Someone scanned my ssh daemon
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It looks as though someone is trying to crack my box through ssh. This
is what logcheck emailed me:
- -- snip --
Jun 16 04:36:02 jack sshd[20026]: Connection from 212.202.204.149 port 2323
Jun 16 04:36:03 jack sshd[20027]: Connection from 212.202.204.149 port 2810
Jun 16 04:36:04 jack sshd[20027]: scanned from 212.202.204.149 with
SSH-1.0-SSH_Version_Mapper. Don't panic.
Jun 16 04:36:04 jack sshd[20026]: Did not receive identification string
from 212.202.204.149
- -- end snip --
What is this? I have never seen that scanned message before. Is this a
concern? I am running Woody and all packages are up-to-date with
security fixes from the debian security site.
Regards.
Mark.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE+7PuvL/zYpWVgapgRAmGEAJ0aiDCMHiLRCJlYFlTArrlQNYNJJQCdE1iJ
lL0KRowyskgzckMvgPTOPDQ=
=Nol/
-----END PGP SIGNATURE-----
Reply to: