Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: FC6 ssh times out to one particular host

from [chris] Network Security [Permanent Link]
Subject: Re: FC6 ssh times out to one particular host
Date: Fri, 16 Mar 2007 14:11:57 +0000 
On Fri, Mar 16, 2007 at 10:12:15AM +1100, Darren Tucker wrote:

chris@mx0.halon.org.uk wrote:

I have just migrated from using a Solaris box as my work system to
having Fedora Core 6 on my desktop PC.

I have a number of ssh 'pinholes' in the company firewall to let
me connect to external systems.  These are to four external systems
and from the Solaris system they all work still. From the new FC6
system they all work *except* for the one to my home system.  Thus
the basics of ssh security etc. would seem to be OK.

[...]

Can anyone suggest any reason for this problem and how to fix it? I'm
stumped.


You could try turning of TCP window scaling on the client side ("echo 0 

/proc/sys/net/ipv4/tcp_window_scaling".  If your firewall gets it 

wrong then you might see odd errors like this.


After much tearing of hair, thinking, etc. I finally found the problem
which turned out to be nothing to do with ssh at all.  The Slackware
host system is behind a Speedtouch router/firewall and the firewall
was rejecting packets sent back from the Slackware host to the FC6
client because of some sort of packet sequence error.  The router log
says:-

    FIREWALL fast tcp seqnr check (1 of 2): Protocol: TCP Src ip:
    192.168.1.1 Src port: 22 Dst ip: 193.128.168.194 Dst port: 51097

I fixed the problem by turning off the firewall TCP checks, i.e.:-

    firewall config tcpchecks none

I'd like to find out more, e.g. is it the firewall being paranoid or
is it actually an error in the FC6 TCP code.  However I can't really
find out much more about this error at present.

-- 
Chris Green (chris@halon.org.uk)
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  FC6 ssh times out to one particular host, chris
Next by Date:  Re: FC6 ssh times out to one particular host, Darren Tucker
Previous by Thread:  Re: FC6 ssh times out to one particular host, Darren Tucker
Next by Thread:  /tmp rather than /home, attacks?, Thomas Hafner
Indexes:  [Date] [Thread] [Top] [All Lists]