View Single Post
  #2   (View Single Post)  
Old 21st May 2009
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 445
Default

Quote:
Originally Posted by Mantazz
My FreeBSD server at home is periodically subjected to distributed hack attempts (which inevitable fail for various reasons). It is not unusual to see these involve over 200 unique IP addresses in a single day.
I've experienced the same on several 'net-facing servers.

Quote:
Originally Posted by Mantazz
I suspect it is more likely that someone did a scan on port 22 over a great range of IP addresses and found mine to be open.
That's highly likely.

Quote:
Originally Posted by Mantazz
Is there any way to confirm this? I would like sshd, if possible, to tell me who accesses my server via the command
Code:
ssh myserver.mydomain.youcantguessthis.org
as opposed to
Code:
ssh 123.234.231.132
AFAIK, this is not possible. Layer 3/4 communication knows nothing about a hostname, and the only reason the sshd daemon (eventually) knows the client hostname is because it does a reverse lookup.
__________________
Kill your t.v.
Reply With Quote