SSH Detector Incorrectly Adds Service

Description

The SSH Detector incorrectly detects SSH on some devices.

telnet 10.61.19.2 22
Trying 10.61.19.2...
Connected to 10.61.19.2.
Escape character is '^]'.
Connection closed by foreign host.

Note that there is a connection to port 22 but that it is immediately dropped. However, the service is added to OpenNMS.

The SSH detector should go beyond just a port check to test to see if there is, at a minimum, an SSH header. It should also exit cleanly as to avoid spurious SSH logs on the host device.

Workaround:

Modify the foreign source to use the TCP detector with a parameter of "banner" and a value of "SSH".

Environment

OpenNMS on CentOS 6

Acceptance / Success Criteria

None

Lucidchart Diagrams

Activity

Show:

Details
Assignee
Unassigned
Reporter
Tarus Balog
Labels
RB
Components
Provisioning / Discovery / Importer
Affects versions
1.10.6
Priority
Major

PagerDuty

Created October 30, 2012 at 11:53 AM

Updated September 21, 2021 at 6:24 PM

Configure

SSH Detector Incorrectly Adds Service

Description

Environment

Acceptance / Success Criteria

Lucidchart Diagrams

Activity

Details
Assignee
Unassigned
Reporter
Tarus Balog
Labels
RB
Components
Provisioning / Discovery / Importer
Affects versions
1.10.6
Priority
Major

Details

Assignee

Reporter

Labels

Components

Affects versions

Priority

PagerDuty

PagerDuty

Flag notifications

Something's gone wrong

SSH Detector Incorrectly Adds Service

Description

Environment

Acceptance / Success Criteria

Lucidchart Diagrams

Activity

DetailsAssigneeUnassignedUnassignedReporterTarus BalogTarus BalogLabelsRBComponentsProvisioning / Discovery / ImporterAffects versions1.10.6PriorityMajor

Details

Assignee

Reporter

Labels

Components

Affects versions

Priority

PagerDutyPagerDuty Incident

PagerDuty

Flag notifications

Something's gone wrong

Details
Assignee
Unassigned
Reporter
Tarus Balog
Labels
RB
Components
Provisioning / Discovery / Importer
Affects versions
1.10.6
Priority
Major

PagerDuty