On 2004-08-08 06:16:19 +0100, Mike Bruce wrote: > Please can you help me? > > I am getting increasingly plagued by this message in my security log on > my V4 installations of FreeBSD > > 06:48:53 mail sshd[18617]: Failed password for illegal user admin from > 210.3.4.71 port 39741 ssh2 Aug 7
You're far from alone. Eg. see: http://www.securityfocus.com/archive/75/371086/2004-08-05/2004-08-11/1 > Is there any way that this can be prevented without impairing the > services provided by the operating system. I only allow publickey/skey logins, so I felt pretty safe, but got tired of looking at the logs, so I moved the sshd to a random high port. Then you can append something like this to ~/.ssh/config: Host short Hostname short.verylongdomainname-or-impossibletorememberIP.tld Port 43462 User your-mom Now you can just do 'ssh short' and it'll use the right portnumber and username and dnsname (it could bbe an IP address too). Or, as another poster said, just firewall it away, or even use a combination. Have a nice day Morten -- http://m.mongers.org/ -- http://gallery.zentience.org/ __END__ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
