On Wed, Mar 02, 2005 at 08:00:13AM +0100, Stevan Tiefert wrote:
" Hello list,
" when I am watching the /var/log/auth.log I see many missed logins from
" IP-addresses I never tried to login from. Am I right that they is a hacker
" trying to login on my mashine, because he was using loginnames I never
" created on my mashine like patrick, lydia, green, admin, and so on...?
" With regards
" Stevan Tiefert
It seems to you are right. If you know that you go to you mashine
only from one or two IP, you can write it in your firewall. For
example, if you use ipfw:
ipfw add allow tcp from $trusted_ip to me ssh in recv $ext_if
ipfw add allow tcp from me ssh to $trusted_ip out xmit $ext_if
Or something else.
" org mailing list
" To unsubscribe, send any mail to "org"
Sensory yours, Eugene Minkovskii
Сенсорно ваш, Евгений Миньковский