Re: "Don't panic"?
From: Mike Iglesias (iglesias@draco.acs.uci.edu)Date: 01/30/02
- Previous message: Bigdakine: "Re: OpenSSH version question"
- In reply to: Richard Silverman: "Re: "Don't panic"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: iglesias@draco.acs.uci.edu (Mike Iglesias) Date: 30 Jan 2002 03:14:41 GMT
In article <m1lk7u0ls31.fsf@sys1.des.jhy.us.ml.com>,
Richard Silverman <res@des.jhy.us.ml.com> wrote:
>What "abuse" would you have him report? He has a box connected to the
>Internet, with an SSH server accepting connections from anywhere. Someone
>connected to it, exchanged a few bytes according the SSH protocol, then
>disconnected. That's not abuse; it's what's supposed to happen.
Well Richard, if you've been scanned almost 60 times this month (like
we have) by people looking for ssh servers on your network, you'd
report it too. It's kinda obvious that if you're seeing scans from
scanssh, someone is mapping sshd versions on your network. If you don't
know who it's from, I doubt it's friendly.
-- Mike Iglesias Internet: iglesias@draco.acs.uci.edu University of California, Irvine phone: 949-824-6926 Network & Academic Computing Services FAX: 949-824-2069
- Next message: Richard E. Silverman: "Re: upgrading from SSH version 2 to SSH version 3"
- Previous message: Bigdakine: "Re: OpenSSH version question"
- In reply to: Richard Silverman: "Re: "Don't panic"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
