Someone scanned my ssh daemon

To: debian-security@lists.debian.org
Subject: Someone scanned my ssh daemon
From: Mark Devin <mdevin@ozemail.com.au>
Date: Mon, 16 Jun 2003 09:05:20 +1000
Message-id: <[🔎] 3EECFBB0.9020405@ozemail.com.au>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It looks as though someone is trying to crack my box through ssh.  This
is what logcheck emailed me:
- -- snip --
Jun 16 04:36:02 jack sshd[20026]: Connection from 212.202.204.149 port 2323
Jun 16 04:36:03 jack sshd[20027]: Connection from 212.202.204.149 port 2810
Jun 16 04:36:04 jack sshd[20027]: scanned from 212.202.204.149 with
SSH-1.0-SSH_Version_Mapper.  Don't panic.
Jun 16 04:36:04 jack sshd[20026]: Did not receive identification string
from 212.202.204.149
- -- end snip --

What is this?  I have never seen that scanned message before.  Is this a
concern?  I am running Woody and all packages are up-to-date with
security fixes from the debian security site.

Regards.
Mark.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+7PuvL/zYpWVgapgRAmGEAJ0aiDCMHiLRCJlYFlTArrlQNYNJJQCdE1iJ
lL0KRowyskgzckMvgPTOPDQ=
=Nol/
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Someone scanned my ssh daemon
  - From: "Jeffrey L. Taylor" <jeff@austinblues.dyndns.org>
- Re: Someone scanned my ssh daemon
  - From: Mark Devin <mdevin@ozemail.com.au>
- Re: Someone scanned my ssh daemon
  - From: Alain Tesio <alain@onesite.org>

Prev by Date: Re: Secure Proxy
Next by Date: re: Secure Proxy
Previous by thread: re: Secure Proxy
Next by thread: Re: Someone scanned my ssh daemon
Index(es):
- Date
- Thread