Re: Reality check: IPFW sees SSH traffic that sshd does not?
David Wolfskill wrote:
> <...>
> This morning (in reviewing the logs from yesterday), I found a set of
> 580 such setup requests logged from Mar 20 19:30:06 - Mar 20 19:40:06
> (US/Pacific; currently 7 hrs. west of GMT/UTC), each from 204.11.235.148
> (part of a VAULT-NETWORKS netblock). The sshd on the internal machine
> never logged anything corresponding to any of this.
Might be a SYN scan. I believe SSH will not log anything if a three-way
handshake has not been completed.
Of course, it would help if you provided ipfw logs to determine exactly
what kind of packets it was.
--
Tadas Miniotas
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 2 之 14 篇):