Re: SSH scans...
From: Barrie Dempster (barrie_at_reboot-robot.net)
Date: 12/20/04
- Previous message: Harald Nesland: "Re: SSH scans..."
- In reply to: Dejan Markovic: "SSH scans..."
- Next in thread: Tim Kennedy: "Re: [incidents] SSH scans..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: incidents@securityfocus.com Date: Mon, 20 Dec 2004 16:23:02 +0000
On Mon, 2004-12-20 at 10:21 -0500, Dejan Markovic wrote:
> need to ask if others have
> the same entries in their logs
<snip>
Yep ongoing SSH scanning using multiple SSH bruteforce type tools, this
has been discussed extensively on most of the infosec mailing lists.
ATM If you aren't seeing SSH bruteforce attempts in your logs then your
SSH server is down :-P
Google the user/pass combinations for more information eg..
http://www.google.com/search?sourceid=mozclient&ie=utf-8&oe=utf-8&q=frank+george+password+ssh
With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue
[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: Harald Nesland: "Re: SSH scans..."
- In reply to: Dejan Markovic: "SSH scans..."
- Next in thread: Tim Kennedy: "Re: [incidents] SSH scans..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
