Date: Wed, 18 May 2005 09:26:29 -0400 (EDT) From: Francisco <francisco@natserv.net> To: Peter Kropholler <peterkropholler@mac.com> Cc: freebsd-questions@freebsd.org Subject: Re: illegal user root user failed login attempts Message-ID: <20050518092129.O6030@zoraida.natserv.net> In-Reply-To: <C993D184-EDA6-446B-96CC-59B9AFE34AC2@mac.com> References: <C993D184-EDA6-446B-96CC-59B9AFE34AC2@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 17 May 2005, Peter Kropholler wrote: > As things stand, ssh is designed so you can't get at people's passwords > and I am leaving it alone. Focussing instead on the task of making > sure my passwords are strong One thing I do is to prevent the IPs from connecting to my machine One can either do it at the firewall level or use the route command to "blacklist" the IPs. The advance of using route, I was told, is that it uses a more efficient way than the firewall to seek IPs. The syntax for using route to black list is: route add -host <ip of hacker> 127.0.0.1 -blackhole The reason I do this is because I figure those machines may try other attacks besides ssh and also I just don't like to see my logs with so many warnings of break in attemps.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050518092129.O6030>