Imran Imtiaz wrote:
I got the following messages is it really an attack attempt
Jan 10 23:23:22 darkstar sshd[58484]: reverse mapping checking getaddrinfo
for 58.25-183.uio.satnet.net failed - POSSIBLE BREAKIN ATTEMPT!
Might as well treat it like one. If you're in Pakistan, who in
Ecuador should be ssh'ing to your computer? Of course,
that's the problem ... maybe they aren't really in Ecuador....
Although /etc/hosts.allow recommends against it, I find it
fairly useful to place tcpwrappers on sshd. At the very least,
I can block overseas connections to a large extent.
If I want an even more secure login, I restrict ssh logins to a specific
host and "daisy chain" through a less-restrictively configured machine.
You should also be tough with configuration (/etc/ssh/sshd_config)
and consider using key-based authentication instead of passwords/
keyboard-interactive.
HTH,
Kevin Kinsey
--
The two things that can get you into trouble
quicker than anything else are fast women and slow horses.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
