# Strange Thing



## Canuck (Apr 11, 2012)

Hi all I am running an older version of FreeBSD: FreeBSD 6.3-RELEASE-p2 #2: Wed Jun 18 20:23:41 EDT 2008

This server is hosting three jails one of which is my mail gateway.  From time to time the server and jail hosts will stop responding.  Let me clarify, I can ping the host and all of the jails, but I cannot connect via ssh to see what is wrong.   I have to go to the console to see what is up.  It turns out that when I hit the space bar of the machine things start working again. I notice that there are several brute force dictionary attacks however I am unable to determine (because there is nothing in the log files) that these attacks (on one of the jails) are the cause of the problem.  Does anyone have any idea or can someone point me in a direction?  Upgrading is not an option right now!  I want to solve and understand this issue.

thanks,
/canuck


----------



## gkontos (Apr 12, 2012)

Your system resources could get exhausted after a descend attack. Especially if you are running a not patched OS with obsolete software.


----------



## SirDice (Apr 12, 2012)

gkontos said:
			
		

> Especially if you are running a not patched OS with obsolete software.


Not only that, if I remember correctly SSH had a few security issues too. Those have never been patched on 6.x.

6.3 went end-of-life over 2 years ago. That means NO security updates for the past 2 years.

http://www.freebsd.org/security/#unsup

I suggest taking it off-line a.s.a.p. and replace it with a current, supported version.


----------



## debguy (Apr 12, 2012)

*I*f you haven't read all the code it isn't secure. *A*nyway if you thought it was - police can seize it 

*A*re you sure you don't the usual mysteries goi*ng* on? *L*ike having "localhost" going up and down? *A* cron job doi*ng* things? *M*aybe hitting the spacebar is waking up the computer and the "cracklib" hacks are just due to stall errors?

*Y*our "key" to understanding this is strict understanding of how your "console" is connected to the keyboard, kernel, login.

*W*hy does it work if you hit a key? *T*hat makes no sense unless you trace it from the origin.

(*E*x. really if someone has a shell account why would it lock you out until a key was hit? *T*hat could only serve as a practical joke - useless).


----------

