From owner-freebsd-security Mon Nov 5 22:40:16 2001 Delivered-To: freebsd-security@freebsd.org Received: from raven.mail.pas.earthlink.net (raven.mail.pas.earthlink.net [207.217.120.39]) by hub.freebsd.org (Postfix) with ESMTP id 2694037B418 for ; Mon, 5 Nov 2001 22:40:14 -0800 (PST) Received: from 1cust1.tnt2.clarksburg.wv.da.uu.net ([63.21.115.1] helo=colltech.com) by raven.mail.pas.earthlink.net with esmtp (Exim 3.33 #1) id 160ztj-00038c-00; Mon, 05 Nov 2001 22:39:48 -0800 Message-ID: <3BE786E6.1DB9227C@colltech.com> Date: Tue, 06 Nov 2001 01:44:54 -0500 From: Daniel Hagan X-Mailer: Mozilla 4.73 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Christoph Kukulies Cc: freebsd-security@FreeBSD.ORG Subject: Re: sshd - corrupted check bytes on input References: <200111050721.fA57Lko76929@gilberto.physik.rwth-aachen.de> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org You are probably being attacked. See http://www.cert.org/incident_notes/IN-2001-12.html for information on this vulnerability. Daniel Christoph Kukulies wrote: > > I found a syslog of Nov 2, 00:30 saying: > > sshd: Local: Corrupted check bytes on input. > > Possible attack? > > What is the way to go with sshd and FreeBSD? > > -- > Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message