-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We've been seeing this for months on every piece of equipment we have... and they are also trying to ssh on different ports as well. Not to mention you find things on torrent sites like 4.9 million word password lists for brute force attacks. These lists are only 14MB and of course every teenager that wants to be 3L33T or 3L!TE (or however the kidz type it) and has highspeed download that crap... It's gonna take 2 minutes to snag that list and fire off some script. And of course now days most of the scripts/apps have throttling so they just leave the machine run for weeks at a time and they don't bog their connection down.
mike On Friday 14 January 2005 10:09 pm, Ted Kat. wrote: > Today is the first day in two weeks that I haven't been attacked. > ssh seems to be secure; That is if your users have "secure" passwords. > > A friend sent me this here link > http://www.k-otik.com/exploits/08202004.brutessh2.c.php > names match my logs. > > Check your logs people :) > > > ===== > Ted Katseres > > |-----------------------------------------| > |---------signature here------------------| > |-----------------------------------------| > > __________________________________ > Do you Yahoo!? > Take Yahoo! Mail with you! Get it on your mobile phone. > http://mobile.yahoo.com/maildemo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFB7C8qmUFtrUUciv4RAlxQAJ0eXJL3jRL773ZK+Ckf5CqkAZWGtACfdGx4 vzRJ1H92vW46kq87zVWgEAk= =e2sD -----END PGP SIGNATURE-----
