Re: SSH Version mapper scan
The application used for this prove is scanssh by Niels Provos
http://www.monkey.org/~provos/scanssh/
Its used to see what version of the daemon you are running,
what for?
perhaps checking if your version of the ssh daemon is vulnerable.
-Rod-
On Mon, 2002-05-13 at 03:00, Peter Cordes wrote:
> On Sun, May 12, 2002 at 04:31:55PM +0000, Pollywog wrote:
> > I just saw this in my logs. Should I be concerned and why is it
> > happening? TIA
>
> It's happening because someone connected to your SSH daemon and
> disconnected after reading the version string, just like sshd tried to tell
> you... As for whether to be concerned, don't panic :) I see that kind of
> message all the time on my system.
>
> >
> > Unusual System Events
> > =-=-=-=-=-=-=-=-=-=-=
> > May 12 15:59:04 lilypad sshd[3442]: scanned from <SOME IP ADDRESS HERE>
> > with
> > SSH-1.0-SSH_Version_Mapper. Don't panic.
> > May 12 15:59:04 lilypad sshd[3441]: Did not receive identification string
> > from <SOME IP ADDRESS HERE>
>
> --
> #define X(x,y) x##y
> Peter Cordes ; e-mail: X(peter@llama.nslug. , ns.ca)
>
> "The gods confound the man who first found out how to distinguish the hours!
> Confound him, too, who in this place set up a sundial, to cut and hack
> my day so wretchedly into small pieces!" -- Plautus, 200 BCE
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
--
/*
Rodrigo Gutierrez +47 73546339
rodrigo@trustix.com +47 98060198
Trustix AS http://www.trustix.com
*/
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: