On Tuesday 18 October 2005 21:19, Anthony Philipp wrote: > Hello, > > In my daily emails from my box I noticed this: > > Oct 17 16:13:03 lupin sshd[51861]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:05 > lupin sshd[51863]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:08 > lupin sshd[51865]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:21 > lupin sshd[51869]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:21 > lupin sshd[51867]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:30 > lupin sshd[51873]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:32 > lupin sshd[51875]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:34 > lupin sshd[51871]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:37 > lupin sshd[51877]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:37 > lupin sshd[51879]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:40 > lupin sshd[51881]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:43 > lupin sshd[51883]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! Oct 17 16:13:55 > lupin sshd[51885]: reverse mapping checking getaddrinfo for > 211-234-119-139.kidc.net failed - POSSIBLE BREAKIN ATTEMPT! > > I was just wondering exactly how dangerous this is, and what I can > do about it. > > Thanks for any additional help!
just connections to sshd from ip which have reverse name, but not have A record in DNS provider. Usually for DSL, dialup hosts. see man ssd_config for directive UseDNS or just block tcp/22 from not trusted hosts. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"