[rescue] SSH between PowerBook OS X .1.2 and Solaris

[Steve Sandau]

I have been looking at ssh sessions with ethereal on a linux box. Might
be worth doing something like that, too. The really interesting part is
going to be watching what the server does when you request a session,
though. The ssh sessions I have tracked here just now show a reverse DNS
lookup for the client requesting the ssh connection. To check on that
you'll need to sniff on/near the server. A look in the logs on the
server might show a failed reverse DNS, too. Do you have
masqueraded/hidden/private IPs at home? I forgot if you said so...

As I'm watching, the server does not send a packet back with the "push"
bit set until after doing a reverse lookup.

Also of interest in that case would be the setup of the sshd config
file. Does it permit by IP address or domain name? (I think it's
possible to permit by IP; anyone know?)

I like packet sniffers. ;) Suppose that's obvious, though...

Larry Snyder wrote:
> 
> Ya only need to watch it at your end.  All else remains the same.
> 
> Ken Hansen <n2vip at yahoo.com> wrote:
> > This is a transcontinental link attempt - both machines are not on the
> > same Ethernet segment...
> >
> > Ken
> >
> > On Wednesday, December 26, 2001, at 10:43 PM, Larry Snyder wrote:
> >
> > > Another shot, if you're hub-ish rather than switch-ish (or can be),
> > > would be a tcpdump/etherfind/snoop trace.  If it's an honest tcp
> > > refusal, it'll show up in the first few lines.
> >
> >
> > _________________________________________________________
> > Do You Yahoo!?
> > Get your free @yahoo.com address at http://mail.yahoo.com
> >
> > _______________________________________________
> > rescue maillist  -  rescue at sunhelp.org
> > http://www.sunhelp.org/mailman/listinfo/rescue
> _______________________________________________
> rescue maillist  -  rescue at sunhelp.org
> http://www.sunhelp.org/mailman/listinfo/rescue

-- 
Steve Sandau
IS Technician, TMA Bath, Maine
ssandau at bath.tmac.com