I have run into a difficult situation here.
I am at home, many hundereds of miles away from my OS X box, which I have been administering remotely via ssh for the past few weeks.
I rebooted it a few times, to see if everything would work, and it did. The last time I checked uptime (yesterday) it was at about five days. So my machine should be just sitting there, displaying the login window...
Anyhow, today the machine no longer responds to ssh, scp, or ftp, all of which were functional as of yesterday.
This morning, I tried to log in to my machine over ssh, and got as far as entering my username and password. When I hit return after typing the password, I got no further response. Now, ssh doesn't even get that far, and just clams up while "making a connection." I've tried NiftyTelnetSSH from home, as well as ssh from a solaris machine on campus.
My machine still responds to pings as fast as ever. The only abnormal things I did yesterday were "defaults write com.apple.dock orientation Right" to surprise myself when I got back, and running kmodstat a few times as root, to get a feel for how it works. (Just "sudo kmodstat"... I didn't even do a full su!)
Any ideas? Can kmodstat fark things up? I have heard tell of a memory leak in the TCP stack thingie -- does any one else know about this? Could that cause tcp daemons to freeze while leaving the machine responsive to pings? How might I fix this remotely (if at all?)
Also, I want to run a portscan, to see what remains open (and to see if anyone has perhaps hacked my box and opened other ports?) What's a good web portscanner? Are there other ways to find out if I've been infiltrated?
Any help at all would be much appreciated.
Zach
I am at home, many hundereds of miles away from my OS X box, which I have been administering remotely via ssh for the past few weeks.
I rebooted it a few times, to see if everything would work, and it did. The last time I checked uptime (yesterday) it was at about five days. So my machine should be just sitting there, displaying the login window...
Anyhow, today the machine no longer responds to ssh, scp, or ftp, all of which were functional as of yesterday.
This morning, I tried to log in to my machine over ssh, and got as far as entering my username and password. When I hit return after typing the password, I got no further response. Now, ssh doesn't even get that far, and just clams up while "making a connection." I've tried NiftyTelnetSSH from home, as well as ssh from a solaris machine on campus.
My machine still responds to pings as fast as ever. The only abnormal things I did yesterday were "defaults write com.apple.dock orientation Right" to surprise myself when I got back, and running kmodstat a few times as root, to get a feel for how it works. (Just "sudo kmodstat"... I didn't even do a full su!)
Any ideas? Can kmodstat fark things up? I have heard tell of a memory leak in the TCP stack thingie -- does any one else know about this? Could that cause tcp daemons to freeze while leaving the machine responsive to pings? How might I fix this remotely (if at all?)
Also, I want to run a portscan, to see what remains open (and to see if anyone has perhaps hacked my box and opened other ports?) What's a good web portscanner? Are there other ways to find out if I've been infiltrated?
Any help at all would be much appreciated.
Zach