Date: Sun, 1 Oct 2017 17:26:37 +0200 From: Matthias Apitz <guru@unixarea.de> To: freebsd-questions@freebsd.org Subject: Re: help - under attack Message-ID: <20171001152637.GA60730@c720-r314251> In-Reply-To: <59D10736.2070504@gmail.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] El día domingo, octubre 01, 2017 a las 11:18:14a. m. -0400, Ernie Luzar escribió: > Hello list; > > Installed 11.1 from scratch and after about 2-3 weeks I finally got > around to inspecting the /var/logs. I have never seen the auth.log file > roll over before, so this peaked my interest. It was full of failed > login attempts. My firewall blocks all inbound traffic, so I am very > baffled be what I see in the log. Any suggestions on how this can be > happening? > > Sep 29 03:09:14 fbsd sshd[33675]: Connection closed by 149.202.179.216 > port 48876 [preauth] > ... If you have a firewall (about which you have not said anything), how can SYN-SYN-ACK happen on port 22? matthias -- Matthias Apitz, ✉ guru@unixarea.de, ⌂ http://www.unixarea.de/ ☎ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub 8. Mai 1945: Wer nicht feiert hat den Krieg verloren. 8 de mayo de 1945: Quien no festeja perdió la Guerra. May 8, 1945: Who does not celebrate lost the War. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEXmn7rBYYViyzy/vBR8z35Hb+nREFAlnRCSoACgkQR8z35Hb+ nRHP6w/9G92xPvBe3xAlEuNWwetU17PD4ASJhyVqvzfEBNfUNPq2n/5ZJ/KJB7VA x7M9VmtZidAEG9ueTLU8p5s6xWd5IQmCD1CTM9DGx9mHSj1Uh2HxiJxCW95BuIWH JkaeaCVLWyuvuQl5vzmXdm+ZfaCr/o54GtdQ7QdNKbeGwyPP9rHuWw+FTkwRDqsD s2D4Mx5c12y0aJBRNGNRpuY4+H4GIwxCH1rW+niiDMY7nA54kEgdOyOHd0KdDdhA SzK0RWk3rzyuc9B7BtKh0svExUnZ8h1RQGXXPnf7/30q2LMEA5Oy4U5v4sCOyOa8 6SXX6rOxpmqk/zubJM7BUCQSxdLPnIUM1evTMx6tUFnAxIcBb4SSGloPN3BOAQMK w2TKhpSr47NJx/yFTwbcapvt8PZCoIcM0mn3u3b4tTnEiZMqyM8RP6zJd2g9PVR3 vLXzagKt9R/zDEzb3h1WGfBB1pA78YCd3hSE+zM5KPWWvLRZtQQbynPex+m4xShW roA61/NB4FWpjpkwYB1hj+kYaKJBCE9xToD+485YDJMOjJF8AF8C7cVJKWtH+QX8 qGNBqQxNF1bppGCvoHYFvP/a+VRJZ+9rK1WW9HIioReoYU53xp1wOB8hn2cN4P/j XwzkAZKoDvaVIgdJWtY6ifAHTe68MMvRa9Va80qYxoRXemNNOXE= =2vrJ -----END PGP SIGNATURE-----help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171001152637.GA60730>