Security Incidents mailing list archives
Re: Internet SSH scans
From: ilaiy <ilaiy.e () gmail com>
Date: Fri, 3 Mar 2006 15:02:27 -0600
Try denyhosts. Works really well .. http://denyhosts.sourceforge.net/ ./thanks ilaiy On 3/3/06, William Tarkington <William.Tarkington () openwave com> wrote:
This appears to be related to a Romanian organized crime ring. They are using ssh scans + password lists for easy to guess servers. From there they create a phishing site. It has been on the rise for about 3 months or so from my records. --Will -----Original Message----- From: Tom Frerichs [mailto:tfrerich () shiboleth net] Sent: Thursday, March 02, 2006 8:57 PM To: incidents () securityfocus com Subject: RE: Internet SSH scans I'm seeing the same sorts of scans, but it seems to be only on hosts that offer web services and have publicly published URLs that might be found in a user's cache. Tom Frerichs - Denver
Current thread:
- Re: RE: Internet SSH scans, (continued)
- Re: RE: Internet SSH scans admin (Mar 03)
- Re: RE: Internet SSH scans Daxomatic (Mar 03)
- Re: RE: Internet SSH scans Christine Kronberg (Mar 03)
- Re: Internet SSH scans JK Adams (Mar 03)
- Re: RE: Internet SSH scans joakim . berge (Mar 03)
- Re: Re: RE: Internet SSH scans mrbits (Mar 03)
- RE: Internet SSH scans Adriano Carvalho (Mar 21)
- Re: Internet SSH scans Valdis . Kletnieks (Mar 22)
- Re: Internet SSH scans Adriano Carvalho (Mar 22)
- RE: Internet SSH scans Adriano Carvalho (Mar 21)
- Re: RE: Internet SSH scans admin (Mar 03)
- RE: Internet SSH scans William Tarkington (Mar 03)
- Re: Internet SSH scans ilaiy (Mar 03)
- Re: Internet SSH scans Stephen J. Smoogen (Mar 03)
- RE: RE: Internet SSH scans Teodorski, Chris (Mar 03)
- Re: Re: Internet SSH scans notonyour (Mar 04)
- Re: RE: Internet SSH scans Michael . Lang (Mar 23)
- Re: Internet SSH scans Valdis . Kletnieks (Mar 23)