1 Anexo(s)
Re: Negação de serviço do sshd
Montei um log as informações do /var/adm/messagens, estou muito desconfiada dessa entrada de log:
Apr 13 08:04:13 Server-Osol mDNSResponder: [ID 702911 daemon.error] Correcting TTL from 240 to 60 for 207 hp LaserJet 1320 series (C6597C)._printer._tcp.local. TXT txtvers=1
Não tenho nenhuma informação desa "impressora", não tenho maiores informações da rede de onde trabalho.
Desconfio dessa entrada porque ela esta sempre presente antes das negação de serviço e não tem nenhuma explicação logica pois dentro da rede interna não existe mais que 4 faltos.
Em relação a essa entrada fiz um post no forum do opensolaris OpenSolaris Forums : Opensolaris server problem undefined ...
Arquivo de log: Anexo 21686
Re: Negação de serviço do sshd
mas e do cliente para o servidor ? que erro da ?
aproveita e posta o conf.
Re: Negação de serviço do sshd
Após 3 tentativas do ssh, no teminal informa que o server não é encontrado.
Tenho essa debug do ssh-client de uma tentativa de acesso de uma maquina cliente.
OpenSSH_5.5p1 Debian-4ubuntu4, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to eagle2.acad.unisc.br [10.17.0.16] port 22.
debug1: Connection established.
debug1: identity file /home/xxx/.ssh/id_rsa type -1
debug1: identity file /home/xxx/.ssh/id_rsa-cert type -1
debug1: identity file /home/xxx/.ssh/id_dsa type -1
debug1: identity file /home/xxx/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.3
debug1: no match: Sun_SSH_1.3
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu4
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: ar-EG,ar-SA,cs-CZ,de,de-AT,de-CH,de-DE,de-LU,el,el-CY,el-GR,en-US,es,es-AR,es-BO,es-CL,es-CO,es-CR,es-EC,es-ES,es-GT,es-MX,es-NI,es-PA,es-PE,es-PY,es-SV,es-US,es-UY,es-VE,fr,fr-BE,fr-CA,fr-CH,fr-FR,fr-LU,he-IL,hu-HU,id-ID,it,it-IT,ja-JP,ko,ko-KR,nl-NL,pl-PL,pt-BR,ru,ru-RU,sk-SK,sv,sv-SE,zh,zh-CN,zh-HK,i-default,zh-TW
debug2: kex_parse_kexinit: ar-EG,ar-SA,cs-CZ,de,de-AT,de-CH,de-DE,de-LU,el,el-CY,el-GR,en-US,es,es-AR,es-BO,es-CL,es-CO,es-CR,es-EC,es-ES,es-GT,es-MX,es-NI,es-PA,es-PE,es-PY,es-SV,es-US,es-UY,es-VE,fr,fr-BE,fr-CA,fr-CH,fr-FR,fr-LU,he-IL,hu-HU,id-ID,it,it-IT,ja-JP,ko,ko-KR,nl-NL,pl-PL,pt-BR,ru,ru-RU,sk-SK,sv,sv-SE,zh,zh-CN,zh-HK,i-default,zh-TW
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 122/256
debug2: bits set: 513/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: host eagle2.acad.unisc.br filename /home/xxx/.ssh/known_hosts
debug3: check_host_in_hostfile: host eagle2.acad.unisc.br filename /home/xxx/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug3: check_host_in_hostfile: host 10.17.0.16 filename /home/xxx/.ssh/known_hosts
debug3: check_host_in_hostfile: host 10.17.0.16 filename /home/xxx/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 3
debug1: Host 'eagle2.acad.unisc.br' is known and matches the RSA host key.
debug1: Found key in /home/xxx/.ssh/known_hosts:2
debug2: bits set: 509/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/xxx/.ssh/id_rsa ((nil))
debug2: key: /home/xxx/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug3: start over, passed a different list gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1000' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1000' not found
debug1: Unspecified GSS failure. Minor code may provide more information
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/xxx/.ssh/id_rsa
debug3: no such identity: /home/xxx/.ssh/id_rsa
debug1: Trying private key: /home/xxx/.ssh/id_dsa
debug3: no such identity: /home/xxx/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
Re: Negação de serviço do sshd
Você verificou se a partição onde ficam os logs não está cheia? Veja também se não ha limite de conexoes no kernel ou no seu firewall
Re: Negação de serviço do sshd
Não é problema de espaço, tenho que verificar isso no kernel, alguma dica de como extraio essa informação?
Não tenho acesso as configurações do firewall da rede.