sshd killed due to dos attack
Ben Lindstrom
mouring at eviladmin.org
Thu Jan 28 01:40:39 EST 2010
You really need to explain what you are doing as a DOS attack.. If all you are doing is filling up the max unauthenticated connections this is a known feature and you really should read the sshd_config manpage on "MaxStartups" feature.
- Ben
On Jan 27, 2010, at 12:51 AM, ravindra Chavalam wrote:
> Hi,
>
> I am not sure to report this as a bug. so mailing to the list.
>
>
> I have sshd(openssh3.5p1) server running on my router and when i run tcpjunk
> to that port, sshd gets killed after some time
>
> 192.168.71.1 is my sshd server and 192.168.71.4 is my client from where i
> send my dos attack
>
> This is the tcpjunk command i gave to the ssh server
>
> #tcpjunk -s 192.168.71.1 -p 22 -c req -i 100
> req session file contains string <fuzz any 101>
>
> below attached is the netstat output. They are lot of these like these but i
> just pasted two lines for reference
>
> #netstat -an|grep ":22"
> tcp 0 0 192.168.71.1:22 192.168.71.4:37757 TIME_WAIT
> tcp 0 0 192.168.71.1:22 192.168.71.4:55207 TIME_WAIT
> ...
> ...
>
> ...
>
> ...
>
>
> Can any one on tell me where in the openssh code i have to search to find
> out the root cause for this issue
>
>
> Thanks a lot in advance
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list