Has anyone kept track of the passwords being used? I have been trying to find a nice simple sshd password logger so that I can set up a website that says "Is this your account? Is this your password?"
On 3/3/06, William Tarkington <[EMAIL PROTECTED]> wrote: > This appears to be related to a Romanian organized crime ring. > > They are using ssh scans + password lists for easy to guess servers. > From there they create a phishing site. > > It has been on the rise for about 3 months or so from my records. > > --Will > > > -----Original Message----- > From: Tom Frerichs [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 02, 2006 8:57 PM > To: [email protected] > Subject: RE: Internet SSH scans > > I'm seeing the same sorts of scans, but it seems to be only on hosts > that > offer web services and have publicly published URLs that might be found > in a > user's cache. > > Tom Frerichs - Denver > > -- Stephen J Smoogen. CSIRT/Linux System Administrator
