On 2013-09-14 14:01, David Wolfskill wrote:
Sep 13 12:43:24 albert sshd[43949]: fatal: Read from socket failed: Connection 
reset by peer [preauth]

I see plentyu of these, if only because I test the sshd availablity with nagios without actually going thru the full login...
I just abort once I see sshd report it's availability on the port.

Hence the 'reset by peer [preauth].'

Like DES says:
        Scanners generate more or less the same behavior.
They scan, and try to determine if you are running a vulnerable sshd or something else they can work with....

I still have a wish on my todo to see if it is possible to report the ipnr... And then block hosts with to many tries.
But it's not really high on the agenda...

--WjW


_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"

Reply via email to