Firewall Wizards mailing list archives
Re: Increase in SSH Probing
From: "Paul D. Robertson" <paul () compuwar net>
Date: Fri, 22 Oct 2004 14:31:48 -0400 (EDT)
On Wed, 20 Oct 2004, Mathew Want wrote:
Hi, I was wondering if anyone else had noticed a large increase in scans and crack attempts against SSH. I found a reference to http://www.k-otik.com/exploits/08202004.brutessh2.c.php which would explain the pattern of usernames I had seen originally (i.e. test, guest and root).
Yep, it's up. I haven't seen anyone with a good capture of the client-side code though. If you can track one back to a source who's willing to allow some poking, or provide the hostile code, I'm interested, especially in the more aggressive version. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Increase in SSH Probing Mathew Want (Oct 22)
- Re: Increase in SSH Probing Paul D. Robertson (Oct 22)
- Re: Increase in SSH Probing Christine Kronberg (Oct 25)