I'm relatively ne to FreeBSD (~6 months of usage) and I have been
administering my own system for approximately the last 2 months.  Recently
my system has received many ssh login attempts on standard user accounts as
someone has been attempting to break into my system.  I usually read the
Security Run Output e-mails to see if the attacker(s) had made any headway,
and took necessary precautions (limiting ssh logins etc).  However, last
week (after it seemed that the attacks had let up somewhat) I stopped
receiving the e-mails (as well as the daily run output e-mails).  I still
read the auth.log file to see login information and it did not appear as
though anyone had successfully managed to break into the system.  Today the
both sets of e-mails started again and I received the e-mails for today and
yesterday (I am still missing 5 days worth and one weekly run output).  I
was wondering if anyone might know how to ensure that I continue to receive
these e-mails without interrupti

If it matters (and I suspect it does) I have all my root e-mails aliased
to a locked, nologin dummy account that forwards e-mail to my account, my
boss' account, and retains a copy in the dummy account (.forward was not
working to forward root's mail).  Root's mail client is set to read the
dummy account inbox as well as anything that somehow winds up in the regular
root mailbox.  This setup worked fine until the e-mails stopped last week
(none of the listed accounts received the e-mail).

Any advice would be greatly appreciated.

those script kiddies do let up sometimes you know :D , using brute force i
guess, as long as your user's passwords aren't dictionary words then you
have nothing to worry. and also set the Allowusers directive allowing only

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to