Date: Tue, 4 Dec 2001 12:45:42 -0500 (EST) From: Stephen Hovey <shovey@buffnet.net> To: "Riley J. McIntire" <rileyjmc@pacbell.net> Cc: FreeBSD Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: icmp dos attack? sshd core dump Message-ID: <Pine.BSF.4.05.10112041245260.25439-100000@buffnet11.buffnet.net> In-Reply-To: <NCBBLBILEPCHLFJAPIIPIEAGKFAA.rileyjmc@pacbell.net>
next in thread | previous in thread | raw e-mail | index | archive | help
An advisory just came out on a hole in ssh (I wont touch that with a 10 foot pole!) On Tue, 4 Dec 2001, Riley J. McIntire wrote: > Greetings: > > This just showed up in a security check output log: > > > icmp-response bandwidth limit 240/200 pps > > icmp-response bandwidth limit 213/200 pps > snip pages of this > then > > pid 49374 (sshd), uid 0: exited on signal 11 (core dumped) > > pid 49375 (sshd), uid 0: exited on signal 11 (core dumped) > snip > > pid 49391 (sshd), uid 0: exited on signal 11 (core dumped) > > pid 49394 (sshd), uid 0: exited on signal 11 (core dumped) > > pid 49396 (sshd), uid 0: exited on signal 10 (core dumped) > > pid 49397 (sshd), uid 0: exited on signal 10 (core dumped) > snip > > pid 49465 (sshd), uid 0: exited on signal 10 (core dumped) > > pid 49466 (sshd), uid 0: exited on signal 10 (core dumped) > > Note the change from a sig 11 to 10. > > > A DOS attack? The machine is up, I can connect via ssh, and I'm a bit > at a loss of what, if anything, to do about this? > > Thanks, > > Riley > > > "They that can give up essential liberty to obtain a little temporary > safety deserve neither liberty nor safety." > Benjamin Franklin > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10112041245260.25439-100000>