Date: Fri, 04 Apr 2014 23:03:23 +0100 From: Karl Pielorz <kpielorz_lst@tdx.co.uk> To: John Baldwin <jhb@freebsd.org> Cc: freebsd-hackers@freebsd.org Subject: Re: Stuck CLOSED sockets / sshd / zombies... Message-ID: <9E29C6F47AEE714A4DE171C4@study64.tdx.co.uk> In-Reply-To: <201404041613.09808.jhb@freebsd.org> References: <3FE645E9723756F22EF901AE@Mail-PC.tdx.co.uk> <201404031614.40951.jhb@freebsd.org> <18B08A7E8585B0C4A89A05E6@study64.tdx.co.uk> <201404041613.09808.jhb@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--On 4 April 2014 16:13:09 -0400 John Baldwin <jhb@freebsd.org> wrote: >> So I'm guessing that's a yes? > > Ugh, ok. Is this easy to reproduce? Hmmm. I cloned the box today, and messed around with ssh on it - and didn't manage to get a single stuck session. The box with the problems has been 'sitting around' for quite a while - with no services on it. I may have just stumbled onto something that I didn't notice before. I've traced all the stuck sshd's back to being created by security scanning software we use to check our hosts. I'm going to run the same scan against the new box and see if that creates some stuck sessions. Obviously, they shouldn't "stick" like this [technically no matter how much they're 'abused']- and, unless the other people involved are running the same security scans against their hosts I can't see it's just being that as a cause - but if the scan does create zombies on the 2nd host - that would at least make it reproducible. I double checked - none of our other boxes (scanned with the same software) show the same issue. I'll do some tests and post back what I find... -Karl
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9E29C6F47AEE714A4DE171C4>