Security Incidents mailing list archives
Re: Automated SSH scanning
From: Mimic Doppelganger <mimics_clone () HOTMAIL COM>
Date: Tue, 25 Jul 2000 18:03:30 GMT
What differentiates a hostile scan from an unwelcome benign scan? Does the fact that an operator has the balls to put up a web-site, admitting that (he || she || it) is allegedly scanning random ip addresses for commercial and/or academic reasons, mitigate the operator's behavior? Do not take this as an accusation of wrong doing or dark motives -- it is just difficult to separate these actions from the behavior of JQ Cracker. A Date: Mon, 24 Jul 2000 19:06:48 -0500 From: John Kristoff <jtk () DEPAUL EDU> Reply-To: jtk () aharp is-net depaul edu To: INCIDENTS () SECURITYFOCUS COM Subject: Automated SSH scanning Saw some SSH probes today, which frightened me somewhat. It turns out to be survey profiling device. This machine (the source of the probes), offer's some brief details: http://ssh-research-scanner.ucs.ualberta.ca/ Although it would be nice if *they* filtered the netblocks people didn't want scanned rather than placing the burden on the sites they are scanning. John ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
Current thread:
- Re: Automated SSH scanning Mimic Doppelganger (Jul 25)
- <Possible follow-ups>
- Re: Automated SSH scanning David Goldsmith (Jul 26)