Re: help:tool to bruteforce ssh connections




There are many issues that still today are unresolved. It does amaze the mind though.

--- On Mon, 5/11/09, Gregory Boyce <gregory.boyce@xxxxxxxxx> wrote:

From: Gregory Boyce <gregory.boyce@xxxxxxxxx>
Subject: Re: help:tool to bruteforce ssh connections
To: "cy10@xxxxxxxxxxxx" <cy10@xxxxxxxxxxxx>
Cc: "security-basics@xxxxxxxxxxxxxxxxx" <security-basics@xxxxxxxxxxxxxxxxx>
Date: Monday, May 11, 2009, 7:04 AM
I used to investigate and report
those sorts of attacks.  In just about every instance
the attacking system was one that had fallen to the exact
same attack.

The fact you see attacks is proof they still work.

On May 7, 2009, at 5:12 PM, cy10@xxxxxxxxxxxx
wrote:

I'd have to ask how effective this is as well. My
firewall alerts me every time some kid runs a bf on my ssh
door. I say kid, becuase if it's not root (does ANYONE still
allow ssh to root???) or some ridiculous username; admin,
sales, etc.

I used to get 50-100 such alerts from my firewall
everyday. After blocking entire countries (only four so far,
use your imagination) that number has dropped to like less
than a half dozen.

Kind of hard to believe there are still people out
there not securing SSH. Sigh...

/rant



------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot
Camp in both Instructor-Led and Online formats is the most
concentrated exam prep available. Comprehensive course
materials and an expert instructor means you pass the exam.
Gain a laser like insight into what is covered on the exam,
with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html

------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp
in both Instructor-Led and Online formats is the most
concentrated exam prep available. Comprehensive course
materials and an expert instructor means you pass the exam.
Gain a laser like insight into what is covered on the exam,
with zero fluff!
http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------






------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------