Date: Sun, 12 Feb 2006 11:41:17 +0100 From: lars <lars@gmx.at> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: incorrect logins Message-ID: <43EF10CD.6090003@gmx.at> In-Reply-To: <1139736497.17153.14.camel@lmail.bathnetworks.co.uk> References: <1059667590.20060212073915@mail333.com> <1139736497.17153.14.camel@lmail.bathnetworks.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Slade wrote: > On Sun, 2006-02-12 at 04:39, Playnet wrote: >> Hello FreeBSD, >> >> I see many records as >> Feb 10 21:08:55 sstand sshd[84600]: Failed password for root from 61.218.130.20 port 46356 ssh2 >> >> How can i block these IP, who try "root" as login? >> Have any soft in ports? > > In the default setup of SSH, root login is disabled. Check the manual > for ssh. > > As for blocking Ips check hosts_deny and hosts_allow. > > I would recommend that you block the ssh port at you firewall for stop > remote logons via ssh etc. > > Rob Either you 1 configure SSH to only allow logins from certain hostnames or IP addresses or for certain users, and/or 2 install a program to watch your logfiles and modify your firewall rules dynamically according to specified triggers, like /usr/ports/security/denyhosts, and/or 3 choose strong passwords or -phrases and not care
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43EF10CD.6090003>