Educause Security Discussion mailing list archives
Privileged Access tool
From: Anand S Malwade <Anand.Malwade () SHU EDU>
Date: Fri, 17 Apr 2009 10:01:53 -0400
We are looking for a lock-box like solution for Managing Privileged User-ID's ( Root, Administrator, Application). Has anyone deployed a commercial tool ? Any input about solutions would be appreciated. Thanks, Anand Anand Malwade Information Security Officer, Seton Hall University -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ken Connelly Sent: Thursday, April 16, 2009 8:23 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Ongoing distributed Linux SSH dictionary attack Pete Hickey wrote:
On Thu, Apr 16, 2009 at 04:15:00PM -0700, Andrew Daviel wrote:FYI We are seeing a distributed-source SSH dictionary attack on multiple machines. The sources appear to be running Linux according to P0F. This blows past our "15 strikes sitewide and you are out" filter.We're seeing a large increase of ssh dictionary attacks this week. Although it's coming from a number of different machines, I wouldn't call it a large enough number to consider it a distributed attack.
We've been seeing this pretty consistently for about 10 days although the rate has fluctuated some. I've seen about 1400 different source addresses here. -- - Ken ================================================================= Ken Connelly Associate Director, Security and Systems ITS Network Services University of Northern Iowa email: Ken.Connelly () uni edu p: (319) 273-5850 f: (319) 273-7373
Current thread:
- Privileged Access tool Anand S Malwade (Apr 17)
- <Possible follow-ups>
- Re: Privileged Access tool Russell Fulton (Apr 17)