Re: [CentOS] CentOS6 - Break in attempt? What is the Exploit?

On Mon, September 21, 2015 15:37, m.r...@5-cent.us wrote: > Gordon Messmer wrote: >> >>> > In other words, the >>> >hostkeys would be identical. >> >> I think what the error indicates is that a client tried to connect >> to SSH, and the host key there did not match the fingerprint in the >>

Re: [CentOS] CentOS6 - Break in attempt? What is the Exploit?

well. sounds like some automatic deploytment tool? error ip ip address or other configuration failure? http://stackoverflow.com/questions/6356212/ant-scp-task-failure -- Eero 2015-09-21 11:29 GMT+03:00 James B. Byrne : > This morning's log review revealed this sshd log

Re: [CentOS] CentOS6 - Break in attempt? What is the Exploit?

Gordon Messmer wrote: > >> > In other words, the >> >hostkeys would be identical. > > I think what the error indicates is that a client tried to connect to > SSH, and the host key there did not match the fingerprint in the > client's "known_hosts" database. > >> >It seems to me that someone

Re: [CentOS] CentOS6 - Break in attempt? What is the Exploit?

> In other words, the >hostkeys would be identical. I think what the error indicates is that a client tried to connect to SSH, and the host key there did not match the fingerprint in the client's "known_hosts" database. >It seems to me that someone attempted an ssh connection while

[CentOS] CentOS6 - Break in attempt? What is the Exploit?

This morning's log review revealed this sshd log entry on one of our web services hosts: Received disconnect: 11: disconnected by user : 2 Time(s) 3: com.jcraft.jsch.JSchException: reject HostKey: 216.185.71.170 : 1 Time(s) The IP address used is that of a public facing database query