Subject: Re: monitoring utilities
To: None <port-cobalt@NetBSD.org>
From: Brian <bmcewen@comcast.net>
List: port-cobalt
Date: 10/27/2004 19:05:12
On Wednesday, October 27, 2004, at 03:31 PM, Vadim P. wrote:
>
> One simple way to disable unauthorized TCP connections is to use
> tcpwrappers, controlled by files /etc/hosts.allow and /etc/hosts.deny.
> Using these, you can only allow trusted networks/hosts/domains and
> block the rest.
>
Thanks all who posted for the help.
At this time it looks like I average 3 different people per week trying
to ssh into root (which won't happen, it's disabled). Which I guess
isn't that bad. I had more people hitting my port 21 ftp server when
it was hosted on a 68k Mac (good luck with getting a shell on that!).
It's just that this AM someone was hanging around on port 22 while I
was doing some watching for real people connecting, and it just kinda
bugged me :) and now I'm tempted to put up something that will detect
and block automatically.
Brian
--
WARNING! Acme constructs each Klein Bottle from genuine Baryonic
matter. Do
not allow your Acme Klein Bottle to come in contact with antimatter or
unpredictable results may occur. Acme cannot guarantee the
dimensionality of
the result. <http://www.kleinbottle.com> (not an affiliate, just
aficionado)