AW: AW: SSH did not work on every IP on debian x64
Hello,
wow, we have found out a fact that we wouldnt believe in.
This IP wasnt in usage for more than 1 year. So there shall be no reason to think that anybody is still interested in this IP.
But the netstat shows up a very unbelievable thing.
netstat -n | grep -c :22
-> 475
so the server has nearly 500 open SSH connections. WTF...
seems to be that there is a bot net that bruteforces the IP since over one year and didnt recognize that it is unavailable most the time.
Thank for you very nice help. I appreciate that :)
this result was extremly unexpected, because it worked on a CentOS 5.5 Installation, so maybe on CentOS the sshd have more available slots?
kind regards
Robert Menger
-----Ursprüngliche Nachricht-----
Von: Andrew Miehs [mailto:andrew@2sheds.de]
Gesendet: Mittwoch, 30. Juni 2010 23:49
An: Robert Menger
Cc: debian-isp@lists.debian.org
Betreff: Re: AW: SSH did not work on every IP on debian x64
Hi Robert,
How have you configured sshd? Bind and Listen config in sshd_config?
could you please provide a
netstat -anp
with and without sshd running on the 'broken' IP/port combination
could you please provide a
ifconfig -a
Have you had a look at /var/log - are there any error entries?
have you tried connecting from the local machine to itself on that port - does that work?
What is in /etc/hosts ?
have you tried looking at a tcpdump of packets coming in and out of your interface on the sshd server?
Regards
Andrew
Reply to: