RE: OpenSSH anomaly

• Previous message: Benjamin Franz: "Re: OpenSSH anomaly"
• Maybe in reply to: Benjamin Franz: "OpenSSH anomaly"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: incidents@securityfocus.com
Date: Tue, 24 Feb 2004 13:34:30 -0500

Also, are you running an access control. sometimes the daemon user for sshd
expires resulting all sessions being terminated.

Subodh Gusain
HP-CANADA

-----Original Message-----
From: Benjamin Franz [mailto:snowhare@nihongo.org]
Sent: Monday, February 23, 2004 1:24 PM
To: Will Tipton
Cc: incidents@securityfocus.com
Subject: Re: OpenSSH anomaly

On Mon, 23 Feb 2004, Will Tipton wrote:

> This sounds like an issue we had recently. It turned out that the
> passwords had expired and that openssh is broken as far as dealing with
> it. If this is the case, as console login should prompt you to change the

> password. Or, try a chage -l

Nope. But I discovered this morning as backups were attempting to run that
the filesystem apparently has corruption - I have a few files that
suddenly have apparent sizes and ownership info in the absurd range:

-rw-r--r-- 1 2439249920 136118272 584782831260017978 Aug 14 2003
redhat-config-xfree86.mo

lrwxr-xr-x 1 543621120 1920139264 13 Nov 16 09:12 K50tux

I also discovered that my inode handlers are apparently leaking. This
looks like a combination of kernel and/or filesystem problems.

-- 
Benjamin Franz
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_incidents_040219
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Previous message: Benjamin Franz: "Re: OpenSSH anomaly"
• Maybe in reply to: Benjamin Franz: "OpenSSH anomaly"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: OpenSSH anomaly ... > passwords had expired and that openssh is broken as far as dealing with ... suddenly have apparent sizes and ownership info in the absurd range: ... Astaro Security Linux -- firewall with Spam/Virus Protection ... (Incidents) Win 2003 DNS requests makes replies over 512 byte PIX limit ... We recently upgraded our DNS servers to Win 2003. ... became apparent that we are unable to send email to some domains which ... accept>512 byte UDP replies. ... have identified as their top 5 IT Security Challenges. ... (NT-Bugtraq) unable to access secure websites ... >apparent reason.All security and privacy settings are ... >OK,have checked cookies - cannot even check a postcode! ... (microsoft.public.windowsxp.security_admin) Re: Cannot access Active Directory ... I too had almost identical problems on a Windows 2000 AD Server. ... It became apparent after the last MS security patching of the server. ... (microsoft.public.windows.server.active_directory) Re: Zonealarm ... Win98 is known to have many security issues and just by looking at this ... newsgroup it is apparent that the latest build of ZA is causing many users ... (comp.security.firewalls)