Hi, I found the following in syslogs on some servers (running OpenSSH): sshd[29575]: scanned from ::ffff:62.154.180.3 with SSH-1.0-SSH_Version_Mapper. Don't panic. and on nearly every server things like: sshd[13669]: connect from rootat_private sshd[13669]: log: Could not reverse map address 62.154.180.3. Well, just looks like a portscan. There are a lot fo them these days. But I have a few old SuSE hosts here. I've upgraded the installed SSH with the latest patches. Those hosts logged: sshd[13669]: fatal: Local: Your ssh version is too old and is no longer supported. Please install a newer version. Is this just a message for some unsupported protocol version (or if the scanner don't use any protocol string after connect)? Or is it anything to worry about? (Yes, complete update is already sheduled :)) Anyway, this may be a large scan which just hit my (small) network. Does anyone knows somethink about SSH-1.0-SSH_Version_Mapper? BTW, merry chrismas and a happy new year. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Dec 23 2001 - 10:44:59 PST