On Mon, 12 Apr 1999, James Thompson wrote:
>
> Just this weekend someone scanned our network. Nothing new, but what I
> found interesting was that one of the services probed was ssh. Anyone
> know why a (possible) cracker would be interested in my sshd services?
One known 'exploit' is that a default installation allows password authentication,
even for root. They could try a dictionary attack against your passwords.
Or, if they are close enough to sniff your external network (like your ISP), they
could try to trace your connection when you login over ssh and attack your client
machine at the other end. If they get your private RSA(tm) key...
