Firewall Wizards mailing list archives
Re: RE: SSH brute force attack
From: Christine Kronberg <Christine_Kronberg () genua de>
Date: Thu, 21 Jul 2005 17:23:23 +0200 (CEST)
On Tue, 19 Jul 2005, Mark Ness wrote:
I have seen lots of views on this subject, and if your security is good, the chances of any of these attacks getting in are minimal, but the possibility is there, and, since these are not customers viewing our home pages, but deliberate attempts at a login through ssh where they have no business trying to l login in the first place (many of them attempts at root) they are only interested in breaking in for whatever purpose, who knows. Maybe just for the challenge? Maybe to hijack your box? Maybe ID theft?
To install any kind of irc tools (psybnc and energy mech are favourites),
rootkits, phishing- and spamware, DoS and scanning tools. At least that's
what the kiddies tried on my homebred honeypot. So in my opinion those who
try have a criminal intention.
Have fun,
Chris Kronberg.
--
GeNUA mbH
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: SSH brute force attack Paul Melson (Jul 01)
- <Possible follow-ups>
- Re: SSH brute force attack Mark Tinberg (Jul 01)
- RE: SSH brute force attack Mathew Want (Jul 01)
- Re: SSH brute force attack David Ross (Jul 05)
- Re: SSH brute force attack Marko Jakovljevic (Jul 06)
- RE: SSH brute force attack Mark Ness (Jul 18)
- Re: RE: SSH brute force attack Mark Ness (Jul 21)
- Re: RE: SSH brute force attack Christine Kronberg (Jul 21)