Re: SSH Version mapper scan
The application used for this prove is scanssh by Niels Provos
Its used to see what version of the daemon you are running,
perhaps checking if your version of the ssh daemon is vulnerable.
On Mon, 2002-05-13 at 03:00, Peter Cordes wrote:
> On Sun, May 12, 2002 at 04:31:55PM +0000, Pollywog wrote:
> > I just saw this in my logs. Should I be concerned and why is it
> > happening? TIA
> It's happening because someone connected to your SSH daemon and
> disconnected after reading the version string, just like sshd tried to tell
> you... As for whether to be concerned, don't panic :) I see that kind of
> message all the time on my system.
> > Unusual System Events
> > =-=-=-=-=-=-=-=-=-=-=
> > May 12 15:59:04 lilypad sshd: scanned from <SOME IP ADDRESS HERE>
> > with
> > SSH-1.0-SSH_Version_Mapper. Don't panic.
> > May 12 15:59:04 lilypad sshd: Did not receive identification string
> > from <SOME IP ADDRESS HERE>
> #define X(x,y) x##y
> Peter Cordes ; e-mail: X(email@example.com. , ns.ca)
> "The gods confound the man who first found out how to distinguish the hours!
> Confound him, too, who in this place set up a sundial, to cut and hack
> my day so wretchedly into small pieces!" -- Plautus, 200 BCE
> To UNSUBSCRIBE, email to firstname.lastname@example.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com
Rodrigo Gutierrez +47 73546339
firstname.lastname@example.org +47 98060198
Trustix AS http://www.trustix.com
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org