This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Someone was banging on my sshd despite NAT


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This evening I noticed my network load was sky-high even though I
wasn't doing anything.  Turns out IP address 62.65.180.243 was banging
on port 22, causing a new sshd process every few seconds.  Bizarre
thing is that the machine in question, running cygwin on top of XP
SP2, is on a local net which is only NATed out to the internet via my
broadband modem and ISP.

A) How could this happen at all?
B) Anyone else heard of/seen anything like this?

I'm asking on this list because as far as my tired brain can tell,
this must be a complicated Windows+cygwin exploit. . .

ht
- -- 
 Henry S. Thompson, HCRC Language Technology Group, University of Edinburgh
                     Half-time member of W3C Team
    2 Buccleuch Place, Edinburgh EH8 9LW, SCOTLAND -- (44) 131 650-4440
            Fax: (44) 131 650-4587, e-mail: ht@inf.ed.ac.uk
                   URL: http://www.ltg.ed.ac.uk/~ht/
[mail really from me _always_ has this .sig -- mail without it is forged spam]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFDMz1AkjnJixAXWBoRAmfSAJ9lJiFrAATR42r4IgMJy7m8CoqPpACfTbTK
3Lyv2lsWrf0HHleHJO/kY+Q=
=eKua
-----END PGP SIGNATURE-----

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]