Hi, I run a webmail server for a small company, which is (of course) running FreeBSD 5-stable. I get about 50-100 failed loging attempts via ssh on a daily basis.
Occasionally, these show up in my daily security digest with messages like: reverse mapping checking getaddrinfo for h169-210-68-8.a dcast.com.tw failed - POSSIBLE BREAKIN ATTEMPT! But mostly it's stuff like Illegal user postgres from 210.68.8.169 What's the best way to cut down on these attempts? I thought about adding a blacklist to my pf.conf rules for the pf firewall. Any thoughts would be greatly appreciated! Kyle _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
