Full Disclosure mailing list archives

Re: targetted SSH bruteforce attacks

From: iRAQi BlackHat <blackhat0 () gmail com>
Date: Thu, 17 Jun 2010 20:23:09 +0300

Answering the question of the topic: Yes.

If you plug-in a completely a new box to the internet, and watch the logs
you shall see there is an attack going on. The net is full of automated BOTS
running and they just keep hitting you (randomly or something).

BTW, a good solution to these problems is a Port-Knocking system, which
makes your service completely unexposed. See Tariq or any other PK system:
http://code.google.com/p/tariq/
http://www.portknocking.org/view/implementations


Regards,

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: targetted SSH bruteforce attacks, (continued)
- Re: targetted SSH bruteforce attacks Gary Baribault (Jun 17)
  - Re: targetted SSH bruteforce attacks Benji (Jun 17)
    - Re: targetted SSH bruteforce attacks Valdis . Kletnieks (Jun 17)
    - Re: targetted SSH bruteforce attacks Gary Baribault (Jun 17)
    - Re: targetted SSH bruteforce attacks Gary Baribault (Jun 17)
  - Re: targetted SSH bruteforce attacks Frank Bures (Jun 17)
    - Re: targetted SSH bruteforce attacks Gary Baribault (Jun 17)
- Re: targetted SSH bruteforce attacks dink (Jun 17)
  - Re: targetted SSH bruteforce attacks Michael Holstein (Jun 17)
- Re: targetted SSH bruteforce attacks dink (Jun 17)
- Re: targetted SSH bruteforce attacks iRAQi BlackHat (Jun 17)
- Re: targetted SSH bruteforce attacks Bob Onformon (Jun 18)