I have a significant number of systems, including some Red Hat, that are
producing the following error message:
buffer_consume_end: trying to get more bytes than in buffer
I recognize this as an error from SSH and I have found some descriptions of
this error that make it appear to be a failed access attempt. The really
odd thing is that the logs show this error occurring on many servers
roughly simultaneously and every one is repeated several times with
intervals of a few minutes. This makes it seem like a polling across the
network for footprinting (which is quite large, BTW) or perhaps some sort
of malformed connection attack.
Does anyone recognize this? Any feedback would be appreciated.
Jaime Castells, CISSP
--
"NOTICE: The information contained in this electronic mail transmission is
intended by Convergys Corporation for the use of the named individual or
entity to which it is directed and may contain information that is
privileged or otherwise confidential. If you have received this electronic
mail transmission in error, please delete it from your system without
copying or forwarding it, and notify the sender of the error by reply email
or by telephone (collect), so that the sender's address records can be
corrected."
