Hacker Scans - Advice requested
Eric Crist
ecrist at secure-computing.net
Sat Aug 7 22:21:19 PDT 2004
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org] On Behalf Of Mike Bruce
> Sent: Sunday, August 08, 2004 12:16 AM
> To: questions at freebsd.org
> Subject: Hacker Scans - Advice requested
>
>
> Please can you help me?
>
> I am getting increasingly plagued by this message in my
> security log on my V4 installations of FreeBSD
>
> 06:48:53 mail sshd[18617]: Failed password for illegal user
> admin from 210.3.4.71 port 39741 ssh2 Aug 7
>
> Is there any way that this can be prevented without impairing
> the services provided by the operating system.
>
> Many thanks
>
> Mike Bruce
Very simple solution: create a rule to allow only traffic from known
subnets. This will completely deny requests from IP addresses you're
not sure of.
HTH
Eric F Crist
More information about the freebsd-questions
mailing list