lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <405ED389.3060607@ja6.com>
From: maillist at ja6.com (ja6.com)
Subject: OpenSSH attack attempt?

I found the same string in a google cache link,
of course it does look suspicious, and considering how many ssh related 
exploits there have been,
I do not know what exactly it is.

here is the link if you are interested: 
http://216.239.41.104/search?q=cache:FERt5O1-qbQJ:www.rpi.edu/locker/44/001244/auth.log+%22%5C377%5C373%5C030%5C377%5C373%27%5C377%5C375%5C%22&hl=en&ie=UTF-8

the actual site url is a 404 right now

Honza Vlach wrote:

>Hi,
>
>Has anybody seen anything like this in openssh logs?
>
>2004-03-22 09:01:37.781326500 Failed keyboard-interactive for illegal
>user xjunr
>01 from ::ffff:212.65.252.97 port 61991 ssh2
>2004-03-22 09:01:37.781379500 Disconnecting: Too many authentication
>failures fo
>r xjunr01
>2004-03-22 09:02:05.879614500 Bad protocol version identification
>'\377\373\037\
>377\373 \377\373\030\377\373'\377\375\001\377\373\003\377\375\003sdf'
>from ::fff
>f:212.65.252.97
>2004-03-22 09:02:36.287775500 Bad protocol version identification
>'\377\373\037\
>377\373 \377\373\030\377\373'\377\375\001\377\373\003\377\375\003' from
>::ffff:2
>12.65.252.97
>
>Is it some attack attempt? I've checked both full-disclosure archive and
>google, unfortunately haven't found anything usable.
>
>Thanks in advance,
>Honza Vlach
>
>
>  
>



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ