Beat me to it! was pointed out last week when I took the TCP/IP class. Now going to go key-in the IP's I see here after Comcast alledgedly cutover from the @home debacle to their network yesterday. I do see a different numbering series and am currious to know who these are registered to. Amanda Lee ----- Original Message ----- From: "Darrell Shandrow" <nu7i@xxxxxxxxxx> To: <speakup at braille.uwo.ca> Sent: Wednesday, January 23, 2002 10:58 PM Subject: Re: log entry question on sshd > Hi Raul, > > You could access the ARIN (American Registry of Internet Numbers) web site > at http://www.arin.net to find out the provider who has registered the IP > address in question, and contact that provider. I have certainly dealt > with those sorts of security inqueries at work on a number of occasions. > > > At 09:11 AM 1/23/2002 -0600, you wrote: > >Darrell Shandrow said the following on Tue, Jan 22, 2002 at 08:43:41PM -0700: > > > Hi Raul, > > > > > > Hmmm, looks like a rather persistent port scan, in my estimation. > > > > > > At 11:04 PM 1/20/2002 -0600, you wrote: > > > >Hey gang. I received this log entry and am not sure if it's a portscan > > > >of some type or not. Anyone seen this before? > > > > > > > >Jan 20 19:23:25 saidin sshd[4209]: scanned from 195.178.168.129 with > > > >+SSH-1.0-SSH_Version_Mapper. Don't panic. > > > >Jan 20 19:24:47 saidin sshd[4216]: scanned from 195.178.168.129 with > > > >+SSH-1.0-SSH_Version_Mapper. Don't panic. > > > >Jan 20 19:26:00 saidin sshd[4220]: scanned from 195.178.168.129 with > > > >+SSH-1.0-SSH_Version_Mapper. Don't panic. > > > > > >I thought so at first but usually portscans will scan more ports than > >ssh. Besides I'm not worried about anyone breaking in via ssh. My ssh > >is secure and does not allow root to ssh in anyway. I also didn't see > >any other portscans on any other ports. What it seems to me is that > >they were trying to use ssh1 to connect on ssh2 or something but who > >knows. It has not happened since so I am not worried. > > > >-- > >We are writing this e-mail to inform you that the mail server is down. > >Please do not call the help desk for assistance. To see the progress of > >any outage refer to your e-mail notifications. > >Raul A. Gallegos - http://www.asmodean.net > > > >_______________________________________________ > >Speakup mailing list > >Speakup at braille.uwo.ca > >http://speech.braille.uwo.ca/mailman/listinfo/speakup > > Best regards and happy New Year, > Darrell > Access technology consulting / network and UNIX systems administration. > > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > >
