From owner-freebsd-stable@FreeBSD.ORG Fri Aug 22 00:27:55 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 979D41065682 for ; Fri, 22 Aug 2008 00:27:55 +0000 (UTC) (envelope-from freebsd@meijome.net) Received: from sigma.octantis.com.au (ns2.octantis.com.au [207.44.189.124]) by mx1.freebsd.org (Postfix) with ESMTP id 517738FC1F for ; Fri, 22 Aug 2008 00:27:55 +0000 (UTC) (envelope-from freebsd@meijome.net) Received: (qmail 20511 invoked from network); 21 Aug 2008 19:01:14 -0500 Received: from 124-170-190-142.dyn.iinet.net.au (HELO ayiin) (124.170.190.142) by sigma.octantis.com.au with (DHE-RSA-AES128-SHA encrypted) SMTP; 21 Aug 2008 19:01:14 -0500 Date: Fri, 22 Aug 2008 10:01:09 +1000 From: Norberto Meijome To: freebsd-stable@freebsd.org Message-ID: <20080822100109.2a85c431@ayiin> In-Reply-To: <20080821200309.GA19634@eos.sc1.parodius.com> References: <48ADA81E.7090106@aldan.algebra.com> <20080821200309.GA19634@eos.sc1.parodius.com> X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i386-portbld-freebsd7.0) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAGFBMVEX+/v7++v6YOTrq8PCcuIX989UvOSj++v0BNCbpAAAAB3RJTUUHsQwfFzs7RBhzUQAAAhJJREFUOI1dU8GOqzAMNKIoV1bvwD1i0ysqrHplIdBrVSX7ATSbd03VVvn9tQNtQy0hjAdn7LED4AAcPtWm9RV+MPSfxhBLx9ajd6X/ngB6/mTwnRSZua7i7Ca+0ctZKo4Qmz+JY13X6I3nFZBxIYW1PbgfQ5RP8g0XlltEWGf3cV03joYpRnFbvYDKbXjZlXyyhEZA4lI+cN3NaVXE4VKjSwTExO10eTEkkJVqIAD5z0nUBQJluQDRSQjcrBiHAJxZlAH5CUMBMC7OcJ4LMQNnxhZ1HYPscMc6J4UlWRMNwzOpCcAHKSICd1EDn83abdREIbXsHkD1OinP1aCUCOEVRaa1lMcvywUWdYgk13JQUpYNKmvXQ8Kw5ML9YI5h8SakctBc7E/IYuLhYd/zZIk+1gM1vNweQBvHE0j+oYah3sMqAytQYlZk6+ANaaawJdu3OFzYGMZ3iGpa3qMlq9ZH0VZTgrCtw/ngdYkEIIpSbP1bWQAdFdX9vocBdkH2qVjVmuMu3gI5rjs814EUdrCZgWlPaxZZ3RiLFUtr+ud0PXwp2dnQSNXgePt6AZpBj6UMJ7VQkzN4utVeaSW1Dhn/kblGrKeMvNGnzwX4zuEDarYz1KdPtR60Gul0Gued+515SJXhCsl+Tx/3kY/UDvicPll9mfu50t3tvQ/thZpJYgeuwdSKNJ6tCD98MCgoxLDaPxbwqqwPWaWiAAAAAElFTkSuQmCC Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: machine hangs on occasion - correlated with ssh break-in attempts X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Aug 2008 00:27:55 -0000 On Thu, 21 Aug 2008 13:03:09 -0700 Jeremy Chadwick wrote: > A different approach: consider putting sshd on a different port, rather > than the default of 22. A lot of people I know do this, solely to > decrease the number of brute-force attempts you see above; I've never > seen any of those brute-force attacking programs portscan, then attack > against a port which returns a OpenSSH string. +1 - obscurity definitely doesn't ADD to security , but it removes all the noise from your system. Alternatively, you try port knocking ;) > Finally, consider moving to pf instead, if you really feel ipfw is > what's causing your machine to crash. You might be pleasantly surprised > by the syntax, and overall administrative usability (it is significantly > superior to ipfw, IMHO). +1 _________________________ {Beto|Norberto|Numard} Meijome If Bill Gates had a dollar for every time a Windows box crashed... .. Oh, wait a minute, he already does. I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.