Sometimes I am receiving messages like this from my server:
nas.myserver.mydomain.com login failures:
Jul 17 08:35:02 nas sshd[5994]: reverse mapping checking getaddrinfo for
162.132-254-62.static.virginmediabusiness.co.uk [62.254.132.162] failed
- POSSIBLE BREAK-IN ATTEMPT!
On different days
ange listening port of sshd
I get thousands of these every day, won't kill you and not worth losing your
time.
On 18 juil. 2018, at 22:07, Grzegorz Junka wrote:
Sometimes I am receiving messages like this from my server:
nas.myserver.mydomain.com login failures:
Jul 17 08:35:02 nas s
Thank you Patrick, Simon and Dimitry for a quick follow up and the
explanation.
Is it possible to figure out which parts of the security run output
emails are produced by which tools (I assume that each part is a
separate check)? Could be useful to know when checking other messages in
that
On 18/07/2018 23:41, Jason Hellenthal wrote:
See etc/periodic/... security related scripts. Should get you on a good start.
Great, thank you Jason!
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-se
On 21/07/2018 11:03, Chad Jacob Milios wrote:
On Jul 20, 2018, at 3:05 PM, Jamie Landeg-Jones wrote:
Dimitry Andric wrote:
For each incoming IP address, sshd does a reverse lookup, and if that
results in a hostname, it does another lookup of that hostname, to see
if *that* result matches th
On 21/07/2018 12:05, Chad Jacob Milios wrote:
On Jul 21, 2018, at 7:57 AM, Grzegorz Junka wrote:
On 21/07/2018 11:03, Chad Jacob Milios wrote:
On Jul 20, 2018, at 3:05 PM, Jamie Landeg-Jones wrote:
Dimitry Andric wrote:
For each incoming IP address, sshd does a reverse lookup, and if that
On 21/07/2018 19:59, Miroslav Lachman wrote:
Grzegorz Junka wrote on 2018/07/21 21:29:
[...]
There is no point to this foolishly alarming message. Be mindful
of the OTHER ways you must surely have in place to keep your sshd
hard against attack.
Good to know. But the documentation says
