[Full-disclosure] SSH brute force blocking tool
- From: "J. Oquendo" <sil@xxxxxxxxxxxxxxx>
- Date: Mon, 27 Nov 2006 14:22:10 -0500
For those interested, I wrote a program called Sharpener which is an SSH brute force blocking tool that also reports back the offenders' addresses. I have begun posting the information on the attackers as well as sending out messages (whenever possible) to the admins of these domains. Think of it as an RBL for SSH attackers. The goal is to identify these machines in order for others to implement safeguards (ACL's) against these hosts. Feel free to comment/complain.
http://www.infiltrated.net/sharpener (tool)
http://www.infiltrated.net/bruteforcers (offenders)
--
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
sil . infiltrated @ net http://www.infiltrated.net
The happiness of society is the end of government.
John Adams
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-disclosure] SSH brute force blocking tool
- From: Tavis Ormandy
- Re: [Full-disclosure] SSH brute force blocking tool
- Prev by Date: Re: [Full-disclosure] The state of JavaScript Hacking
- Next by Date: Re: [Full-disclosure] Sasser or other nasty worm needed
- Previous by thread: [Full-disclosure] [SECURITY] [DSA 1219-1] New texinfo packages fix multiple vulnerabilities
- Next by thread: Re: [Full-disclosure] SSH brute force blocking tool
- Index(es):
