Full Disclosure mailing list archives
Re: targetted SSH bruteforce attacks
From: Frank Bures <lisfrank () chem toronto edu>
Date: Thu, 17 Jun 2010 10:42:32 -0400
Gary Baribault wrote:
I just knew that people would say that, and that's why I specified that I WANT to keep SSH on 22 .. it's fun to see the attacks, and it's interesting to see new types of attacks. The question here is whether anyone else is seeing such a targeted attack.
I've seen an interesting SSH attack in the last couple of days on our /22 network. Instead of probing port 22 on many machines in the shortest possible time period as usual, this attack seems to be trying to be stealthy. It never attacks more than 4 machines in an hour and never twice from the same IP address. As all attacking addresses are subsequently blocked, I wonder how long is it going to take for the guy(s) to run out of available addresses at this rate :-) Cheers Frank -- <feeb () chem toronto edu> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: targetted SSH bruteforce attacks dink (Jun 17)
- Re: targetted SSH bruteforce attacks Gary Baribault (Jun 17)
- Re: targetted SSH bruteforce attacks Benji (Jun 17)
- Re: targetted SSH bruteforce attacks Valdis . Kletnieks (Jun 17)
- Re: targetted SSH bruteforce attacks Gary Baribault (Jun 17)
- Re: targetted SSH bruteforce attacks Gary Baribault (Jun 17)
- Re: targetted SSH bruteforce attacks Benji (Jun 17)
- Re: targetted SSH bruteforce attacks Frank Bures (Jun 17)
- Re: targetted SSH bruteforce attacks Gary Baribault (Jun 17)
- Re: targetted SSH bruteforce attacks Gary Baribault (Jun 17)
- <Possible follow-ups>
- Re: targetted SSH bruteforce attacks dink (Jun 17)
- Re: targetted SSH bruteforce attacks Michael Holstein (Jun 17)
- Re: targetted SSH bruteforce attacks dink (Jun 17)
- Re: targetted SSH bruteforce attacks iRAQi BlackHat (Jun 17)
- Re: targetted SSH bruteforce attacks Bob Onformon (Jun 18)