Security Incidents mailing list archives
RE: Increase in SSH scans
From: Paulo.Sedrez () weavers com br
Date: Wed, 02 Oct 2002 04:08:11 -0300 (BRT)
On 30-Sep-2002 Keith T. Morgan wrote:
# grep 'Sep\ 2[2-9]' /var/log/messages | grep 'DPT=22' | wc
Please, try something like: # grep 'Sep 2[2-9]' /var/log/messages | grep 'PROTO=TCP .* DPT=22 ' | wc -l This will avoid mixing UDP port 22 or ports 22* with TCP port 22. ----- Paulo F. Sedrez Diretor de Tecnologia Weavers Network Consulting Tel/Fax: +55-21-2239-3190 http://www.weavers.com.br Paulo.Sedrez () weavers com br -------------------------- Thought of the day: "Pascal is Pascal is Pascal is dog meat." -- M. Devine and P. Larson, Computer Science 340 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RE: Increase in SSH scans Paulo . Sedrez (Oct 02)