Security Incidents mailing list archives
RE: Voluminous SSHd scanning; possible worm activity?
From: "Schroeder, Eric" <Eric.Schroeder () westgroup com>
Date: Mon, 10 Dec 2001 12:34:48 -0600
True, but the people scanning don't know what OS you are running until they scan you. I'll also be willing to bet that most of them are automated, which won't take into account different OS's. Eric Schroeder /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Network Engineer West Group, NAG PH: 651.848.2868 E1-N113 Eric.Schroeder () westgroup com /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ -----Original Message----- From: Jay D. Dyson [mailto:jdyson () treachery net] Sent: Monday, December 10, 2001 12:34 PM To: Incidents List Cc: Schroeder, Eric Subject: RE: Voluminous SSHd scanning; possible worm activity? -----BEGIN PGP SIGNED MESSAGE----- On Mon, 10 Dec 2001, Schroeder, Eric wrote:
There was a recent vulnerability discovered in RedHat's OpenSSH. I have included the RH notice on the fix.
Thanks...but, um...I'm running Solaris 7. So far, none of my boxen seem to have been successfully penetrated; just scanned until they squeal. - -Jay ( ( _______ )) )) .-"There's always time for a good cup of coffee"-. >====<--. C|~~|C|~~| (>----- Jay D. Dyson -- jdyson () treachery net -----<) | = |-' `--' `--' `---------- Si vis pacem, para bellum. ----------' `------' -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: See http://www.treachery.net/~jdyson/ for current keys. iQCVAwUBPBTyJrlDRyqRQ2a9AQGq+gP+LKSnsaYhNqn7x6JAsf18dbiIO5dS2v2r ZN9GG9qDURNKAbBO61aWbMcm/JNMgC6HSnJrQXI8Fh2Ny1d1QWw1kPgoFPWNkc1G kRF9LdFEA5f3wANm4AxXsti4CO2cT7icxqCJyuutBgeKz2uwOJuN7uJMMFOh7i6P 98g8UvNPIMk= =Mdrg -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Voluminous SSHd scanning; possible worm activity?, (continued)
- Re: Voluminous SSHd scanning; possible worm activity? Armando Ortiz (Dec 10)
- Re: Voluminous SSHd scanning; possible worm activity? Russell Fulton (Dec 10)
- Re: Voluminous SSHd scanning; possible worm activity? Jacek Lipkowski (Dec 11)
- Re: Voluminous SSHd scanning; possible worm activity? Glenn Forbes Fleming Larratt (Dec 16)
- Re: Voluminous SSHd scanning; possible worm activity? Clarissa Cook (Dec 17)
- Re: Voluminous SSHd scanning; possible worm activity? Neil Dickey (Dec 10)
- Re: Voluminous SSHd scanning; possible worm activity? Jay D. Dyson (Dec 10)
- RE: Voluminous SSHd scanning; possible worm activity? Schroeder, Eric (Dec 10)
- RE: Voluminous SSHd scanning; possible worm activity? Jay D. Dyson (Dec 10)
- Re: Voluminous SSHd scanning; possible worm activity? Markus Friedl (Dec 10)
- RE: Voluminous SSHd scanning; possible worm activity? Schroeder, Eric (Dec 10)
- Re: Voluminous SSHd scanning; possible worm activity? Florian Weimer (Dec 10)
- Re: Voluminous SSHd scanning; possible worm activity? Markus Friedl (Dec 11)
- Re: Voluminous SSHd scanning; possible worm activity? Florian Weimer (Dec 10)
- RE: Voluminous SSHd scanning; possible worm activity? Gommers, Joep (Dec 11)
- RE: Voluminous SSHd scanning; possible worm activity? Damien Miller (Dec 11)
- RE: Voluminous SSHd scanning; possible worm activity? Jay D. Dyson (Dec 11)
- Re: Voluminous SSHd scanning; possible worm activity? Bertrand Lupart (Dec 12)
- Re: Voluminous SSHd scanning; possible worm activity? Jonathan Bloomquist (Dec 13)
- RE: Voluminous SSHd scanning; possible worm activity? jon schatz (Dec 11)
- Re: Voluminous SSHd scanning; possible worm activity? Markus Friedl (Dec 12)
- RE: Voluminous SSHd scanning; possible worm activity? Gommers, Joep (Dec 12)