Re: SSH Scans



Michel Pereira typed:

After of seeing a lot of ssh scans on my firewalls and home PC, I
made a script that filters out the "Invalid User" entry inside
/var/log/messages and do some cleaning process, the result is a
dictionary (homebrew) of users that tried to login into my hosts.
Into the dictionary I saw english and Brazilian Portuguese words,
maybe we have Brazilian hackers running scan bots too. This work is
only for experiment and curiosity to see what is happening with
Internet today, you can get the script and dictionary in
http://www.michel.eti.br/2006/03/ssh-scans.html

If you have a better idea of sugestion, please mail me:
"michel@xxxxxxxxxxxxx"

You will see a lot of similar entries in log file(s) if you run SSH on
the standard port. In order to get around to having a clogged log
file, I altered SSHd to run on a non-standard port on the public box I
admin. It is not a *foolproof* solution, but it has worked for me so
far.

--
Ayaz Ahmed Khan

Then, gently touching my face, she hesitated for a moment as her
incredible eyes poured forth into mine love, joy, pain, tragedy,
acceptance, and peace. "'Bye for now," she said warmly.
-- Thea Alexander, "2150 A.D."


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------



Relevant Pages

  • RE: Windows Log
    ... a savvy user would be able to create problems with a script based method of recording user logons and logoffs. ... ' Choose a drive letter and enter your share name below. ... >>> education and the case study affords you unmatched consulting experience. ... >>> Computer Emergency Response Teams, ...
    (Security-Basics)
  • SSH Scans
    ... made a script that filters out the "Invalid User" entry inside ... you can get the script and dictionary ... education and the case study affords you unmatched consulting experience. ... Computer Emergency Response Teams, and Digital Investigations. ...
    (Security-Basics)
  • Re: P tone and placement
    ... the value of higher education. ... teacher formally trained as a CG performer, or teacher, or a teacher ... task Engineering couldn't do. ... When I delivered the script my manager ...
    (rec.music.classical.guitar)
  • Re: P tone and placement
    ... Ed. it's not just one guy at a festival who dissed Scott. ... the value of higher education. ... teacher formally trained as a CG performer, or teacher, or a teacher ... When I delivered the script my manager ...
    (rec.music.classical.guitar)
  • [Full-disclosure] SSH Scans - Homebrew dictionary
    ... made a script that filters out the "Invalid User" entry inside ... Into the dictionary I saw english and Brazilian Portuguese words, ... you can get the script and dictionary ...
    (Full-Disclosure)