[Gllug] [Fwd: [SECURITY] [DSA-134-1] OpenSSH remotevulnerability]

[Paul Brazier]

> Firewalls in front of tcpwrappers in front of a large machine 
> gun nest.

I've just installed snort and logcheck on a few machines and it's quite
an eye-opener to see the number of hits you get every day from people
doing portscans, attempting to connect to ssh or ftp, or seeing if
you're running an open mail relay. Plus attempted IIS and MS SQL Server
exploits. I've noticed a lot of stuff coming from Korea and the far east
in general.

Should I just ignore these? are there any that I should be reporting to
the relevant sysadmins?

Paul.


<P><FONT SIZE=2 FACE="Arial">***********************************************************************
Notice
This e-mail may contain information that is privileged, confidential or 
otherwise protected from disclosure. It must not be used by, or its 
contents copied or disclosed to persons other than the intended 
recipient. Any liability (in negligence or otherwise) arising from any 
third party acting, or refraining from acting, on any information 
contained in this e-mail is excluded. If you have received this e-mail 
in error please notify our Systems Administrator on 020 8695 4111 and 
delete the e-mail. 

Warning
It is the responsibility of the recipient to ensure that the onward 
transmission, opening or use of this message and any attachments will 
not adversely affect its systems or data. Please carry out such virus 
and other checks as you consider appropriate. No responsibility is 
accepted by Cosmos PLC in this regard.

***********************************************************************



-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug