Hi, recent security problems in ssh protocol implementations require that vulnerable ssh protocol servers be upgraded. As an administrator of a large network, it can be difficult to efficiently determine which implementations of the ssh protocols are running on a network. To solve this problem, I wrote the ScanSSH protocol scanner. It supports very fast and flexible scanning of large networks. You can obtain the latest version from http://www.monkey.org/~provos/scanssh/ The ScanSSH protocol scanner is distributed under a BSD-license and completely free for any use including commercial. It has the following features: - fast scanning of large networks - unique random address generation - network exclusion lists The resulting output contains the version of the running ssh protocol servers: 10.1.12.23 <timeout> 10.1.90.80 SSH-1.5-OpenSSH_2.3.2 10.1.87.85 SSH-1.5-1.2.27 10.1.35.139 <timeout> 10.1.11.92 <timeout> 10.1.84.7 SSH-1.5-OpenSSH_2.3.0 10.1.19.41 SSH-1.5-1.2.26 10.1.29.65 SSH-1.5-OpenSSH_2.3.2 10.1.14.1 SSH-1.5-OpenSSH_2.3.2 10.1.15.71 SSH-1.5-1.2.26 If you are responsible for a large network, this tool allows you to scan your network frequently. After scanning, for example, the output can be piped through "|grep -i ssh |grep -v "OpenSSH_2.3." to find ssh protocol servers that need to be upgraded. Regards, Niels Provos.