Security Basics mailing list archives
RE: SSH Scans
From: "Bergert, David" <David.Bergert () rsmi com>
Date: Fri, 17 Mar 2006 17:10:27 -0600
http://denyhosts.sourceforge.net David Bergert Supervisor, Technology Risk Management Services RSM McGladrey, Inc. 201 North Harrison Street, Suite. 300 Davenport, IA 52801 Office: 563-888-4023 Mobile: 563-650-6006 Fax: 563-324-6939 david.bergert () rsmi com www.rsmmcgladrey.com -----Original Message----- From: michelpereira () gmail com [mailto:michelpereira () gmail com] On Behalf Of Michel Pereira Sent: Thursday, March 16, 2006 8:45 PM To: security-basics () securityfocus com Subject: SSH Scans After of seeing a lot of ssh scans on my firewalls and home PC, I made a script that filters out the "Invalid User" entry inside /var/log/messages and do some cleaning process, the result is a dictionary (homebrew) of users that tried to login into my hosts. Into the dictionary I saw english and Brazilian Portuguese words, maybe we have Brazilian hackers running scan bots too. This work is only for experiment and curiosity to see what is happening with Internet today, you can get the script and dictionary in http://www.michel.eti.br/2006/03/ssh-scans.html If you have a better idea of sugestion, please mail me: "michel () michel eti br" Bye -- Só Jesus salva,o homem faz backups. http://www.michel.eti.br --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- DISCLAIMER: This e-mail is only intended for the person(s) to whom it is addressed and may contain confidential information. Unless stated to the contrary, any opinions or comments are personal to the writer and do not represent the official view of the company. If you have received this e-mail in error, please notify us immediately by reply e-mail and then delete this message from your system. Please do not copy it or use it for any purposes, or disclose its contents to any other person. Thank you for your cooperation. Any advice contained in this email (including any attachments unless expressly stated otherwise) is not intended or written to be used, and cannot be used, for purposes of avoiding tax penalties that may be imposed on any taxpayer. --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- SSH Scans Michel Pereira (Mar 17)
- Re: SSH Scans Rodrigo Fernandez (Mar 20)
- Re: SSH Scans Ayaz Ahmed Khan (Mar 20)
- <Possible follow-ups>
- RE: SSH Scans Bergert, David (Mar 20)