Re: SSH attacks?

From: Thomas Hochstein (ml_at_ancalagon.inka.de)
Date: 07/30/04

Next message: Frank Knobbe: "Re: SSH attacks?"

Previous message: M Shirk: "FW: [Intrusions] Linux SSH scanning - test/guest"
In reply to: Jyri Hovila: "Re: SSH attacks?"
Next in thread: Matt Beland: "Re: SSH attacks?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: incidents@securityfocus.com
Date: Fri, 30 Jul 2004 07:40:30 +0200

Jyri Hovila schrieb:

> It seems that at least one host has been rooted somehow relating to the
> scans we're seeing:
>
> http://www.dslreports.com/forum/remark,10854834~mode=flat~days=9999~start=60

According to that thread, due to a weak passwort for the test-user.

> I'm pretty sure there is a new SSH exploit around. At least this clearly
> isn't a brute force attack.

All postings in the thread you are quoting - except your own ones ;) -
show no reason to suspect something like that.

-thh

Next message: Frank Knobbe: "Re: SSH attacks?"

Previous message: M Shirk: "FW: [Intrusions] Linux SSH scanning - test/guest"
In reply to: Jyri Hovila: "Re: SSH attacks?"
Next in thread: Matt Beland: "Re: SSH attacks?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]