5 Jan
2010
5 Jan
'10
8:56 p.m.
On Tue, January 5, 2010 11:56, Ned Slider wrote:
Those are the *source ports* from the attacking host, not the destination port on which you are running SSH. I /assume/ the number enclosed in '[]' to be the pid of the sshd instance associated with the connection attempt.
Hope that helps.
I discovered a mal-configured rule in iptables respecting access to the local sshd. As this is a gateway machine other connections to port 22 on different ips have to pass through it. I had conflated the separate requirements of local and network access into a single rule which simply did not serve the multiple purposes I imagined it did.
Thank you to all who replied. I learned a few new things today.
Sincerely,
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3