chrisl@xxxxxxxxxxxxx wrote:
At one of my customers sites I have iptables configured to drop all ssh
packets unless they originate from one of two addresses. However in
logwatch, I had login attempts though SSH.
Illegal users from:
220.193.2.37: 6 times
Now the address above is not one on the allowed list. Is it possible
that they were able to get past iptables to attempt the login?
It's more likely that the rules aren't loaded, or that there's another
rule that allows access in general. What's "iptables -L -n" look like?
I'll assume that you're not specifying interface names in your rule
sets, so adding "-v" probably won't reveal anything useful.
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list