Re: SSH attacks - anyone else seen these?

看板Bugtraq作者時間18年前 (2007/10/18 03:44), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串6/7 (看更多)
I just came across this site that I think addresses one of your issues. It sounds to me like a scanner/script of some sort is being used to compromise Webmin. http://bliki.rimuhosting.com/comments/knowledgebase/linux/miscapplications/webmin On 10/16/07, Tim <secnews@sp1r1t.de> wrote: > I've recently noticed this in my logs: > > Oct 15 15:30:04 mysrv sshd[9563]: Bad protocol version > identification 'POST /unauthenticated//..%01/..%01/..%01/..%01/..%01/..%01/.. > %01/..%01/..%01/..%01/..%01/..%01/..%01' from 59.106.20.158 > > Oct 1 17:14:51 mysrv sshd[9915]: Bad protocol version > identification '\377\364\377\375\006\377\364\377\375\006\377\364\377\375\006' > from 84.58.87.123 > Oct 1 17:15:13 airrocket sshd[11982]: Bad protocol version identification '' > from 84.58.87.123 > > Did anyone else notice similar things? Does anyone know what vulnerability > they are attacking? > > Thanks, > > -- > Tim > >
更多 pand0ra. 的文章
文章代碼(AID): #175cOm00 (Bugtraq)
討論串 (同標題文章)
完整討論串 (本文為第 6 之 7 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共7篇)
更多 pand0ra. 的文章
文章代碼(AID): #175cOm00 (Bugtraq)