Quoting Mark Devin <[EMAIL PROTECTED]>: > Hash: SHA1 > > It looks as though someone is trying to crack my box through ssh. This > is what logcheck emailed me: > - -- snip -- > Jun 16 04:36:02 jack sshd[20026]: Connection from 212.202.204.149 port 2323 > Jun 16 04:36:03 jack sshd[20027]: Connection from 212.202.204.149 port 2810 > Jun 16 04:36:04 jack sshd[20027]: scanned from 212.202.204.149 with > SSH-1.0-SSH_Version_Mapper. Don't panic. > Jun 16 04:36:04 jack sshd[20026]: Did not receive identification string > from 212.202.204.149 > - -- end snip -- > > What is this? I have never seen that scanned message before. Is this a > concern? I am running Woody and all packages are up-to-date with > security fixes from the debian security site. >
This has been around for ages. Just your unfriendly neighborhood Earth script kiddie. If it keeps up from the same or similar address, then I might start worrying. Jeffrey
