Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 04 Apr 2014 23:03:23 +0100
From:      Karl Pielorz <kpielorz_lst@tdx.co.uk>
To:        John Baldwin <jhb@freebsd.org>
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: Stuck CLOSED sockets / sshd / zombies...
Message-ID:  <9E29C6F47AEE714A4DE171C4@study64.tdx.co.uk>
In-Reply-To: <201404041613.09808.jhb@freebsd.org>
References:  <3FE645E9723756F22EF901AE@Mail-PC.tdx.co.uk> <201404031614.40951.jhb@freebsd.org> <18B08A7E8585B0C4A89A05E6@study64.tdx.co.uk> <201404041613.09808.jhb@freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--On 4 April 2014 16:13:09 -0400 John Baldwin <jhb@freebsd.org> wrote:

>> So I'm guessing that's a yes?
>
> Ugh, ok.  Is this easy to reproduce?

Hmmm. I cloned the box today, and messed around with ssh on it - and didn't 
manage to get a single stuck session.

The box with the problems has been 'sitting around' for quite a while - 
with no services on it.

I may have just stumbled onto something that I didn't notice before. I've 
traced all the stuck sshd's back to being created by security scanning 
software we use to check our hosts.

I'm going to run the same scan against the new box and see if that creates 
some stuck sessions.

Obviously, they shouldn't "stick" like this [technically no matter how much 
they're 'abused']- and, unless the other people involved are running the 
same security scans against their hosts I can't see it's just being that as 
a cause - but if the scan does create zombies on the 2nd host - that would 
at least make it reproducible.

I double checked - none of our other boxes (scanned with the same software) 
show the same issue.

I'll do some tests and post back what I find...

-Karl





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9E29C6F47AEE714A4DE171C4>