True, but the people scanning don't know what OS you are running until they scan you. I'll also be willing to bet that most of them are automated, which won't take into account different OS's. Eric Schroeder /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Network Engineer West Group, NAG PH: 651.848.2868 E1-N113 Eric.Schroederat_private /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ -----Original Message----- From: Jay D. Dyson [mailto:jdysonat_private] Sent: Monday, December 10, 2001 12:34 PM To: Incidents List Cc: Schroeder, Eric Subject: RE: Voluminous SSHd scanning; possible worm activity? -----BEGIN PGP SIGNED MESSAGE----- On Mon, 10 Dec 2001, Schroeder, Eric wrote: > There was a recent vulnerability discovered in RedHat's OpenSSH. I > have included the RH notice on the fix. Thanks...but, um...I'm running Solaris 7. So far, none of my boxen seem to have been successfully penetrated; just scanned until they squeal. - -Jay ( ( _______ )) )) .-"There's always time for a good cup of coffee"-. >====<--. C|~~|C|~~| (>----- Jay D. Dyson -- jdysonat_private -----<) | = |-' `--' `--' `---------- Si vis pacem, para bellum. ----------' `------' -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: See http://www.treachery.net/~jdyson/ for current keys. iQCVAwUBPBTyJrlDRyqRQ2a9AQGq+gP+LKSnsaYhNqn7x6JAsf18dbiIO5dS2v2r ZN9GG9qDURNKAbBO61aWbMcm/JNMgC6HSnJrQXI8Fh2Ny1d1QWw1kPgoFPWNkc1G kRF9LdFEA5f3wANm4AxXsti4CO2cT7icxqCJyuutBgeKz2uwOJuN7uJMMFOh7i6P 98g8UvNPIMk= =Mdrg -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Dec 10 2001 - 12:43:09 PST