At 12:16 AM 11.10.2002 -0600, W. D. wrote:
>At 21:17 11/9/2002, Jack L. Stone wrote:
>>At 03:04 AM 11.10.2002 +0100, Gustaf Sjoberg wrote:
>>>On Sat, 09 Nov 2002 15:13:09 -0600
>>>"W. D." <[EMAIL PROTECTED]> wrote:
>>>
>>>either block incomming port 25 connections or set the smtserver to require
>>authentication.
>>>
>>>ipfw entry could look something like:
>>>
>>>add <rule#> deny log tcp from any to <yourip> 25 in recv <interface>
>
>This would completely block SMTP wouldn't it? I do have clients
>on this server using email.
>
>
>
>
>>>
>>>>Hi folks,
>>>>
>>>>I've got some bozo from:
>>>>
>>>> SpaWeb1.spaelegance.com..auth
>>>>
>>>>doing all kinds of SMTP activity on my FreeBSD server. Does anyone
>>>>know how to stop this? What kind of entry would I add to ipfw?
>>>>
>>>>Does anyone know what vulnerability this might be? How to stop
>>>>permanently?
>>>>
>>
>>Get the IP of the spammer if possible. I've had to use a total block like
>>this:
>>##### DENY INTRUDER through external interface
>> #${fwcmd} add deny all from 66.000.00.000 to any via ${oif}
>
>Where is ${oif} defined?
>
>When I run a command like this it doesn't understand 'fwcmd'.
>
>usw2# {fwcmd} add deny log all from 168.93.100.59/16 to any in via ${oif}
>oif: Undefined variable.
>
>usw2# {fwcmd} add deny log all from 168.93.100.59/16 to any in via lo0
>fwcmd: Command not found.
>
>>
Sorry, that was a defined variable in my script:
# Firewall program
fwcmd="/sbin/ipfw"
Best regards,
Jack L. Stone,
Administrator
SageOne Net
http://www.sage-one.net
[EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
