Full Disclosure mailing list archives
Re: Automated ssh scanning
From: andreas () inferno nadir org
Date: Thu, 26 Aug 2004 10:47:51 +0200
Hi, do you have an image you can share with us? did you setup key logging? if not, setup your honeypot again with better control about, what the intruder is doing. regards, andreas On Thursday 26 August 2004 09:14, Richard Verwayen wrote:
On Thu, 2004-08-26 at 03:11, David Vincent wrote:Hello list! A few weeks ago there was a discussion about automated ssh scanning with user/password combinations like guest/guest or admin/admin. I set up a debian woody fully patched with both accounts activated, and got rooted some days later... The attackers installed some software and irc-bots and tried to use this host for testing other computers, thats not the point. I would like to know where's the weak point in the system? As the system was updates on a daily base! The only known weakness were these two accounts!you didn't set up admin/admin as root did you? just asking. -dHello David, no I created only unprivileged user accounts! And the root password is not considered to be weak! Richard _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Automated ssh scanning, (continued)
- Re: Automated ssh scanning Tremaine (Aug 26)
- Re: Automated ssh scanning Gerry Eisenhaur (Aug 26)
- Re: Automated ssh scanning VeNoMouS (Aug 25)
- Re: Automated ssh scanning VeNoMouS (Aug 25)
- Re: Automated ssh scanning Henrik Persson (Aug 25)
- Re: Automated ssh scanning Richard Verwayen (Aug 26)
- Re: Automated ssh scanning Henrik Persson (Aug 26)
- Re: Automated ssh scanning Richard Verwayen (Aug 26)
- Re: Automated ssh scanning VeNoMouS (Aug 25)
- Re: Automated ssh scanning David Vincent (Aug 25)
- Re: Automated ssh scanning Richard Verwayen (Aug 26)
- Re: Automated ssh scanning andreas (Aug 26)
- Re: Automated ssh scanning Richard Verwayen (Aug 26)
- RE: !SPAM! Automated ssh scanning Yaakov Yehudi (Aug 26)
- RE: !SPAM! Automated ssh scanning Richard Verwayen (Aug 26)
- Re: Automated ssh scanning Frank Knobbe (Aug 26)
- Re: Automated ssh scanning Jan Luehr (Aug 26)
- RE: Automated ssh scanning Todd Towles (Aug 26)
- RE: Automated ssh scanning Todd Towles (Aug 26)
- Re: Automated ssh scanning KF_lists (Aug 26)
- Re: Automated ssh scanning Richard Verwayen (Aug 26)
- Re: Automated ssh scanning Valdis . Kletnieks (Aug 26)
- RE: Automated ssh scanning Ron DuFresne (Aug 26)
- Re: Automated ssh scanning KF_lists (Aug 26)
(Thread continues...)