Security Incidents mailing list archives
Re: SSH bruteforce on its way...
From: Valdis.Kletnieks () vt edu
Date: Mon, 24 Oct 2005 23:13:46 -0400
On Fri, 21 Oct 2005 18:05:27 -0000, jouser () gmail com said:
I didn't think it was possible to determine valid usernames by themselves? You either have a valid username AND password or not.
So you take the list of 30-40 "installed by default" userids, add a list of 100 or so common first names/last names, prepend/append a single letter (i.e. starting with "john" and "smith", also try "jsmith" and "johns"). Then try each of those with a list of common passwords. If you're *really* 31337, you apply the SSH timing hole to possibly identify valid userids - but it really isn't needed because it's just as cheap to just try all 40,000 combinations of userid/password (remember, you're doing this from somebody else's compromised system).
Attachment:
_bin
Description:
Current thread:
- Re: SSH bruteforce on its way..., (continued)
- Re: SSH bruteforce on its way... Paul Robertson (Oct 24)
- Re: [incidents] Re: SSH bruteforce on its way... Tim Kennedy (Oct 24)
- Re: SSH bruteforce on its way... foxxz . net (Oct 24)
- Re: SSH bruteforce on its way... jouser (Oct 24)
- Re: SSH bruteforce on its way... Justin (Oct 24)
- Re: SSH bruteforce on its way... Russell Fulton (Oct 25)
- Re: SSH bruteforce on its way... Valdis . Kletnieks (Oct 26)
- Re: SSH bruteforce on its way... Kurt Seifried (Oct 26)
- Re: SSH bruteforce on its way... Justin (Oct 26)
- Re: SSH bruteforce on its way... Daniel Cid (Oct 26)
- Re: SSH bruteforce on its way... Justin (Oct 24)
- Re: SSH bruteforce on its way... Valdis . Kletnieks (Oct 25)
- Re: SSH bruteforce on its way... Paul Robertson (Oct 24)
- Re: SSH bruteforce on its way... Michael . Lang (Oct 25)
- Re: SSH bruteforce on its way... Javier Fernandez-Sanguino (Oct 26)
- Re: SSH bruteforce on its way... Volker Tanger (Oct 26)
- SNMP worm? David Gillett (Oct 26)
- Re: SNMP worm? Mark Ryan del Moral Talabis (Oct 26)
- RE: SNMP worm? David Gutierrez (Oct 26)
- Re: SSH bruteforce on its way... Christine Kronberg (Oct 31)
- Re: SSH bruteforce on its way... Javier Fernandez-Sanguino (Oct 26)
- Re: SSH bruteforce on its way... Lionel Ferette (Oct 26)
- Re: SSH bruteforce on its way... Michael Lang (Oct 26)
- Re: SSH bruteforce on its way... Bryan Hatter (Oct 26)