From owner-freebsd-xen@FreeBSD.ORG  Thu May 30 15:11:02 2013
Return-Path: <owner-freebsd-xen@FreeBSD.ORG>
Delivered-To: freebsd-xen@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 8ABCAF67;
 Thu, 30 May 2013 15:11:02 +0000 (UTC) (envelope-from jeroen@dckd.nl)
Received: from positron.dckd.nl (positron.dckd.nl [IPv6:2a02:898:62:f6::63])
 by mx1.freebsd.org (Postfix) with ESMTP id 5030FB75;
 Thu, 30 May 2013 15:11:02 +0000 (UTC)
Received: from wcw-staff-215-240.wireless.uva.nl
 (wcw-staff-215-240.wireless.uva.nl [145.18.215.240])
 (using TLSv1 with cipher AES128-SHA (128/128 bits))
 (No client certificate requested)
 by positron.dckd.nl (Postfix) with ESMTPSA id 7C1E2F8905;
 Thu, 30 May 2013 17:10:59 +0200 (CEST)
Content-Type: text/plain; charset=iso-8859-1
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
Subject: Re: FreeBSD PVHVM call for testing
From: Jeroen van der Ham <jeroen@dckd.nl>
In-Reply-To: <CAKYr3zxo0-BOBQuJk_qY2=kbxnMyMR7gffEzoVL+YuTmj-Trdg@mail.gmail.com>
Date: Thu, 30 May 2013 17:10:59 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <9BD00E17-0A80-44C6-8B7B-2933265F4664@dckd.nl>
References: <519131D8.9010307@citrix.com> <519E54DE.5090304@citrix.com>
 <6B8B9354-AF52-4081-B67B-04565D1BCE99@dckd.nl> <51A71616.4060508@citrix.com>
 <ED94B614-A210-4D0B-A60B-8022C30BB0F1@dckd.nl>
 <CAKYr3zxo0-BOBQuJk_qY2=kbxnMyMR7gffEzoVL+YuTmj-Trdg@mail.gmail.com>
To: Outback Dingo <outbackdingo@gmail.com>
X-Mailer: Apple Mail (2.1503)
Cc: "freebsd-xen@freebsd.org" <freebsd-xen@freebsd.org>,
 "xen-users@lists.xen.org" <xen-users@lists.xen.org>,
 xen-devel <xen-devel@lists.xen.org>,
 "freebsd-virtualization@freebsd.org" <freebsd-virtualization@freebsd.org>
X-BeenThere: freebsd-xen@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Discussion of the freebsd port to xen - implementation and usage
 <freebsd-xen.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-xen>,
 <mailto:freebsd-xen-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-xen>
List-Post: <mailto:freebsd-xen@freebsd.org>
List-Help: <mailto:freebsd-xen-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-xen>,
 <mailto:freebsd-xen-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 30 May 2013 15:11:02 -0000

Hi,

On 30 May 2013, at 16:56, Outback Dingo <outbackdingo@gmail.com> wrote:
> first is this a public vm ? and if so who is??
> May 29 23:42:30 image01 sshd[31227]: error: Received disconnect from
> 150.165.15.175: 11: Bye Bye [preauth]
>=20
> because it is after this potential ssh login attempt, so is this you, =
has
> there been a breach ? only thing i noticed, but it might be nothing.

This VM is on a public IP indeed, and SSH connectivity is enabled. As =
with any publicly accessible host this then becomes the target of ssh =
scans.

I included the message just to show that between it and the reboot =
nothing had been logged.

AFAICT there has not been a breach, and I have not seen any indications =
at all that there may be one.

Jeroen.