Security Basics mailing list archives
Re: help:tool to bruteforce ssh connections
From: Mike Acker <macker () internap com>
Date: Thu, 7 May 2009 11:12:02 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It's actually a very effective attack speaking from first hand experience of a company we bought. You just need a good dictionary. Many companies do not ahve controls in place to detect scans from inside. As for denyhosts, not everyone runs that. When you have 5000+ ssh servers, which are only assessible through a very small amount of gateways into your network, does it really make sense to run something like that on each host when router ACL's are already denying access? By having all access go though a few boxes its much easier to control, not to mention the IT support nightmare of running things like denyhosts on every server, i.e. people forget they are working as root and start trying to ssh in, etc. I'de say run denyhosts just on your gateways/entry points, along with other below poster of good passwords, authentication such as TACACS, review logging, have daily ACL reports which easily pick out ssh scans, etc. Andy Harley <morphizer () gmail com> wrote [05.07.09]:
Is ssh brute forcing at all effective? Surely most people running an ssh server would be wise to checking logs or running something similar to denyhosts? On Thu, May 7, 2009 at 3:15 AM, Aarón Mizrachi <unmanarc () gmail com> wrote:On Miércoles 06 Mayo 2009 06:48:09 vibisreenivasan escribió:hello, is there any tool to bruteforce ssh login. regards vibiTHC-Hydra.------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
- -- Mike Acker, GIAC Information Security Analysis Internap Network Services, Inc. (c) 206.226.9727 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iEYEARECAAYFAkoDJHEACgkQBFfbgm5FXkXu4ACcCAL8fJzk5V5ekuLVwK2p4ha6 qnIAn0ogu8WKovStApG38P3bS1NJn95+ =8l1o -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- help:tool to bruteforce ssh connections vibisreenivasan (May 06)
- Re: help:tool to bruteforce ssh connections Nikhil Wagholikar (May 06)
- Re: help:tool to bruteforce ssh connections Aarón Mizrachi (May 06)
- Re: help:tool to bruteforce ssh connections Ell0 (May 07)
- Re: help:tool to bruteforce ssh connections Mike Acker (May 07)
- Re: help:tool to bruteforce ssh connections Andy Harley (May 07)
- Re: help:tool to bruteforce ssh connections Aarón Mizrachi (May 07)
- Re: help:tool to bruteforce ssh connections Mike Acker (May 08)
- Re: help:tool to bruteforce ssh connections Ell0 (May 07)
- <Possible follow-ups>
- Re: Re: help:tool to bruteforce ssh connections cy10 (May 08)
- Re: help:tool to bruteforce ssh connections Gregory Boyce (May 11)
- Re: help:tool to bruteforce ssh connections v3nd3rs5uck (May 11)
- Message not available
- Message not available
- Re: help:tool to bruteforce ssh connections kevin fielder (May 20)
- Message not available