Full Disclosure mailing list archives
Re: Any update on SSH brute force attempts?
From: Miriam Chan <miriamchan () geocities com>
Date: Sun, 24 Oct 2004 09:43:17 +0800
Jay Libove wrote:
Recently, a couple of times a week, I see repeats of this which now have as many as fifty different accounts being attacked. (Almost none of which exist on my server, and none of which will have common passwords thankyouverymuch).
By the way, I started to suspect that the attacks were intentional (not just some games by some script kiddies.) I had some servers accepting SSH connections from anywhere (this is for easy access, and I know it is not a very good idea.) Before I set up a Portsentry-like mechanism to block the bad hosts, I got at least 5-6 attempts per day. Afterward, I got nearly none (just some 1-2 attempts a day.) The change looks simply too much for me. If I got some number of attacks a day, I would expect the same number of attacks the next day if the attackes were automatically done by some virus/worms. I wished that it was done by some virus, because (I think) a virus is not more malicious than a planned cracking behaviour. Do anyone have the same observations as me ? It should be great if you saw it and shared your ideas. Miriam. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: Any update on SSH brute force attempts?, (continued)
- Re: Re: Any update on SSH brute force attempts? Ron DuFresne (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Barrie Dempster (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Raj Mathur (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Barrie Dempster (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Ron DuFresne (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Ron DuFresne (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Dave Ewart (Oct 18)
- Re: Re: Re: Any update on SSH brute force attempts? Barrie Dempster (Oct 18)
- Re: Re: Re: Any update on SSH brute force attempts? Ronny Adsetts (Oct 19)
- Re: Re: Re: Any update on SSH brute force attempts? Barrie Dempster (Oct 19)
- Re: Re: Re: Any update on SSH brute force attempts? Ronny Adsetts (Oct 20)