what is wrong for my ipfw? and how intruder can do it?
ann kok
annkok2001 at yahoo.com
Thu Aug 11 20:28:53 GMT 2005
Hi all
I am using freebsd 4.11 as router and run ipfw
I has ipfw rules to restrict ssh access from all
interfaces
eg: ipfw add 22 deny log tcp from any to x.x.x.x/32 22
The firewall rule is fine when testing from outside
and can get info from /var/log/security
Deny TCP x.x.x.x:20411 x.x.x.x:22 in via dc0
But I don't know that ip can bypass the ipfw firewall
rule and can access the computer.
Finally it was blocked by tcpwrapper. I got this from
/var/log/messages
Aug 09 06:10:29 firewall sshd[51057]: refused connect
from x.x.x.137 (x.x.x.137)
what is wrong for my ipfw? and how intruder can do it?
do you have any ideas?
Thank you
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the freebsd-questions
mailing list