increasingly plagued by this message in my > security log on my V4 installations of FreeBSD > > 06:48:53 mail sshd[18617]: Failed password for illegal user > admin from 210.3.4.71 port 39741 ssh2 Aug 7 > > Is there any way that this can be prevented without impairing > the services provided by the operating system. > > Many thanks > > Mike Bruce Very simple solution: create a rule to allow only traffic from known subnets. This will completely deny requests from IP addresses you're not sure of. HTH Eric F Crist
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000701c47d07$01e674e0$6401a8c0>