Date: Wed, 15 Mar 2006 21:15:51 -0500 From: Doug Lee <dgl@dlee.org> To: freebsd-questions@freebsd.org Subject: Constant ssh errors - sign of security issue? Message-ID: <20060316021551.GH92380@kirk.dlee.org>
next in thread | raw e-mail | index | archive | help
I run two FreeBSD 4.10 systems and access them via ssh2 from a Windows XP machine running Cygwin ssh, connecting via EVDO link. I get a whole lot of three things: 1. Spontaneous "read from remote host ... terminated; connection reset by peer." Mind, this is normal on an actual connection failure (timeout), but this one can happen while I'm actively typing something through the connection, and with no other evidence that my Internet connection (at either end) is failing.. 2. On reconnect attempt, a message saying the connection was immediately closed by the remote (FreeBSD) side. 3. Less often and frequently on my next connection attempt after #2, a "software connection abort" message. The normal sequences are (4 being successful relink) 1-4, 1-2-4, and 1-2-3-4. I think 1-2-4 and 1-4 are about equally common and 1-2-3-4 is comparatively rare. Being unfamiliar with how all of these can happen while my actual Internet connection (and other TCP connections for example) seems fine, I am wondering if any of this could represent a security issue--packet snooping/redirection/"man-in-the-middle" attacks, etc. Thanks in advance for any input. Please Cc me. -- Doug Lee dgl@dlee.org SSB + BART Group doug@bartsite.com http://www.bartsite.com "Believe, when you are most unhappy, that there is something for you to do in the world. So long as you can sweeten another's pain, life is not in vain." --Helen Keller
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060316021551.GH92380>