This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Someone was banging on my sshd despite NAT
- From: ht at inf dot ed dot ac dot uk (Henry S. Thompson)
- To: cygwin at cygwin dot com
- Date: Fri, 23 Sep 2005 00:24:44 +0100
- Subject: Someone was banging on my sshd despite NAT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This evening I noticed my network load was sky-high even though I
wasn't doing anything. Turns out IP address 62.65.180.243 was banging
on port 22, causing a new sshd process every few seconds. Bizarre
thing is that the machine in question, running cygwin on top of XP
SP2, is on a local net which is only NATed out to the internet via my
broadband modem and ISP.
A) How could this happen at all?
B) Anyone else heard of/seen anything like this?
I'm asking on this list because as far as my tired brain can tell,
this must be a complicated Windows+cygwin exploit. . .
ht
- --
Henry S. Thompson, HCRC Language Technology Group, University of Edinburgh
Half-time member of W3C Team
2 Buccleuch Place, Edinburgh EH8 9LW, SCOTLAND -- (44) 131 650-4440
Fax: (44) 131 650-4587, e-mail: ht@inf.ed.ac.uk
URL: http://www.ltg.ed.ac.uk/~ht/
[mail really from me _always_ has this .sig -- mail without it is forged spam]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFDMz1AkjnJixAXWBoRAmfSAJ9lJiFrAATR42r4IgMJy7m8CoqPpACfTbTK
3Lyv2lsWrf0HHleHJO/kY+Q=
=eKua
-----END PGP SIGNATURE-----
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/