I am monitoring SSH from an OpenNMS box and two of my systems, both SuSE8.2pro boxen, are registering outages on SSH. Normally I'd blame either the network or the NMS system (little puny box can hardly keep up) but sure enough, they were indeed DOS'd. The TCP connection was established and then it drops. There appear to be quite a few sshd sessions open and not closed, which I am wondering about. I know that the SSH poller doesn't establish a full SSH session but it shouldn't be able to cause a DOS...
[EMAIL PROTECTED]:~> ps ax |grep ssh 1956 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 2693 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 3224 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 3612 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 3700 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 3849 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 3962 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 4020 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 4024 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 4987 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6476 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6504 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6537 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6539 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6568 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6593 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6636 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6644 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6652 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6716 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 6722 ? S 0:00 /usr/sbin/sshd -o PidFile /var/run/sshd.init.pid 11675 pts/2 S 0:00 ssh [EMAIL PROTECTED] 13614 pts/1 S 0:00 grep ssh [EMAIL PROTECTED]:~> Any thoughts? openssh-3.5p1-68 -- Matthew Carpenter [EMAIL PROTECTED] http://www.eisgr.com/ Enterprise Information Systems *Network Consulting, Integration & Support *Web Development and E-Business _______________________________________________ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users