Re: [fw-wiz] RE: SSH brute force attack

From: Christine Kronberg (Christine_Kronberg_at_genua.de)
Date: 07/21/05

  • Next message: Marcus J. Ranum: "Re: [fw-wiz] VOIP versus PBX"
    To: firewall-wizards@honor.icsalabs.com
    Date: Thu, 21 Jul 2005 17:23:23 +0200 (CEST)
    
    

    On Tue, 19 Jul 2005, Mark Ness wrote:

    > I have seen lots of views on this subject, and if your security is good, the
    > chances of any of these
    > attacks getting in are minimal, but the possibility is there, and, since
    > these are not customers viewing
    > our home pages, but deliberate attempts at a login through ssh where they
    > have no business trying to l
    > login in the first place (many of them attempts at root) they are only
    > interested in breaking in for
    > whatever purpose, who knows. Maybe just for the challenge? Maybe to hijack
    > your box? Maybe ID theft?

       To install any kind of irc tools (psybnc and energy mech are favourites),
       rootkits, phishing- and spamware, DoS and scanning tools. At least that's
       what the kiddies tried on my homebred honeypot. So in my opinion those who
       try have a criminal intention.

       Have fun,

                                                              Chris Kronberg.

    -- 
    GeNUA mbH
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Marcus J. Ranum: "Re: [fw-wiz] VOIP versus PBX"