I found this in my logs and I'm wondering if this is a hacking attempt?
Probably.
Should I be concerned?
Probably not, as long as you use good passwords for everything, you're probably safe (unless you use telnet or ftp or something).
Also, if/when I see these, I'd like to add them to a blocked list using /sbin/ipfw, but get the following message when trying this command:
# /sbin/ipfw add 1 deny all from 151.204.100.88:255.255.255.255 to any ipfw: getsockopt(IP_FW_ADD): Protocol not available
Doesn't seem like IPFW is enabled. What does your rc.conf look like? You should enable it in /etc/rc.conf and select a good basic ruleset. Additionally, when you add block rules like this, you should add them to you /etc/rc.firewall script so they get preserved across a reboot.
freedom.domain.com login failures: Mar 2 11:38:33 freedom sshd[47912]: Failed none for illegal user test from 64.21.10.2 port 36747 ssh2 Mar 2 11:38:33 freedom sshd[47912]: Failed publickey for illegal user test from 64.21.10.2 port 36747 ssh2 Mar 2 11:38:34 freedom sshd[47912]: Failed keyboard-interactive for illegal user test from 64.21.10.2 port 36747 ssh2 Mar 2 11:38:34 freedom sshd[47912]: Failed password for illegal user test from 64.21.10.2 port 36747 ssh2 Mar 2 11:38:34 freedom sshd[47912]: Failed password for illegal user test from 64.21.10.2 port 36747 ssh2 Mar 2 11:38:37 freedom sshd[47913]: Failed none for illegal user oracle from 64.21.10.2 port 36984 ssh2 Mar 2 11:38:38 freedom sshd[47913]: Failed publickey for illegal user oracle from 64.21.10.2 port 36984 ssh2 Mar 2 11:38:38 freedom sshd[47913]: Failed keyboard-interactive for illegal user oracle from 64.21.10.2 port 36984 ssh2 Mar 2 11:38:38 freedom sshd[47913]: Failed password for illegal user oracle from 64.21.10.2 port 36984 ssh2 Mar 2 11:38:38 freedom sshd[47913]: Failed password for illegal user oracle from 64.21.10.2 port 36984 ssh2 Mar 2 11:38:41 freedom sshd[47914]: Failed none for illegal user guest from 64.21.10.2 port 37171 ssh2 Mar 2 11:38:41 freedom sshd[47914]: Failed publickey for illegal user guest from 64.21.10.2 port 37171 ssh2 Mar 2 11:38:41 freedom sshd[47914]: Failed keyboard-interactive for illegal user guest from 64.21.10.2 port 37171 ssh2 Mar 2 11:38:41 freedom sshd[47914]: Failed password for illegal user guest from 64.21.10.2 port 37171 ssh2 Mar 2 11:38:41 freedom sshd[47914]: Failed password for illegal user guest from 64.21.10.2 port 37171 ssh2 Mar 2 11:38:44 freedom sshd[47915]: Failed password for ROOT from 64.21.10.2 port 37187 ssh2 Mar 2 11:38:45 freedom sshd[47915]: Failed password for ROOT from 64.21.10.2 port 37187 ssh2 Mar 2 11:38:48 freedom sshd[47916]: Failed password for nobody from 64.21.10.2 port 37211 ssh2 Mar 2 11:38:48 freedom sshd[47916]: Failed password for nobody from 64.21.10.2 port 37211 ssh2 Mar 2 11:38:52 freedom sshd[47917]: Failed password for games from 64.21.10.2 port 37215 ssh2 Mar 2 11:38:52 freedom sshd[47917]: Failed password for games from 64.21.10.2 port 37215 ssh2 Mar 2 11:38:56 freedom sshd[47918]: Failed none for illegal user user from 64.21.10.2 port 37217 ssh2 Mar 2 11:38:56 freedom sshd[47918]: Failed publickey for illegal user user from 64.21.10.2 port 37217 ssh2 Mar 2 11:38:56 freedom sshd[47918]: Failed keyboard-interactive for illegal user user from 64.21.10.2 port 37217 ssh2 Mar 2 11:38:56 freedom sshd[47918]: Failed password for illegal user user from 64.21.10.2 port 37217 ssh2 Mar 2 11:38:56 freedom sshd[47918]: Failed password for illegal user user from 64.21.10.2 port 37217 ssh2 Mar 2 11:38:59 freedom sshd[47919]: Failed password for ROOT from 64.21.10.2 port 37218 ssh2 Mar 2 11:38:59 freedom sshd[47919]: Failed password for ROOT from 64.21.10.2 port 37218
-- Bill Moran Potential Technologies http://www.potentialtech.com
To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
