Re: [fw-wiz] Increase in SSH Probing
From: Paul D. Robertson (paul_at_compuwar.net)
Date: 10/22/04
- Previous message: Catalina Scott Contr AFCA/EVEO: "RE: [fw-wiz] Pass-through VPN"
- In reply to: Mathew Want: "[fw-wiz] Increase in SSH Probing"
- Next in thread: Christine Kronberg: "Re: [fw-wiz] Increase in SSH Probing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Mathew Want <mathew.want@ac3.com.au> Date: Fri, 22 Oct 2004 14:31:48 -0400 (EDT)
On Wed, 20 Oct 2004, Mathew Want wrote:
> Hi,
>
> I was wondering if anyone else had noticed a large increase in scans and
> crack attempts against SSH. I found a reference to
> http://www.k-otik.com/exploits/08202004.brutessh2.c.php which would
> explain the pattern of usernames I had seen originally (i.e. test, guest and
> root).
Yep, it's up. I haven't seen anyone with a good capture of the
client-side code though. If you can track one back to a source who's
willing to allow some poking, or provide the hostile code, I'm interested,
especially in the more aggressive version.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul@compuwar.net which may have no basis whatsoever in fact."
probertson@trusecure.com Director of Risk Assessment TruSecure Corporation
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Catalina Scott Contr AFCA/EVEO: "RE: [fw-wiz] Pass-through VPN"
- In reply to: Mathew Want: "[fw-wiz] Increase in SSH Probing"
- Next in thread: Christine Kronberg: "Re: [fw-wiz] Increase in SSH Probing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
