cannot handle an IPv6 address correctly

Create issue
Issue #27 resolved
Hajimu UMEMOTO created an issue

sshguard cannot handle an IPv6 address correctly. It ends up with following syslog message:

Unable to interpret resolution result as IPv6 address: No space left on device.
Giving up entry.

The attached patch should fix the problem.

Comments (5)

  1. Kevin Zheng

    Your patch is correct, but IPv6 addresses should not trigger a name resolution. What was the attack (or perhaps just the address) that's triggering this issue?

  2. Hajimu UMEMOTO reporter

    Just doing FTP with wrong password. At that time, following messages are loggied with my patch applied.

    Mar 21 11:44:32 saku ftpd[23077]: FTP LOGIN FAILED FROM <REVERSE DNS NAME>, <USER>
    Mar 21 11:44:32 saku sshguard[8478]: Successfully resolved '<REVERSE DNS NAME>' --> 6:'<IPv6 ADDRESS>'.
    

    I think thre is no reason to exclude an IPv6 address from trigering a name resolution.

  3. Kevin Zheng

    Ahh, sorry, I assumed it was an IPv6 address that showed up in the logs, and the address was triggering the name resolution. As you indicated it's a hostname that shows up in the logs.

  4. Log in to comment