[CLUE-Tech] sshd question
Chris Schock
black at clapthreetimes.com
Wed Dec 1 07:19:05 MST 2004
What is your [hardware] firewall? Sounds like the problem is there.
Is it a linksys wrt54g by any chance? I have one of those, and
occasionally it "forgets" to forward ports. Also the Qwest Actiontec DSL
routers are fairly flakey and occasionally require power resets.
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> This is perhaps an anamoly but I wanted to ask the network gurus on this
> list.
>
> I have sshd running on my linux box on the comcast network.
>
> Today, I was unable to connect from a remote network. I tried a number of
> things:
>
> 1. Checked my logs. I see that some pinhead in .cz has been trying to
> guess
> passwords - there are about 200 attempts in the last month for various
> users
> to connect to sshd. The funny attempts were for root, but nothing has
> been
> compromised.
>
> 2. Confirmed that sshd was running.
>
> 3. Restarted sshd. Still unable to connect.
>
> 4. Connected via sshd from another host in my home LAN. This worked, so
> I
> began to suspect the external network connection to my LAN.
>
> 5. Confirmed that my noipd was running and no one has hijacked my host
> [which
> happened before once].
>
> 5. Changed my [hardware] firewall to forward a different external port
> 5555
> to port 22 on the Linux box. I was thinking that comcast maybe started
> blocking port 22. This worked and I was able to connect using $ ssh -p
> 5555
> host.example.com
>
> 6. For fun, I changed the firewall configuration back to the original
> setting
> - - external port 22 maps to linux box, port 22. Then I was able to get
> in. I
> tried again several more times and all is well with external port 22.
>
> I am trying to make sense of this. I am thinking that it was a fluke and
> some
> upstream router or switch was hosed and coincindentally was resolved as I
> did
> the external port remapping. I am too ignorant to know of other reasons.
>
> Would others suggest alternative explanations?
>
> Thanks
> Jeff
>
> - --
> "Faith that does not affect a person's culture is a faith not fully
> embraced,
> not entirely thought out, not faithfully lived."
> - - Pope John Paul II
>
> http://isuma.org/
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
>
> iD8DBQFBrUuNi4b9OApLCmoRAsgXAJ9O+btlLV5v31rTDUWAh7Knem/JCQCfbNSO
> m9/lAXwXg2oL67nc0XKKZOQ=
> =Q+vQ
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> CLUE-Tech mailing list
> Post messages to: CLUE-Tech at clue.denver.co.us
> Unsubscribe or manage your options:
> http://clue.denver.co.us/mailman/listinfo/clue-tech
>
More information about the clue-tech
mailing list