[plug] Anyone seen this particular attack pattern before?
Craig Foster
fostware at iinet.net.au
Fri Jan 18 00:38:52 WST 2002
hee hee... I'd updated it from the 'sploit before last!
duh!
Craig
> -----Original Message-----
> From: Nathan Alberti [mailto:macro at nathan.linux-dude.net]
> Sent: Friday, 18 January 2002 12:10 AM
> To: plug at plug.linux.org.au
> Subject: Re: [plug] Anyone seen this particular attack
> pattern before?
>
>
> Yes correct...
>
> You have updated your SSH package ?
>
> Nathan.
> ----- Original Message -----
> From: "Craig Foster" <fostware at iinet.net.au>
> To: <plug at plug.linux.org.au>
> Sent: Friday, January 18, 2002 12:02 AM
> Subject: RE: [plug] Anyone seen this particular attack
> pattern before?
>
>
> > While we're at this, is everyone here sick of this
> appearing in their
> > logs:-
> >
> > Jan 16 08:44:45 server sshd[1666]: Did not receive
> identification string
> > from 216.205.150.245.
<snip>
> > Anyone care to elaborate on what this is? AFAIK it's a
> SSH1 UseLogin
> > exploit, but I just want to be sure...
> >
> >
> > Regards,
> >
> > Craig Foster
> >
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2228 bytes
Desc: not available
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20020118/252f52b0/attachment.bin>
More information about the plug
mailing list