From: johnny <sk8...@gm...> - 2009-12-26 20:00:52
|
> Hi, > > I wanted to share something I saw today. As of this morning, my ipcop > box was unresponsive, so I tried to access it thru ssh from green. No > luck. I then tried to access it thru the console, but didn't work > either. The monitor seemed to be receiving the video signal, but ipcop > had long ago gone into 'power saving' mode for that interface. The > keyboard didn't help. > > After rebooting the box, I went thru the logs and found this attempt > to connect on port 22. Now, I'm not sure if this is relevant or not, > since I have sshd running on another port, but I wanted to reach out > and see if anybody has seen the same behavior. I did google the ip and > found this discussion: > > Increase in SSH attacks as of announcement of rtld bug > http://lists.freebsd.org/pipermail/freebsd-security/2009-December/005406.html > > Has anyone seen anything like this? Time to patch my OpenSSH (4.7p1), > OpenSSL(0.9.7m) to latest OpenSSH(5.3p1)? Maybe it was just my > hardware showing its age? > > The weird thing is that I don't seem to have anything listening on that port. > > Thanks, > I'm just trying to clarify this... you're asking about the possibility of an ssh vulnerability because of a single hit to port 22 on your firewall? Or was there something unique about this attempt to connect to port 22 aside from the possibly unrelated situation of your machine being frozen? Thanks, Johnny |