AlienVault v5.0 is now available for OSSIM and USM Learn more
It appears AlienVault is sending malformed SSH traffic to itself
The OSSIM (4.1) configuration includes two active interfaces, one in 22.214.171.124/24 and one in 10.168.200.0/24. It appears the 126.96.36.199/24 interface (188.8.131.52) is not sending the appropriate SSH headers to the other interface. These create alarms. Any thoughts about how to avoid these alarms?
Dec 17 13:47:24 sim-ossim-01 sshd: Did not receive identification string from 184.108.40.206