sshd killed due to dos attack
ravindra Chavalam
ravindra1103 at gmail.com
Sun Feb 7 14:46:43 EST 2010
Actually we added our macros which masked SIGPIPE signal handling code. That
was the issue. Now i kept the line
signal(SIGPIPE,SIG_IGN) which solved the issue.
Thanks a lot for the response. I learnt a lot about sshd now
Regards,
Ravindranath
On Sat, Feb 6, 2010 at 9:48 AM, Ben Lindstrom <mouring at eviladmin.org> wrote:
>
> On Jan 28, 2010, at 3:30 AM, ravindra Chavalam wrote:
>
> > Hi Ben,
> >
> > Thanks a lot for the response. I gave MaxStartups 10:30:60 (these are
> > defaults i suppose for our requirements). Still facing the same issue. Is
> > sshd getting killed is the expected behaviour?in that case how can i work
> > around so that instead of killing sshd i just drop extra connections.
> Also
> > interesting fact is drop_connections is not getting called?
>
> If your programing is causing sshd to segfault. Then you need to figure
> out what combination of garbage you're sending is doing that. I suspect
> you're triggering an edge case that isn't being handled graceful.
>
> The proper behavior is that sshd will continue to run and will drop all or
> random connections based on MaxStartups definition.
>
> - Ben
More information about the openssh-unix-dev
mailing list