Re: SSH bruteforce on its way...
From: Justin (justinvinn_at_gmail.com)
Date: 10/24/05
- Previous message: Tim Kennedy: "Re: [incidents] Re: SSH bruteforce on its way..."
- In reply to: jouser_at_gmail.com: "Re: SSH bruteforce on its way..."
- Next in thread: Russell Fulton: "Re: SSH bruteforce on its way..."
- Reply: Russell Fulton: "Re: SSH bruteforce on its way..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 24 Oct 2005 14:09:03 -0400 To: "jouser@gmail.com" <jouser@gmail.com>
Jouser,
Nah, there were some exploits a while back that took advanteage in
some timing flaws in the SSHd that let attackers determin valid
usernames.
peace,
--Justin
On 21 Oct 2005 18:05:27 -0000, jouser@gmail.com <jouser@gmail.com> wrote:
> I didn't think it was possible to determine valid usernames by themselves? You either have a valid username AND password or not.
>
- Previous message: Tim Kennedy: "Re: [incidents] Re: SSH bruteforce on its way..."
- In reply to: jouser_at_gmail.com: "Re: SSH bruteforce on its way..."
- Next in thread: Russell Fulton: "Re: SSH bruteforce on its way..."
- Reply: Russell Fulton: "Re: SSH bruteforce on its way..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
