http://www.peerblock.com/stunnel keeps a log...
Unless you disabled it..
it should tell you what public ip attempted to connect to you...
Not a correct way, was looking for the stunnel conf line to log, but this should also help:
https://github.com/arusso/puppet-stunnel/issues/8------example...
What to do when stunnel fails
Firstly, the most important things to try when you are having trouble running stunnel is to:
run with full debug mode
"debug = 7" in stunnel configif running the daemon, run it in the foreground foreground = yes
Doing this gives you the best chance of catching the errors in the log on the screen.
along with other ip conections...
----------------
http://www.stunnel.org/static/stunnel.html*********
log = append | overwrite
log file handling
This option allows to choose whether the log file (specified with the output option) is appended or overwritten when opened or re-opened.
default: append
output = FILE
append log messages to a file
/dev/stdout device can be used to send log messages to the standard output (for example to log them with daemontools splogger).
********************
now that we have public ips that connected with tie stamp...
since hfs had the bad password attempt time stamped...
I would recomend you to downlaod peer blocker
downlaod link:
http://www.peerblock.com/releases/public-releases/peerblock-1.2.0-r693and add the ip address at that time to permantly block the ip in peer blocker.
*Stunnel log has the public ip that attempt access.
peer blocker is one of many solutions... although i do think hfs in the acount for with in the program should incormapte security rules such as (pasword history/length/complexsit and time out...)