Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: OpenSSH strange behaviour

from [Wilson, Richard E] Network Security [Permanent Link]
Subject: RE: OpenSSH strange behaviour
Date: Wed, 6 Jun 2007 11:52:53 -0500 
Mike,

I have seen this sort of thing happen with a mismatch in network
settings -- the switch and the server "auto" negotiated and one ended up
100MB FD and one 100MB HD.

HTH,

Richard Wilson

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of No Spam
Sent: Tuesday, June 05, 2007 10:46 AM
To: secureshell@securityfocus.com
Subject: OpenSSH strange behaviour

Hello everyone, I seem to be having some strange behavior with OpenSSH
and was hoping someone can offer me some insight.

Dell Poweredge 2950 Rack Mount Server
Red Hat Linux Enterprise AS 4.0
All updates, kernel and security patches have been applied
I have about 50 Red Hat machines on my network, all are configured the
same and this machine is the only one with an issue.

In a nutshell, if you SSH to the machine sometimes it works, and
sometimes it doesn't.
Usually, if you can't SSH to the machine you just keep trying and
eventually it seems to allow you to connect and once it does it will
allow others to connect, for a while, before it dies again.  Here is
an example of what I mean:

amanda@backup6 90 % ssh thera df -lk
ssh_exchange_identification: read: Connection reset by peer
amanda@backup6 91 % ssh thera df -lk
ssh: connect to host thera port 22: Connection refused
amanda@backup6 92 % ssh thera df -lk
ssh: connect to host thera port 22: Connection refused
amanda@backup6 93 % ssh thera df -lk
ssh: connect to host thera port 22: Connection refused
amanda@backup6 94 % ssh thera df -lk
ssh: connect to host thera port 22: Connection refused
amanda@backup6 95 % ssh thera df -lk
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/sda1             20641788   7711284  11881864  40% /
none                   2020772         0   2020772   0% /dev/shm
/dev/sda3            113534884  32996808  74770744  31% /export/home0
/dev/sda2            113534884  44551504  63216048  42% /export/home1
/dev/sda5            103210940  33640452  64327680  35% /export/home2
/dev/sda8             10317828    146812   9646900   2% /opt
/dev/sda7             20641788     78760  19514388   1% /tmp
/dev/sda6             20641788    174688  19418460   1% /usr/local
/dev/sda9             10317828    299140   9494572   4% var


As you can see, it failed 5 times, then it allowed the connection.
I've changed network cables and ports and that didn't help, I ran
"mtr" but it didn't report any packet loss to the machine.  I changed
the logging level to DEBUG3 but nothhing is being reported other than
"Connection Closed" and "Failed none" messages.

Does anyone have any ideas?  If you need further information just let me
know.

Thank you in advance,

mike
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SSH tunnel question., Ventsislav Genchev
Next by Date:  Multihomed Configuration, Nirmal Babu Puliyadi Suriya Kumar -X (npuliyad - HCL at Cisco)
Previous by Thread:  OpenSSH strange behaviour, No Spam
Next by Thread:  Re: SSH tunnel question., Ventsislav Genchev
Indexes:  [Date] [Thread] [Top] [All Lists]