On Thu, Jun 13, 2002 at 04:23:34PM -0500, mat_private wrote: > Speaking of which, has else anyone noticed an upturn in > ssh scanning lately? If "lately" refers to about the last year and a half, definitely. It used to be that my wrapper scripts would throw an ssh attempt only a few times a week. Over the last year or so, I see many of these a day. This behavior can probably be attributed to kiddies using automated scanning tools over a wide range of blocks to find vulnerable machines to compromise, due to the rash of openssh issues that have manifested during this time, but that's only my guess. -- [ rich henning ] /"\ [ henninrpat_private ] \ / X support the ascii ribbon campaign against html e-mail / \ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jun 14 2002 - 11:27:52 PDT