[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to stop an active network connection

T o n g wrote:
How can I stop an active network connection? e.g.,

$ netstat Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 ip-72-55-146-217.:35911 ESTABLISHED

Because barbarians are pounding at my sshd gate again:

 . . .
 Dec  2 16:41:37 helios sshd[9201]: Invalid user chad from
Dec 2 16:41:37 helios sshd[9201]: pam_unix(sshd:auth): check pass; user unknown Dec 2 16:41:37 helios sshd[9201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-72-55-146-217.static.privatedns.com Dec 2 16:41:39 helios sshd[9201]: Failed password for invalid user chad from port 42328 ssh2
 . . .

I shut down my sshd daemon, but the network bandwidth did not drop. The
active connection went away in the netstat output, which is wrong, and iftop was able to reveal the still-live connection.

Just apt-get install denyhosts. It will update the /etc/hosts.deny everytime it detects an abusive client.

Please help.


If you can't explain it simply, you don't understand it well enough.
                                       -- Albert Einstein

Reply to: