[Nottingham] sshd - POSSIBLE BREAK-IN ATTEMPT!
Martin
martin at ml1.co.uk
Thu Jun 29 12:23:50 BST 2006
Chris Burton wrote:
>> What's that variation?
>> Where's ssh getting its mappings from?
>
> It just means ssh looks up the reverse DNS on the IP 71.16.200.56 and it
> gets back uslec-71.16.200.56.cust.uslec.net, then it tries to verify
> that points to the same IP but in this case it doesn't exist so it
Doesn't that check mean only that the service provider hasn't set the
DNS for that particular address?
The IP address must still be valid even if the machine there is acting
merely as a relay...?
> thinks the world is about to end and its time to get new underwear.. its
> all a bit o.t.t. really but such is life.
Thanks for the explanation.
Well, its good to get the warning. I already know its a break-in attempt
being as I'm the only one to log in and I'm here at that machine's
keyboard!
Cheers,
Martin
--
----------------
Martin Lomas
martin at ml1.co.uk
----------------
More information about the Nottingham
mailing list