From owner-freebsd-questions@FreeBSD.ORG Sun Aug 21 10:07:48 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9AF6316A41F for ; Sun, 21 Aug 2005 10:07:48 +0000 (GMT) (envelope-from pergesu@gmail.com) Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.195]) by mx1.FreeBSD.org (Postfix) with ESMTP id B500343D45 for ; Sun, 21 Aug 2005 10:07:47 +0000 (GMT) (envelope-from pergesu@gmail.com) Received: by zproxy.gmail.com with SMTP id z6so572766nzd for ; Sun, 21 Aug 2005 03:07:47 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=uWbZLfH8uR/9rnqlXoxlpo6LVhsThpvfOnwNSwlKoSVRXVoFz4OS6Z2UEJvs6ZijNTTUxqc5Qb69cQTjwNLlw91IjIsKshHYZaRf5qGUFevwrHuwPFTmWVYeHnlG3TRGl5tcAHFdR5Lmm2np2vV0tYZHwzi4mSssDu+189QkEkc= Received: by 10.36.221.9 with SMTP id t9mr2723031nzg; Sun, 21 Aug 2005 03:07:47 -0700 (PDT) Received: by 10.36.48.17 with HTTP; Sun, 21 Aug 2005 03:07:47 -0700 (PDT) Message-ID: <810a540e05082103073f0622f7@mail.gmail.com> Date: Sun, 21 Aug 2005 04:07:47 -0600 From: Pat Maddox To: FreeBSD Questions , remko@freebsd.org In-Reply-To: <43084AE9.7020305@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <810a540e05082101182e4e75fa@mail.gmail.com> <43084AE9.7020305@FreeBSD.org> Cc: Subject: Re: Security warning with sshd X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Aug 2005 10:07:48 -0000 On 8/21/05, Remko Lodder wrote: > Pat Maddox wrote: > > In my recent security email, I got the following errors: > > cantona.dnswatchdog.com login failures: > > Aug 20 02:37:19 cantona sshd[9444]: fatal: Write failed: Operation not = permitted > > Aug 20 04:30:42 cantona sshd[16142]: fatal: Write failed: Operation > > not permitted > > Aug 20 21:21:51 cantona sshd[45716]: fatal: Write failed: Operation > > not permitted > > > > So three questions: What is it? Should I be worried? How can I fix it= ? > > > > Thanks, > > Pat >=20 > A couple of messages that i read when searching through google > appear to indicate that it might rely on your firewall, bad > packets that are not in state anymore and such and then gets > blocked by your firewall. >=20 > Could you provide some more details of events happening around > the same time of the messages you posted here? Perhaps something > else precedes the message which gives more information on what > might have happened... >=20 > Url with some information: > http://lists.freebsd.org/pipermail/freebsd-pf/2005-August/001337.html > (and related messages) >=20 > Cheers, > Remko >=20 > -- > Kind regards, >=20 > Remko Lodder ** remko@elvandar.org > FreeBSD ** remko@FreeBSD.org > Reporter DSINET ** remko@DSINet.org >=20 I don't know what exactly was happening, but after looking at that link my guess is that it occurred when I enabled the firewall. If I'm logged in and enable it, my ssh connection is dropped...except I don't get disconnected, the ssh connection is simply unresponsive. Which makes sense since the firewall just went up. But maybe that's part of the problem?