Subject: Re: monitoring utilities
To: None <port-cobalt@NetBSD.org>
From: Brian <bmcewen@comcast.net>
List: port-cobalt
Date: 10/27/2004 19:05:12
On Wednesday, October 27, 2004, at 03:31 PM, Vadim P. wrote:

>
> One simple way to disable unauthorized TCP connections is to use 
> tcpwrappers, controlled by files /etc/hosts.allow and /etc/hosts.deny. 
> Using these, you can only allow trusted networks/hosts/domains and 
> block the rest.
>

Thanks all who posted for the help.

At this time it looks like I average 3 different people per week trying 
to ssh into root (which won't happen, it's disabled).  Which I guess 
isn't that bad.  I had more people hitting my port 21 ftp server when 
it was hosted on a 68k Mac (good luck with getting a shell on that!).   
It's just that this AM someone was hanging around on port 22 while I 
was doing some watching for real people connecting, and it just kinda 
bugged me :)  and now I'm tempted to put up something that will detect 
and block automatically.

Brian

--
WARNING! Acme constructs each Klein Bottle from genuine Baryonic 
matter. Do
not allow your Acme Klein Bottle to come in contact with antimatter or
unpredictable results may occur. Acme cannot guarantee the 
dimensionality of
the result.  <http://www.kleinbottle.com>  (not an affiliate, just 
aficionado)