Illegal access attempt - FreeBSD 5.4 Release - please advise
nawcom
nawcom at nawcom.no-ip.com
Sun Aug 28 00:38:10 GMT 2005
if this server was used by 100+ people i would of course not have such a
harsh security script set up. everyone who uses it has great experience
and understands the consequences. like i said before, this is usually
for personal use and has about 12 users total. if this was used to
manage ssh on something big i would lower the security measures.
hope you can understand some now :)
Ben
freebsd-questions at auscert.org.au wrote:
>>-if the attempt was with a username that doesnt exist - i add the ip to
>>a db of banned ips and flush and restart ipfw
>>
>>
>
>I'm curious about this bit - what do you do about accidentally mistyped
>usernames by valid users?
>
>cheers,
>-- Joel Hatton --
>Security Analyst | Hotline: +61 7 3365 4417
>AusCERT - Australia's national CERT | Fax: +61 7 3365 7031
>The University of Queensland | WWW: www.auscert.org.au
>Qld 4072 Australia | Email: auscert at auscert.org.au
>_______________________________________________
>freebsd-questions at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
>
More information about the freebsd-questions
mailing list