Page 1 of 1

Bug with PT_SSHDHUNG and sshd: unknown [net]

Posted: 21 Oct 2017, 19:06
by Stassy
EXPECTED:
PT_SSHDHUNG is supposed to kill "sshd: unknown [priv]" and "sshd: unknown [net]" processes.

PROBLEM:
It doesn"t kill "sshd: unknown [net]"

SOLUTION:
Change the following line in lfd and add a test with SPACE at the end just like this "sshd: unknown [net] "<-- note the space at the end.

from
if ($cmdline eq "sshd: unknown [net]" or $cmdline eq "sshd: unknown [priv]") {
to
if ($cmdline eq "sshd: unknown [net]" or $cmdline eq "sshd: unknown [net] " or $cmdline eq "sshd: unknown [priv]") {

NOTE:
Maybe the problem comes from ssh and will be corrected later, but lfd has to manage this.

VERSIONS:
Centos 4.7 with cPanel v66.0.26 (last available)
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
csf v11.01

Re: Bug with PT_SSHDHUNG and sshd: unknown [net]

Posted: 22 Oct 2017, 10:33
by ForumAdmin
We will implement a regex solution in the next release.

Re: Bug with PT_SSHDHUNG and sshd: unknown [net]

Posted: 22 Oct 2017, 13:54
by Stassy
Thanks