Security Incidents mailing list archives
Re: MASSIVE ssh attack attempt
From: core.lists.incidents () CORE-SDI COM (Alberto Soliño)
Date: Fri, 25 Feb 2000 12:44:31 -0300
Hi:
Since the targets appear to all be the same machine, it doesn't seem likely that this would be looking for the RSAREF problem. After all, if the first connect doesn't compromise the host, 2 through N won't either.
Yes it could, the exploit actually makes a lot of connections tryin' to find the correct offset to jump. -- ==================[ CORE Seguridad de la Informacion S.A. ]========= Alberto Soliño mailto:asolino () core-sdi com Pte. Juan D. Peron 315 Piso 4 UF 17 http://www.core-sdi.com 1038 Capital Federal Buenos Aires, Argentina. Tel/Fax : +(54.11)43.31.54.02 Casilla de Correos 877 (1000) Correo Central ==================================================================== -- "Simplicity is the highest goal, achievable when you have overcome all difficulties." F. Chopin --- For a personal reply use asolino () core-sdi com
Current thread:
- Re: MASSIVE ssh attack attempt Alberto Soliño (Feb 16)
- <Possible follow-ups>
- Re: MASSIVE ssh attack attempt Jeffrey D. Carter (Feb 23)
- Re: MASSIVE ssh attack attempt Iván Arce (Feb 24)
- Re: MASSIVE ssh attack attempt Alberto Soliño (Feb 25)