artware wrote:
Hello again,
My 5.3R system has only been up a little over a week, and I've already
had a few breakin attempts -- they show up as Illegal user tests in
the /var/log/auth.log... It looks like they're trying common login
names (probably with the login name used as passwd). It takes them
hours to try a dozen names, but I'd rather not have any traffic from
these folks. Is there any way to blacklist IPs at the system level, or
do I have to hack something together for each daemon?
- ben
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Here's what I do -
as root: route -nq add -host xxx.xxx.xxx.xxx 127.0.0.1 -blackhole
To the attacker, it looks as if you dropped off the net.
--
Best regards,
Chris
To save disk space in your home directory, compress files you rarely
use with "gzip filename".
-- Dru <[EMAIL PROTECTED]>
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
