[Wylug-help] Security log message
Anne Wilson
cannewilson at googlemail.com
Sun Mar 9 17:22:52 GMT 2008
On Sunday 09 March 2008 15:55:54 John Hodrien wrote:
> Prodding it back at the list, as neither of us intended to take it away...
>
Thanks. And apologies.
> Is the router a linux box or a standalone unit?
It's a Netgear standalone unit.
> I'm assuming that the IMAP
> server is a different network device. In which case the router's unable to
> tell whether it's a valid connection or not, so I'd assume that message was
> simply informative.
OK - that makes sense.
> You'd have to check the logs of your IMAP server to
> see if the attempt was successful.
>
I'm not certain, but I *think* they are being rejected. I can see clear login
lines for David and myself, but these are the remote ones:
dovecot: Mar 08 12:35:47 Info: imap-login: Disconnected: rip=66.232.146.44,
lip=192.168.0.40
I think that indicates that there was no successful login. Right?
> > What do people do in this situation to make it more secure? The router
> > can be set to only allow incoming imap requests from certain IPs, but I
> > don't see how that can be used if you are away from home and on dhcp via
> > a public network.
>
> Indeed not. I've previously used iptables rules that limit the number of
> connection attempts per minute per IP, which can at least limit their
> ability to brute force attack your machine, while minimising the risk of
> accidentally blocking authorized traffic, as I've managed in the past with
> a slightly over zealous self-protection system.
>
I've read about that, but never done it. I'll look into that.
> > This is a new situation to me as I've not used imap from outside until
> > recently, so all help is most gratefully received.
>
> I wouldn't treat this differently to having ssh accessible externally.
>
I haven't done that either. I use ssh with keys for remote updating and such
within the lan, but I don't know how to do that when away from home. I
expect there will be a good how-to somewhere. I'll look for it.
The trouble with being largely self-taught is that knowledge tends to be
somewhat patchy :-)
Anne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://list.wylug.org.uk/pipermail/wylug-help/attachments/20080309/a9e2cf41/attachment.bin
More information about the Wylug-help
mailing list