Useless log message "POSSIBLE BREAK-IN ATTEMPT"

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



If it bothers you turn it off:


     UseDNS  Specifies whether sshd(8) should look up the remote host name and check that the resolved host name for the remote IP
             address maps back to the very same IP address.  The default is ``yes''.

- Ben

On Dec 24, 2013, at 11:23 PM, Kaz Kylheku <kaz at kylheku.com> wrote:

> 
> 
> We cannot conclude that just because the source IP address of a
> connection doesn't have forward and reverse DNS info, that the
> connection is a break-in attempt. This is a content-free entry that
> wastes valuable visual space in the auth log: 
> 
> Dec 23 2013 18:51:44 localhost sshd[30321]: reverse mapping checking
> getaddrinfo for 222.109.250.63.static.addr.dsl4u.ca [63.250.109.222]
> failed - POSSIBLE BREAK-IN ATTEMPT! 
> 
> That was me, logging in from a smartphone, from a Wi-Fi hotspot. 
> 
> Never mind logging; the software should not even be performing these
> pointless time and bandwidth wasting lookups. 
> 
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux