Re: SSH bruteforce on its way...

From: Volker Tanger (vtlists_at_wyae.de)
Date: 10/26/05

Next message: Kurt Seifried: "Re: SSH bruteforce on its way..."

Previous message: Bryan Hatter: "Re: SSH bruteforce on its way..."
In reply to: Javier Fernandez-Sanguino: "Re: SSH bruteforce on its way..."
Next in thread: David Gillett: "SNMP worm?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 26 Oct 2005 19:00:19 +0200
To: incidents@securityfocus.com

Greetings!

Javier Fernandez-Sanguino <jfernandez@germinus.com> wrote:

> I would also be interesting to list what _accounts_ they probe for. I
> have a list of users/passwords recovered from some compromised systems

As I did not run a honed, I do not have the passwords. But here the
(quite limited) user list - note the "deutch" spelling mistake probably
intended to be "deutsch", the german word for german.

        abigail
        abseil
        absrl
        achim
        admin
        administrator
        Administrator
        amanda
        BACKUP
        celular
        demo
        deutch
        fluffy
        frauke
        frieda
        german
        guest
        information
        iris
        leonardo
        lpa
        lpd
        michael
        orders
        test
        thenz
        user

...and that's all.

Bye

Volker

-- 
Volker Tanger    http://www.wyae.de/volker.tanger/
--------------------------------------------------
vtlists@wyae.de                    PGP Fingerprint
378A 7DA7 4F20 C2F3 5BCC  8340 7424 6122 BB83 B8CB

Next message: Kurt Seifried: "Re: SSH bruteforce on its way..."

Previous message: Bryan Hatter: "Re: SSH bruteforce on its way..."
In reply to: Javier Fernandez-Sanguino: "Re: SSH bruteforce on its way..."
Next in thread: David Gillett: "SNMP worm?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]