Bug with PT_SSHDHUNG and sshd: unknown [net]
Posted: 21 Oct 2017, 19:06
EXPECTED:
PT_SSHDHUNG is supposed to kill "sshd: unknown [priv]" and "sshd: unknown [net]" processes.
PROBLEM:
It doesn"t kill "sshd: unknown [net]"
SOLUTION:
Change the following line in lfd and add a test with SPACE at the end just like this "sshd: unknown [net] "<-- note the space at the end.
from
if ($cmdline eq "sshd: unknown [net]" or $cmdline eq "sshd: unknown [priv]") {
to
if ($cmdline eq "sshd: unknown [net]" or $cmdline eq "sshd: unknown [net] " or $cmdline eq "sshd: unknown [priv]") {
NOTE:
Maybe the problem comes from ssh and will be corrected later, but lfd has to manage this.
VERSIONS:
Centos 4.7 with cPanel v66.0.26 (last available)
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
csf v11.01
PT_SSHDHUNG is supposed to kill "sshd: unknown [priv]" and "sshd: unknown [net]" processes.
PROBLEM:
It doesn"t kill "sshd: unknown [net]"
SOLUTION:
Change the following line in lfd and add a test with SPACE at the end just like this "sshd: unknown [net] "<-- note the space at the end.
from
if ($cmdline eq "sshd: unknown [net]" or $cmdline eq "sshd: unknown [priv]") {
to
if ($cmdline eq "sshd: unknown [net]" or $cmdline eq "sshd: unknown [net] " or $cmdline eq "sshd: unknown [priv]") {
NOTE:
Maybe the problem comes from ssh and will be corrected later, but lfd has to manage this.
VERSIONS:
Centos 4.7 with cPanel v66.0.26 (last available)
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
csf v11.01