Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Voluminous SSHd scanning; possible worm activity?

From: Markus Friedl <markus () openbsd org>
Date: Wed, 12 Dec 2001 12:27:04 +0100
On Tue, Dec 11, 2001 at 04:58:21PM -0800, jon schatz wrote:

(ie, UseLogin and sftp)


they cannot be related to ssh scanning (and if they are a
problem to a site they are _local_ problems).

even if there was a new exploit, most of the scanning will
be related to the crc32 bug, since about 30% of the servers
are still not upgraded:

        http://www.citi.umich.edu/u/provos/ssh/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: