Security Incidents mailing list archives

Re: SSH probe attack afoot?

From: "Matt Fisher" <mattfisher () comcast net>
Date: Tue, 8 Feb 2005 17:41:18 -0500

I don't even bother tracing stuff like this anymore.  Its way too easy to
proxy your requests, and I haven't gotten much mileage out of abuse
departments in the past .   I think this mail list provides a much better
response mechanism :)

I have a couple single hosts pounding on me than I take more "proactive"
measures but in general I'm sitting back and amusing myself at the lame
dictionary these folks / things are using.


----- Original Message ----- 
From: "Frank Knobbe" <frank () knobbe us>
To: "Joe Egloff" <joe.egloff () franke com>
Cc: <incidents () securityfocus com>
Sent: Tuesday, February 08, 2005 2:04 PM
Subject: Re: SSH probe attack afoot?




-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.8.6 - Release Date: 2/7/2005

Current thread:

Re: SSH probe attack afoot?, (continued)
- - - Re: SSH probe attack afoot? j () 65535 com (Feb 08)
- Re: SSH probe attack afoot? Barrie Dempster (Feb 07)
- Re: SSH probe attack afoot? j lake (Feb 08)
- Re: SSH probe attack afoot? Jeffrey Goldberg (Feb 12)
  - Re: SSH probe attack afoot? Stephen J. Smoogen (Feb 12)
  - Re: SSH probe attack afoot? Jeffrey Goldberg (Feb 16)
- Re: SSH probe attack afoot? Joe Egloff (Feb 07)
  - Re: SSH probe attack afoot? naverxp (Feb 08)
    - Re: SSH probe attack afoot? Tim (Feb 08)
  - Re: SSH probe attack afoot? Frank Knobbe (Feb 08)
    - Re: SSH probe attack afoot? Matt Fisher (Feb 09)
- Re: SSH probe attack afoot? Joe Egloff (Feb 08)
  - Re: SSH probe attack afoot? Barrie Dempster (Feb 08)
    - Re: SSH probe attack afoot? j () 65535 com (Feb 09)
    - Chinese HTTP ACKs David Gillett (Feb 09)
    - Re: Chinese HTTP ACKs Frank Knobbe (Feb 09)