Re: CentOS6 - Break in attempt? What is the Exploit?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]




> In other words, the
>hostkeys would be identical.

I think what the error indicates is that a client tried to connect to SSH, and the host key there did not match the fingerprint in the client's "known_hosts" database.

>It seems to me that someone attempted an ssh connection while spoofing
>our internal address.  Is such a thing even possible? If so then how
>does it work?

In the situation as you've described it, probably not.

It would be best to go to your logs themselves for the full log entry and context, rather than relying on a report that summarizes log entries.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux