| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Oct 2007 14:28:10 -0500 From: Gayathri Swaminathan <gayathri@...edu> To: Tim <secnews@...r1t.de> Cc: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com> Subject: Re: SSH attacks - anyone else seen these? You might find this thread of discussion useful http://seclists.org/incidents/2002/Dec/0000.html Gayathri Tim wrote: > I've recently noticed this in my logs: > > Oct 15 15:30:04 mysrv sshd[9563]: Bad protocol version > identification 'POST /unauthenticated//..%01/..%01/..%01/..%01/..%01/..%01/.. > %01/..%01/..%01/..%01/..%01/..%01/..%01' from 59.106.20.158 > > Oct 1 17:14:51 mysrv sshd[9915]: Bad protocol version > identification '\377\364\377\375\006\377\364\377\375\006\377\364\377\375\006' > from 84.58.87.123 > Oct 1 17:15:13 airrocket sshd[11982]: Bad protocol version identification '' > from 84.58.87.123 > > Did anyone else notice similar things? Does anyone know what vulnerability > they are attacking? > > Thanks, > > -- > Tim >
Powered by blists - more mailing lists