Unless there is compelling reason not to do so, another thing you should
consider would be disabling/deleting the telnet daemon completely and using
secure shell to log in from your remote host. This would have the double
benefit of both encrypting your session and cutting off that avenue for
whoever is poking around your system.
Erick
Devin Vo wrote:
> Thanks for the explanation.
>
> 1. It's definitely coming from the outside (ip address in my "secure" log)
> 2. Who ever is attempting is not by mistake because they keep coming back.
> 3. Telnet port is open because I need to login into the machine while away
> from home.
> 4. A connect and disconnect attempt gives a different message(whether you
> enter user/passwd or not)
> "login: FAILED LOGIN SESSION FROM"
>
> Again I don't think they made it in but seeing them coming back everyday
> bothers me.
