Re: [fw-wiz] RE: SSH brute force attack

From: Christine Kronberg (Christine_Kronberg_at_genua.de)
Date: 07/21/05

  • Next message: Marcus J. Ranum: "Re: [fw-wiz] VOIP versus PBX"
    To: firewall-wizards@honor.icsalabs.com
    Date: Thu, 21 Jul 2005 17:23:23 +0200 (CEST)
    
    

    On Tue, 19 Jul 2005, Mark Ness wrote:

    > I have seen lots of views on this subject, and if your security is good, the
    > chances of any of these
    > attacks getting in are minimal, but the possibility is there, and, since
    > these are not customers viewing
    > our home pages, but deliberate attempts at a login through ssh where they
    > have no business trying to l
    > login in the first place (many of them attempts at root) they are only
    > interested in breaking in for
    > whatever purpose, who knows. Maybe just for the challenge? Maybe to hijack
    > your box? Maybe ID theft?

       To install any kind of irc tools (psybnc and energy mech are favourites),
       rootkits, phishing- and spamware, DoS and scanning tools. At least that's
       what the kiddies tried on my homebred honeypot. So in my opinion those who
       try have a criminal intention.

       Have fun,

                                                              Chris Kronberg.

    -- 
    GeNUA mbH
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Marcus J. Ranum: "Re: [fw-wiz] VOIP versus PBX"

    Relevant Pages

    • Re: [fw-wiz] RE: SSH brute force attack
      ... I have seen lots of views on this subject, and if your security is good, ... the chances of any of these ... attacks getting in are minimal, but the possibility is there, and, since ... login in the first place they are only ...
      (Firewall-Wizards)
    • Re: Limit the number of erroneous logins of root from the same IP
      ... After the limit that IP can not try to login anymore. ... be careful about reacting to spoof attacks. ... I've seen idiots trying to spoof login attempts from ... It offered three options - add a host reject route (man ...
      (alt.os.linux.redhat)
    • Re: SPAM-LOW: passw0rd trial limit
      ... login process the more requests are send. ... As attacks through web applications continue to ... Download FREE whitepaper on how a managed service can ...
      (Pen-Test)
    • Re: passw0rd trial limit
      ... he/she can only login for aboout 2 hours later ... configuration)--then brute force the logins. ... As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. ... You have an option to go with a managed service or an enterprise software. ...
      (Pen-Test)
    • RE: cant figure out ssh, read lots of docs...
      ... All the talk so far has been about how to stop attacks at your front ... abuse-reporting-system scripts. ... using common user names as login names if I may. ... were for the root account. ...
      (freebsd-questions)