From owner-freebsd-stable@FreeBSD.ORG  Fri Dec 22 04:44:46 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 9463316A415
	for <freebsd-stable@freebsd.org>; Fri, 22 Dec 2006 04:44:46 +0000 (UTC)
	(envelope-from gmenhennitt@optusnet.com.au)
Received: from fallbackmx03.syd.optusnet.com.au
	(fallbackmx03.syd.optusnet.com.au [211.29.133.136])
	by mx1.freebsd.org (Postfix) with ESMTP id B101813C457
	for <freebsd-stable@freebsd.org>; Fri, 22 Dec 2006 04:44:45 +0000 (UTC)
	(envelope-from gmenhennitt@optusnet.com.au)
Received: from mail04.syd.optusnet.com.au (mail04.syd.optusnet.com.au
	[211.29.132.185])
	by fallbackmx03.syd.optusnet.com.au (8.12.11.20060308/8.12.11) with
	ESMTP id kBLKxrJQ006105
	for <freebsd-stable@freebsd.org>; Fri, 22 Dec 2006 07:59:53 +1100
Received: from [203.2.73.8] (c210-49-176-194.mckinn1.vic.optusnet.com.au
	[210.49.176.194])
	by mail04.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id
	kBLKxn1r031987; Fri, 22 Dec 2006 07:59:50 +1100
Message-ID: <458AF5BA.5020908@optusnet.com.au>
Date: Fri, 22 Dec 2006 07:59:38 +1100
From: Graham Menhennitt <gmenhennitt@optusnet.com.au>
User-Agent: Thunderbird 1.5.0.7 (Windows/20060909)
MIME-Version: 1.0
To: Christopher Hilton <chris@vindaloo.com>
References: <200612211533.kBLFXLaW090581@lurza.secnetix.de>
	<458AE462.1020100@vindaloo.com>
In-Reply-To: <458AE462.1020100@vindaloo.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: freebsd-stable@freebsd.org
Subject: Re: Block IP
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Dec 2006 04:44:46 -0000

Christopher Hilton wrote:
> If it's at all possible switch to using public keys for authentication
> with ssh and disallow password authentication. This completely stops
> the brute forcing attacks from filling up your periodic security mail.
Are you sure about that? I only allow PublickeyAuthentication ssh2
connections but I get lots of security mail messages like:

Nov 16 01:44:08 maxwell sshd[70067]: Invalid user marcos from 202.54.49.7
Nov 16 01:44:23 maxwell sshd[70067]: reverse mapping checking getaddrinfo for 49-7.broadband.vsnl.net.in failed - POSSIBLE BREAKIN ATTEMPT!


Graham