From owner-freebsd-questions@FreeBSD.ORG  Sun Aug 21 10:10:45 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3162016A41F
	for <freebsd-questions@freebsd.org>;
	Sun, 21 Aug 2005 10:10:45 +0000 (GMT)
	(envelope-from remko@freebsd.org)
Received: from caelis.elvandar.org (caelis.elvandar.org [217.148.169.59])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 88F4E43D46
	for <freebsd-questions@freebsd.org>;
	Sun, 21 Aug 2005 10:10:44 +0000 (GMT)
	(envelope-from remko@freebsd.org)
Received: from localhost (caelis.elvandar.org [217.148.169.59])
	by caelis.elvandar.org (Postfix) with ESMTP id 77792358C53;
	Sun, 21 Aug 2005 12:10:43 +0200 (CEST)
Received: from caelis.elvandar.org ([217.148.169.59])
	by localhost (caelis.elvandar.org [217.148.169.59]) (amavisd-new,
	port 10024)
	with ESMTP id 37420-06; Sun, 21 Aug 2005 12:10:43 +0200 (CEST)
Received: from [10.0.2.125] (home.evilcoder.org [195.64.94.120])
	by caelis.elvandar.org (Postfix) with ESMTP id 028CA358C52;
	Sun, 21 Aug 2005 12:10:42 +0200 (CEST)
Message-ID: <4308535B.2080001@FreeBSD.org>
Date: Sun, 21 Aug 2005 12:11:39 +0200
From: Remko Lodder <remko@FreeBSD.org>
User-Agent: Mozilla Thunderbird 1.0.5 (Macintosh/20050711)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Pat Maddox <pergesu@gmail.com>
References: <810a540e05082101182e4e75fa@mail.gmail.com>	
	<43084AE9.7020305@FreeBSD.org>
	<810a540e05082103073f0622f7@mail.gmail.com>
In-Reply-To: <810a540e05082103073f0622f7@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by the elvandar.org maildomain
Cc: FreeBSD Questions <freebsd-questions@freebsd.org>
Subject: Re: Security warning with sshd
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: remko@FreeBSD.org
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Aug 2005 10:10:45 -0000

Pat Maddox wrote:
> On 8/21/05, Remko Lodder <remko@freebsd.org> wrote:
> 
>>Pat Maddox wrote:
>>
> 
> I don't know what exactly was happening, but after looking at that
> link my guess is that it occurred when I enabled the firewall.  If I'm
> logged in and enable it, my ssh connection is dropped...except I don't
> get disconnected, the ssh connection is simply unresponsive.  Which
> makes sense since the firewall just went up.  But maybe that's part of
> the problem?

Well that can easily be, people are speaking about "statefull" packets
here.  Do you use statefull filtering on your firewall?  Are you able
to "see" the dropped packets (dropped by your firewall)?  If so you
might want to enable statefull filtering for your ssh sessions..

Hope this helps,

cheers

-- 
Kind regards,

      Remko Lodder               ** remko@elvandar.org
      FreeBSD                    ** remko@FreeBSD.org
      Reporter DSINET            ** remko@DSINet.org