If you have no need for remote users to ssh into your system them remove the ssh enable statement from rc.conf. If you do need ssh then change its default port to some thing else and have all authorized remote ssh users add the new port number to the remote ssh login command. This will stop all your bad ssh login attempts. Then you can have your ipfilter firewall log all the ssh attempts to the ssh default port number and then run the log through this abuse reporting application. http://freebsd.a1poweruser.com:6088/99.20-abuse_rpts_download.htm This application has been made into a FreeBSD port but it has not been officially accepted yet.
This is my passive-aggressive solution to putting a stop to port scanning. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
