Blocking SSH-1.0-SSH_Version_Mapper?
From: Steve Snyder (swsnyder@home.com)Date: 01/28/02
- Next message: Matt Giwer: "WWW.GIWERSWORLD.ORG"
- Previous message: Serena: "X11forwarding with ssh2 running on a netra AC200,"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Steve Snyder <swsnyder@home.com> Date: Mon, 28 Jan 2002 14:21:50 GMT
I've been seeing a lot of scans lately:
sshd[20270]: scanned from 203.248.195.95 with SSH-1.0-SSH_Version_Mapper.
Don't panic.
sshd[5918]: scanned from 203.58.81.100 with SSH-1.0-SSH_Version_Mapper.
Don't panic.
sshd[27695]: scanned from 212.32.168.22 with SSH-1.0-SSH_Version_Mapper.
Don't panic.
sshd[4232]: scanned from 206.101.242.55 with SSH-1.0-SSH_Version_Mapper.
Don't panic.
Ok, I'm not panicking but I am concerned.
This is with OpenSSH v2.9p2 on a Linux box. Apart from blocking these IP
addresses in my firewall (after the fact), what can I do to discourage
people from scanning my server?
Given how popular SSH-1.0-SSH_Version_Mapper seems to be with snoops and
busybodies, is there a way to defeat its use?
Thanks.
- Next message: Matt Giwer: "WWW.GIWERSWORLD.ORG"
- Previous message: Serena: "X11forwarding with ssh2 running on a netra AC200,"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
