Topics tagged under "systemlogs" | Netgate Forum

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

M

sshguard and oddities in the daily system log email

Watching Ignoring Scheduled Pinned Locked Moved General pfSense Questions sshguard systemlogs
8

0 Votes

8 Posts

1k Views

G

@mtarbox said in sshguard and oddities in the daily system log email:

Nothing is hammering on the logs

Most probably because it isn't the 'ssh' server that hammers itself.
Some other process still keeps on going on port 22, but doesn't know that the ones living there has moved.
So sshguard won't see the warning messages from the ssh server in the logs and doesn't add its own.
Nothing in the logs doesn't mean nothing is happening.

If there is a rogue ssh client running somewhere, it should be detected and be accounted for.

wireshark on interface LAN host adresses "192.168.2.1" TCP port 22" and see what pops up.
Try all the interfaces.
M

RDP SESSION DROPPING WITH OPTIMAL PINGS

Watching Ignoring Scheduled Pinned Locked Moved Routing and Multi WAN ospfrouting rdpsession dropping filtering systemlogs
2

0 Votes

2 Posts

484 Views

M

Also there is nothing in filtering rules to deny anything all the interfaces are allowed to pass through the traffic. Neither its showing anything on the system logs as well