I have ISPconfig 2.0 setup with Debian 5.0 (Lenny) on my server. I have a two network card setup, which one network card is directly connected to the Net, while the second network card is hooked up on my internal lan. I have this weird issue where the wan interface doesn't respond and crashes. I can't access the apache or ssh. I can access the web and SSH through the local lan interface, but not just the wan part of it. I used to just restart the wan interface and it would fix it but today, I tried to SSH into it via local LAN ip and it disconnects stating, "server unexpectedly closed the network connection." It gives the login prompt, when I enter the username, it hangs for a while then gives me that message. I noticed in the logs that some people were trying to get it via ftp and SSH, but I installed fail2ban to temporarily ban them. Does anyone know why my WAN interface keeps dying on me?
Yes, I turned it on a but then I turned it off and saved the setting. Now it says it's off but it still won't connect on the WAN interface via web. I tried to SSH into the box and it gives the login prompt and now asks for the password but immediately logs me off with the same error message as before. It's gotten farther than before. Do I need to reboot the machine to disable the built-in firewall?
I'd reboot and try to log in with SSH afterwards. If that works, run rkhunter and/or chkrootkit to check if there's any malware on your system.
Thanks, I rebooted it and it worked. I ran chkrootkit and rkhunter and they both didn't find anything. I had a few ports that chkrootkit found but it was used by portsentry. I hope this problem goes away. I already banned quite a few IPs for trying to hammer my SSH and FTP ports.
