Re: make ssh log massword entered?
From: Nico Kadel-Garcia (nkadel_at_comcast.net)
Date: 11/23/05
- Next message: dare_eagle_at_yahoo.com: "Re: SSH unable to connect"
- Previous message: ash_at_fakedomainxx.com: "make ssh log massword entered?"
- In reply to: ash_at_fakedomainxx.com: "make ssh log massword entered?"
- Next in thread: Darren Tucker: "Re: make ssh log massword entered?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Nov 2005 08:01:46 -0500
<ash@fakedomainxx.com> wrote in message
news:newscache$sjqeqi$9rl$1@news.rootshell.be...
>
> Recently there has been dozens of ssh cracking on my site. They were not
> real hackers because they simply tried to guess the passwords using all
> kind of imaginable usernames, admin, webmaster, oracle. . . you name it,
> but they were very patient, the log shows they worked on it for over an
> hour.
>
> While no harm is done, I'm interested in knowing what kind of passwords
> they would guess. Is there a way to make ssh log the password entered?
> Thanks.
For an example, take a look at the old Alec Moffett written "crack" program.
I still use it or variants of it occasionally against sites that use the old
"crypt" style passwords, and consistently get about 10% of the passwords.
- Next message: dare_eagle_at_yahoo.com: "Re: SSH unable to connect"
- Previous message: ash_at_fakedomainxx.com: "make ssh log massword entered?"
- In reply to: ash_at_fakedomainxx.com: "make ssh log massword entered?"
- Next in thread: Darren Tucker: "Re: make ssh log massword entered?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
