LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for August 28, 2008

Fedora, Red Hat, and distributor security

LWN.net Weekly Edition for August 21, 2008

Standards, the kernel, and Postfix

In defense of Ubuntu

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Brute-Force SSH Server Attacks Surge (InformationWeek)

Brute-Force SSH Server Attacks Surge (InformationWeek)

Posted May 14, 2008 18:28 UTC (Wed) by smoogen (subscriber, #97)
In reply to: Brute-Force SSH Server Attacks Surge (InformationWeek) by AJWM
Parent article: Brute-Force SSH Server Attacks Surge (InformationWeek) 

Yes they have been doing this for a while.. The latest set of attacks are using it more. I
have seen attacks where machine A goes for account "foo, foo1, foo2" and then machine B does
"foo3, foo4, foo5" and then machine C goes for "foo6, goo, goo1" and machine A tries again
(well its a lot bigger than that but just logging in once and coming back an hour later is
enough to get past most public ssh servers fail2ban systems.) Add onto that a lot of users
think Q1w2e3r4 is a good password and are sure to get some account on a university or big ISP
sometime.

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds