If I'm not mistaken, if you are running NetBSD 1.5.2 then you don't have 
anything to worry cause it has OpenSSH 2.5.1 packaged with it, which has this 
vulnerability fixed.  Correct?

Thankx!

> There's a lot of scanning for old versions of ssh|openssh lately,
> because of some vulnerabilites in them.
> 
> read the following for more info
> http://www.ciac.org/ciac/bulletins/m-017.shtml
> 
> On Fri, 7 Dec 2001, Greg MATTHEWS wrote:
> 
> > i am receiving a lot of these in my syslog recently:
> > 
> > Dec  6 21:24:31 potomac sshd[5294]: Did not receive ident string
> > from 143.107.1 65.111.
> > 
> > from various ip address. should i be worried?
> > 
> > sshd version OpenSSH_2.5.1 NetBSD_Secure_Shell-20010614
> > 
> > GREG
> > 
> > 
> 
> 
> 
> diana eichert
> 
> "They that can give up liberty to obtain
>         a little temporary safety deserve
>                 neither liberty nor safety"
> 
> Benjamin Frankin
> 1706-1790
> 
> For PGP Public key
> http://www.swcp.com/~deichert/pgp_public_key.txt
>