Stuck CLOSED sockets / sshd / zombies...
Karl Pielorz
kpielorz_lst at tdx.co.uk
Fri Apr 4 22:03:32 UTC 2014
--On 4 April 2014 16:13:09 -0400 John Baldwin <jhb at freebsd.org> wrote:
>> So I'm guessing that's a yes?
>
> Ugh, ok. Is this easy to reproduce?
Hmmm. I cloned the box today, and messed around with ssh on it - and didn't
manage to get a single stuck session.
The box with the problems has been 'sitting around' for quite a while -
with no services on it.
I may have just stumbled onto something that I didn't notice before. I've
traced all the stuck sshd's back to being created by security scanning
software we use to check our hosts.
I'm going to run the same scan against the new box and see if that creates
some stuck sessions.
Obviously, they shouldn't "stick" like this [technically no matter how much
they're 'abused']- and, unless the other people involved are running the
same security scans against their hosts I can't see it's just being that as
a cause - but if the scan does create zombies on the 2nd host - that would
at least make it reproducible.
I double checked - none of our other boxes (scanned with the same software)
show the same issue.
I'll do some tests and post back what I find...
-Karl
More information about the freebsd-hackers
mailing list