From owner-freebsd-virtualization@FreeBSD.ORG Thu May 30 15:11:02 2013 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 8ABCAF67; Thu, 30 May 2013 15:11:02 +0000 (UTC) (envelope-from jeroen@dckd.nl) Received: from positron.dckd.nl (positron.dckd.nl [IPv6:2a02:898:62:f6::63]) by mx1.freebsd.org (Postfix) with ESMTP id 5030FB75; Thu, 30 May 2013 15:11:02 +0000 (UTC) Received: from wcw-staff-215-240.wireless.uva.nl (wcw-staff-215-240.wireless.uva.nl [145.18.215.240]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by positron.dckd.nl (Postfix) with ESMTPSA id 7C1E2F8905; Thu, 30 May 2013 17:10:59 +0200 (CEST) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\)) Subject: Re: FreeBSD PVHVM call for testing From: Jeroen van der Ham In-Reply-To: Date: Thu, 30 May 2013 17:10:59 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <9BD00E17-0A80-44C6-8B7B-2933265F4664@dckd.nl> References: <519131D8.9010307@citrix.com> <519E54DE.5090304@citrix.com> <6B8B9354-AF52-4081-B67B-04565D1BCE99@dckd.nl> <51A71616.4060508@citrix.com> To: Outback Dingo X-Mailer: Apple Mail (2.1503) Cc: "freebsd-xen@freebsd.org" , "xen-users@lists.xen.org" , xen-devel , "freebsd-virtualization@freebsd.org" X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 May 2013 15:11:02 -0000 Hi, On 30 May 2013, at 16:56, Outback Dingo wrote: > first is this a public vm ? and if so who is?? > May 29 23:42:30 image01 sshd[31227]: error: Received disconnect from > 150.165.15.175: 11: Bye Bye [preauth] >=20 > because it is after this potential ssh login attempt, so is this you, = has > there been a breach ? only thing i noticed, but it might be nothing. This VM is on a public IP indeed, and SSH connectivity is enabled. As = with any publicly accessible host this then becomes the target of ssh = scans. I included the message just to show that between it and the reboot = nothing had been logged. AFAICT there has not been a breach, and I have not seen any indications = at all that there may be one. Jeroen.