Full Disclosure mailing list archives
Re: Spike in SSH scans
From: "J. Oquendo" <sil () infiltrated net>
Date: Mon, 22 Oct 2007 13:42:55 -0400
Adrian wrote:
Yeah, some of those ips also tried to login on my server as 'mysql' and 'root'. Even my university is part of that crappy botnet. :x _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
http://atlas.arbor.net/service/tcp/22 +66.0 % as of yesterday. -- ==================================================== J. Oquendo SGFA (FW+VPN v4.1) SGFE (FW+VPN v4.1) "I hear much of people's calling out to punish the guilty, but very few are concerned to clear the innocent." Daniel Defoe http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Spike in SSH scans James Lay (Oct 22)
- Re: Spike in SSH scans Adrian (Oct 22)
- Re: Spike in SSH scans J. Oquendo (Oct 22)
- Re: Spike in SSH scans Shaun (Oct 22)
- Re: Spike in SSH scans Steven Adair (Oct 22)
- Re: Spike in SSH scans Adrian (Oct 22)