RE: [suse-security] Strange server crash

["b@rry" <b@xxxxxxxxx>]

> I noticed this in the logs as well.
> Oct 17 08:20:55 fileserver sshd[3857]: reverse mapping checking
> getaddrinfo for ar-sd.net.155.77.82.in-addr.arpa failed - POSSIBLE
> BREAKIN ATTEMPT!
This is one of the locations from where I connect remotely. Tried to fix 
this... but still got the error.


All this means is that there is no PTR record for that IP address.
In order to get these out of your logs just ask your provider to set the
PTR's up correctly.
[root@mail ~]# dig -x 82.77.155.72

; <<>> DiG 9.3.1 <<>> -x 82.77.155.72
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50823
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;72.155.77.82.in-addr.arpa.     IN      PTR

;; ANSWER SECTION:
72.155.77.82.in-addr.arpa. 86400 IN     PTR
ar-sd.net.155.77.82.in-addr.arpa                             .

;; AUTHORITY SECTION:
155.77.82.in-addr.arpa. 86400   IN      NS      ns3.rdstm.ro.
155.77.82.in-addr.arpa. 86400   IN      NS      ns.rdstm.ro.

;; ADDITIONAL SECTION:
ns.rdstm.ro.            86358   IN      A       193.231.233.1

;; Query time: 219 msec
;; SERVER: 209.212.96.1#53(209.212.96.1)
;; WHEN: Tue Oct 18 06:54:38 2005
;; MSG SIZE  rcvd: 126

*** BUT ar-sd.net.155.77.82.in-addr.arpa does not resolve...

[root@mail ~]# dig ar-sd.net.155.77.82.in-addr.arpa

; <<>> DiG 9.3.1 <<>> ar-sd.net.155.77.82.in-addr.arpa
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3472
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ar-sd.net.155.77.82.in-addr.arpa. IN   A

;; AUTHORITY SECTION:
155.77.82.in-addr.arpa. 10645   IN      SOA     ns.rdstm.ro. tech.rdstm.ro.
2005062903 10800 3600 345600 86400

;; Query time: 2 msec
;; SERVER: 209.212.96.1#53(209.212.96.1)
;; WHEN: Tue Oct 18 06:56:32 2005
;; MSG SIZE  rcvd: 102