<<On Thu, 01 Oct 2009 17:13:55 -0700, johnea <[email protected]> said:
> The thing that concerned me is an entry I saw in netstat showing > my system connecting back to a machine that was attempting to log > in to ssh. > Does the ssh server establish a socket to a client attempting login? The SSH protocol does not, but you appear to be using "TCP wrappers" (/etc/hosts.allow) configured in such a way that it make an IDENT protocol request back to the originating server. This is rarely likely to do anything useful and should probably be disabled. > tcp4 0 0 atom.60448 host154.advance.com.ar.auth > TIME_WAIT "auth" is the port number used by the IDENT protocol. -GAWollman _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
