Jun 30 10:36:05 phantom sshd[70478]: Failed password for news from 212.88.182.121 port 51218 ssh2 Jun 30 10:36:16 phantom sshd[70500]: Failed password for sshd from 212.88.182.121 port 51608 ssh2 Jun 30 10:36:39 phantom sshd[70569]: Failed password for root from 212.88.182.121 port 52297 ssh2
I get the above a lot in my logs (except more of it). Each day, a couple hundred failed attempts to log in from one or sometimes two IP addresses shows up. I don't have anything like ipf running, and since this machine is about fifteen hundred miles away from me, I don't want to experiment with software firewalling right now. That known, is there any way to tell sshd (or some more powerful daemon) to stop accepting login attempts from a given IP if it tries and fails to log in too many times in a limited duration (like in the same minute)? I suppose, now that I'm thinking about it, that it'd be best to actually just read the man pages and figure out how to get sshd to ignore any attempt to attach from ports other than 22. I mean, why are other machines trying to ssh in at ports over fifty thousand anyway? -- -JC http://www.livejournal.com/users/jcholewa/ PS: Oh, yeah ... "FreeBSD 4.8-RELEASE #0: Thu Apr 3 10:53:38 GMT 2003" ; openssh-3.6.1_5 ; openssl-0.9.7d_1 _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
