connections from dialup IP's

From: dave (dmehler26_at_woh.rr.com)
Date: 09/28/04

  • Next message: Bill Moran: "Re: connections from dialup IP's"
    To: <freebsd-questions@freebsd.org>
    Date: Tue, 28 Sep 2004 12:43:21 -0400
    
    

    Hello,
        Last evening i had a pretty determined dialup user try to ssh in to my
    system as root, the logs showed he tried for over 15 minutes. What i'd like
    to know is is there a way of dropping a connection from an IP if it connects
    more than x times in a minute? Or any other suggestions of dealing with
    this? I did a host lookup on the IP, 211.206.125.39
    which came back not found which kind of tells me he got offline. Suggestions
    welcome.
        Also i'm not familiar with the .kr domain i'd like to block connections
    from that one as well, same reason this one 4 minutes 165.132.58.56
    Thanks.
    Dave.

    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"


  • Next message: Bill Moran: "Re: connections from dialup IP's"

    Relevant Pages

    • Re: connections from dialup IPs
      ... > system as root, the logs showed he tried for over 15 minutes. ... I did a host lookup on the IP, ... > Also i'm not familiar with the .kr domain i'd like to block connections ...
      (freebsd-questions)
    • Possible hack? Logs clear & syslogd restarted...need help!
      ... with http attacks before so I implemented an iptables configuration. ... I only have ssh open to the world. ... these logs have been frequently clear. ... root by gojuka ...
      (comp.os.linux.security)
    • Re: Updating Linux (RH9) without inserting the CDs
      ... >FTP but it still logs in through SSH with no trouble. ... >still login locally as root - but prevent internet logins. ... Trouble is when I'm fiddling I find it keeps asking for root ...
      (alt.linux)
    • Re: Possible hack? Logs clear & syslogd restarted...need help!
      ... I only have ssh, ftp, http, and mysql running on the ... > with http attacks before so I implemented an iptables configuration. ... these logs have been frequently clear. ... I also checked the command history for root and others, ...
      (comp.os.linux.security)
    • Re: how to react on ssh attacks?
      ... On Tue, 2005-10-25 at 11:43, Michael A. Peters wrote: ... > If you ssh in as a user and then su to root, ... > the log files - and you know who logged into root and when. ... to view the logs. ...
      (Fedora)