Just so we're clear, I don't think this is the attackers SSH brute force logs; this is someone defending against it. Keep in mind how I found his page in the first place, by googling my attackers IP which was prefixed with "sshd[]: refused connect" in his Twitter stream. Additionally, if you google other IPs in his logs, most are on http://www.sshbl.org/ (the SSH blacklist) .
On Mon, Dec 28, 2009 at 3:00 PM, Scott Webster <[email protected]>wrote: > Interesting…. > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *xgermx > *Sent:* Monday, December 28, 2009 11:35 AM > > *To:* PaulDotCom Security Weekly Mailing List > *Subject:* Re: [Pauldotcom] http://twitter.com/sotohide_log > > > > I'm interested in who's following that account. Someone should follow/DM > them. > > On Mon, Dec 28, 2009 at 12:12 PM, Scott Webster <[email protected]> > wrote: > > Its been running from 10/9/2009, using perl net. And not very productive, > the times seem random. > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *xgermx > *Sent:* Monday, December 28, 2009 8:46 AM > > > *To:* PaulDotCom Security Weekly Mailing List > > *Subject:* [Pauldotcom] http://twitter.com/sotohide_log > > > > So I was checking some of my web server logs and I ran across an SHH brute > force attack coming from a Chinese IP. Upon googling the IP I find this > http://twitter.com/sotohide_log > Does anyone have any insight? > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
